Report - evweinviw.com/WPMM8BgZ

Report Overview

Submitted URL
evweinviw.com/WPMM8BgZ
IP
104.21.6.137
ASN
#13335 CLOUDFLARENET
Submitted
2023-02-08 07:43:14
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
212

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
2.news-civuse.com	unknown	2023-01-17T14:01:55Z	2023-03-12T21:01:15Z	46 kB	913 kB	193.108.118.121
3.news-civuse.com	unknown	2023-01-17T14:01:56Z	2023-03-12T21:01:16Z	44 kB	850 kB	193.108.118.121
5.news-civuse.com	unknown	2023-01-18T21:46:36Z	2023-03-12T21:01:18Z	44 kB	834 kB	193.108.118.121
7.news-civuse.com	unknown	2023-01-18T21:46:36Z	2023-03-12T21:01:19Z	46 kB	854 kB	193.108.118.121
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	421 B	630 B	142.250.74.106
e1.o.lencr.org	6159	2021-08-20T09:36:30Z	2023-03-13T05:21:46Z	676 B	1.5 kB	23.36.76.226
zerossl.ocsp.sectigo.com	4049	2020-05-09T21:05:29Z	2023-03-13T05:14:15Z	696 B	1.6 kB	104.18.32.68
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	686 B	1.4 kB	142.250.74.131
cdn-d-img.pornhub.com	740189	2015-10-10T17:57:38Z	2023-03-13T08:27:29Z	55 kB	53 kB	205.185.208.60
1.news-civuse.com	unknown	2023-01-17T14:01:53Z	2023-03-12T21:01:15Z	43 kB	831 kB	193.108.118.121
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.3 kB	62 kB	34.120.237.76
9.news-civuse.com	unknown	2023-01-18T21:46:35Z	2023-03-12T21:01:21Z	44 kB	913 kB	193.108.118.121
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	3.4 kB	8.9 kB	23.36.76.226
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
errors.house	unknown	2022-11-11T11:51:47Z	2023-03-12T21:01:14Z	4.4 kB	4.6 kB	144.76.158.184
4.news-civuse.com	unknown	2023-01-18T21:46:36Z	2023-03-12T21:01:17Z	47 kB	1.0 MB	193.108.118.121
6.news-civuse.com	unknown	2023-01-18T21:46:36Z	2023-03-12T21:01:18Z	42 kB	714 kB	193.108.118.121
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.9 kB	34.160.144.191
browser.sentry-cdn.com	4393	2018-07-13T13:42:06Z	2023-03-13T08:50:22Z	4.8 kB	228 kB	151.101.66.217
8.news-civuse.com	unknown	2023-01-18T21:46:35Z	2023-03-12T21:01:20Z	45 kB	843 kB	193.108.118.121
10.news-civuse.com	unknown	2023-01-18T21:46:35Z	2023-01-19T02:25:16Z	37 kB	478 kB	193.108.118.121
evweinviw.com	477617	2022-01-02T16:28:10Z	2023-03-13T08:32:26Z	804 B	2.0 kB	104.21.6.137
news-civuse.com	unknown	2022-11-29T07:18:37Z	2023-03-13T08:32:26Z	47 kB	804 kB	193.108.118.121
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	52.88.112.71

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-08	medium	news-civuse.com/lands/38/lp.js	Phishing
2023-02-08	medium	news-civuse.com/revopush.js?v=4	Phishing
2023-02-08	medium	news-civuse.com/sw.js	Phishing
2023-02-08	medium	news-civuse.com/lands/38/index.php_files/pu.swf	Phishing
2023-02-08	medium	news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250	Phishing
2023-02-08	medium	news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250	Phishing
2023-02-08	medium	news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250	Phishing
2023-02-08	medium	news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250	Phishing
2023-02-08	medium	news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250	Phishing
2023-02-08	medium	1.news-civuse.com/lands/38/lp.js	Phishing
2023-02-08	medium	news-civuse.com/lands/38/jquery-3.2.1.min.js	Phishing
2023-02-08	medium	1.news-civuse.com/lands/38/jquery-3.2.1.min.js	Phishing
2023-02-08	medium	1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js	Phishing
2023-02-08	medium	1.news-civuse.com/sw.js	Phishing
2023-02-08	medium	1.news-civuse.com/lands/38/index.php_files/pu.swf	Phishing
2023-02-08	medium	1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250	Phishing
2023-02-08	medium	1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250	Phishing
2023-02-08	medium	1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250	Phishing
2023-02-08	medium	1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250	Phishing
2023-02-08	medium	1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250	Phishing
2023-02-08	medium	1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250	Phishing
2023-02-08	medium	2.news-civuse.com/lands/38/lp.js	Phishing
2023-02-08	medium	2.news-civuse.com/lands/38/jquery-3.2.1.min.js	Phishing
2023-02-08	medium	2.news-civuse.com/sw.js	Phishing
2023-02-08	medium	2.news-civuse.com/lands/38/index.php_files/pu.swf	Phishing
2023-02-08	medium	2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250	Phishing
2023-02-08	medium	2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250	Phishing
2023-02-08	medium	2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250	Phishing
2023-02-08	medium	2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250	Phishing
2023-02-08	medium	2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250	Phishing
2023-02-08	medium	3.news-civuse.com/lands/38/lp.js	Phishing
2023-02-08	medium	3.news-civuse.com/lands/38/jquery-3.2.1.min.js	Phishing
2023-02-08	medium	2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js	Phishing
2023-02-08	medium	3.news-civuse.com/sw.js	Phishing
2023-02-08	medium	3.news-civuse.com/lands/38/index.php_files/pu.swf	Phishing
2023-02-08	medium	3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250	Phishing
2023-02-08	medium	3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250	Phishing
2023-02-08	medium	3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250	Phishing
2023-02-08	medium	3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250	Phishing
2023-02-08	medium	3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250	Phishing
2023-02-08	medium	3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250	Phishing
2023-02-08	medium	4.news-civuse.com/sw.js	Phishing
2023-02-08	medium	4.news-civuse.com/lands/38/index.php_files/pu.swf	Phishing
2023-02-08	medium	4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250	Phishing
2023-02-08	medium	4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250	Phishing
2023-02-08	medium	4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250	Phishing
2023-02-08	medium	4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250	Phishing
2023-02-08	medium	4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250	Phishing
2023-02-08	medium	4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250	Phishing
2023-02-08	medium	5.news-civuse.com/lands/38/lp.js	Phishing
2023-02-08	medium	5.news-civuse.com/sw.js	Phishing
2023-02-08	medium	5.news-civuse.com/lands/38/index.php_files/pu.swf	Phishing
2023-02-08	medium	5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250	Phishing
2023-02-08	medium	5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250	Phishing
2023-02-08	medium	5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250	Phishing
2023-02-08	medium	5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250	Phishing
2023-02-08	medium	5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250	Phishing
2023-02-08	medium	5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250	Phishing
2023-02-08	medium	6.news-civuse.com/lands/38/lp.js	Phishing
2023-02-08	medium	5.news-civuse.com/lands/38/jquery-3.2.1.min.js	Phishing
2023-02-08	medium	4.news-civuse.com/lands/38/jquery-3.2.1.min.js	Phishing
2023-02-08	medium	4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js	Phishing
2023-02-08	medium	6.news-civuse.com/lands/38/index.php_files/pu.swf	Phishing
2023-02-08	medium	6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250	Phishing
2023-02-08	medium	6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250	Phishing
2023-02-08	medium	6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250	Phishing
2023-02-08	medium	6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250	Phishing
2023-02-08	medium	6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250	Phishing
2023-02-08	medium	6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250	Phishing
2023-02-08	medium	7.news-civuse.com/lands/38/lp.js	Phishing
2023-02-08	medium	7.news-civuse.com/sw.js	Phishing
2023-02-08	medium	7.news-civuse.com/lands/38/index.php_files/pu.swf	Phishing
2023-02-08	medium	7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250	Phishing
2023-02-08	medium	7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250	Phishing
2023-02-08	medium	7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250	Phishing
2023-02-08	medium	7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250	Phishing
2023-02-08	medium	7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250	Phishing
2023-02-08	medium	7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250	Phishing
2023-02-08	medium	8.news-civuse.com/lands/38/lp.js	Phishing
2023-02-08	medium	3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js	Phishing
2023-02-08	medium	8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js	Phishing
2023-02-08	medium	8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250	Phishing
2023-02-08	medium	8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250	Phishing
2023-02-08	medium	8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250	Phishing
2023-02-08	medium	8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250	Phishing
2023-02-08	medium	8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250	Phishing
2023-02-08	medium	8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250	Phishing
2023-02-08	medium	9.news-civuse.com/lands/38/lp.js	Phishing
2023-02-08	medium	9.news-civuse.com/lands/38/jquery-3.2.1.min.js	Phishing
2023-02-08	medium	9.news-civuse.com/sw.js	Phishing
2023-02-08	medium	9.news-civuse.com/lands/38/index.php_files/pu.swf	Phishing
2023-02-08	medium	9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js	Phishing
2023-02-08	medium	9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250	Phishing
2023-02-08	medium	9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250	Phishing
2023-02-08	medium	9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250	Phishing
2023-02-08	medium	9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250	Phishing
2023-02-08	medium	9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250	Phishing
2023-02-08	medium	10.news-civuse.com/revopush.js?v=4	Phishing
2023-02-08	medium	10.news-civuse.com/lands/38/jquery-3.2.1.min.js	Phishing
2023-02-08	medium	7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js	Phishing
2023-02-08	medium	10.news-civuse.com/sw.js	Phishing
2023-02-08	medium	news-civuse.com/lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js	Phishing
2023-02-08	medium	7.news-civuse.com/lands/38/jquery-3.2.1.min.js	Phishing
2023-02-08	medium	8.news-civuse.com/lands/38/jquery-3.2.1.min.js	Phishing
2023-02-08	medium	10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js	Phishing
2023-02-08	medium	6.news-civuse.com/lands/38/jquery-3.2.1.min.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (23)

	URL	Size	First Seen	Last Seen
	news-civuse.com/lands/38/lp.js	1.4 kB	2023-03-07	2024-01-16
Pretty URL news-civuse.com/lands/38/lp.js IP 193.108.118.121 ASN #61003 GlobalTeleHost Corp. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:59 Last Seen2024-01-16 00:42:06 Times Seen1050 Hash 8441b469fa0c093bd106a66a4068d944 c3698e755cd1ef7b5d29e233ef615219559a96f3 befe8e9f55c6e3fe10fd398534acb713129764b05d852089ac34bfa535a53902 Loading...

	news-civuse.com/lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js	64 kB	2023-03-07	2023-11-23
Pretty URL news-civuse.com/lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js IP 193.108.118.121 ASN #61003 GlobalTeleHost Corp. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:59 Last Seen2023-11-23 03:29:16 Times Seen179 Hash 317b0088540e88d73374a9709c846e42 c370b866f9418add845893d32fa3fd3b6af0f63f f30b68d10443a47256ba33ecd924375f8e559c8bfd56950b973323a835c54692 Loading...

	news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=	243 B	2023-03-09	2023-04-08
Pretty URL news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4= IP 193.108.118.121 ASN #61003 GlobalTeleHost Corp. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 11:53:42 Last Seen2023-04-08 21:49:46 Times Seen28 Hash 306b9c36f29345036be9308b78c4567e 0d6c10d462503a447c0f8cc02a2b084a8b899019 905e16120ec4fa11f2fc3e7b026933486325201162b18861cdb2e5fe271ba001 Loading...

	unknown	0 B	2023-03-07	2024-04-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-20 05:05:57 Times Seen36969709 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=	415 B	2023-03-13	2023-03-13
Pretty URL 6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4= IP 193.108.118.121 ASN #61003 GlobalTeleHost Corp. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:33:45 Last Seen2023-03-13 19:33:45 Times Seen1 Hash 83f265c7b18325e1839e0138bddcaba6 3a10f50b3826620931c8ead779b876262ee2356d 385866e13490787400ce92835ec7ac1f3bd4586ef85ec059f866c81211f412cf Loading...

	7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=	415 B	2023-03-13	2023-03-13
Pretty URL 7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4= IP 193.108.118.121 ASN #61003 GlobalTeleHost Corp. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:33:45 Last Seen2023-03-13 19:33:45 Times Seen1 Hash aac53c810a903663d8fdbdc0a20ab344 7b6a24311f389efd61b779405adc00b794d9ab76 6b81299fa20b78c9633b4b932ec6d291c9c3488f57cf90bc157fb6f354b29781 Loading...

	8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=	415 B	2023-03-13	2023-03-13
Pretty URL 8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4= IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:33:45 Last Seen2023-03-13 19:33:45 Times Seen1 Hash 8d1c12923384441777f7cb9966959769 d5f8805ca7c9c134d2ce5ebb7791b2ae7c4dcb9a 37f70ce2f4d938d7c9cc02e0851c2df5d2550eccaf8a6e152e7ee54b5c6b7dfc Loading...

	9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=	415 B	2023-03-13	2023-03-13
Pretty URL 9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4= IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:33:45 Last Seen2023-03-13 19:33:45 Times Seen1 Hash 4574f59cd269b91ca45a9c842f6670f8 43e7b2a60405d39dcffc1653fa1048cf6a7e3d75 594c5e9348d4724673185392ec8f12a20998e9eead74322d52a88886b4e791bc Loading...

	news-civuse.com/lands/38/jquery-3.2.1.min.js	87 kB	2023-03-07	2024-04-20
Pretty URL news-civuse.com/lands/38/jquery-3.2.1.min.js IP 193.108.118.121 ASN #61003 GlobalTeleHost Corp. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-20 04:17:10 Times Seen61267 Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Loading...

	errors.house/js-sdk-loader/f1c7cfc107e94764b41b7a2b50de5ae0.min.js	1.9 kB	2023-03-09	2023-06-19
Pretty URL errors.house/js-sdk-loader/f1c7cfc107e94764b41b7a2b50de5ae0.min.js IP 144.76.158.184 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 11:53:42 Last Seen2023-06-19 23:11:30 Times Seen329 Hash 80932f4dcde89b05c9a4e8f491d1137a 790824b7aee301fa9a3794fa34b7cef37a88f730 9a0262ebf8e5fcb4028b6ea0876c9e06270170be66a752a08dd4acdfa6ca7b93 Loading...

	news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=	3.0 kB	2023-03-07	2023-04-05
Pretty URL news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4= IP 193.108.118.121 ASN #61003 GlobalTeleHost Corp. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:59 Last Seen2023-04-05 02:09:48 Times Seen93 Hash 6a6dcd2f25ca31bf107638728da7e0c7 50726cca6cd7ee6f15cbcd1233a0d078abac6b7b 39f2681aa333a8b3eb254dbf2fc325ed69ece3536219be39f4f96b221ae737d3 Loading...

	news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=	409 B	2023-03-07	2023-04-17
Pretty URL news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4= IP 193.108.118.121 ASN #61003 GlobalTeleHost Corp. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:59 Last Seen2023-04-17 14:30:45 Times Seen95 Hash ca80af2fba134561f58fd74fc8c3d33b a7e2a369abf063c3d1bc48de738a67a1c6ceaadb 8879b93f901d08dc218f20c4badf5e620bdbd262177d5c09ac303cad6fb7ccea Loading...

	browser.sentry-cdn.com/7.15.0/bundle.es5.min.js	62 kB	2023-03-09	2023-06-19
Pretty URL browser.sentry-cdn.com/7.15.0/bundle.es5.min.js IP 151.101.66.217 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 11:53:42 Last Seen2023-06-19 23:11:30 Times Seen311 Hash 634a37896246a038d0abc4b8b3974e7a 3939dc20706846266b49b796189ba050c97e5e31 cab38c92e159d807e061b6e26849de7e32ce1b6e7cbd155aa8d755b8290cd333 Loading...

	2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=	415 B	2023-03-13	2023-03-13
Pretty URL 2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4= IP 193.108.118.121 ASN #61003 GlobalTeleHost Corp. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:33:46 Last Seen2023-03-13 19:33:46 Times Seen1 Hash 1e7b0730225d957845f0dd81e1ddf32b 627baf28899784c900625d0c349c8227af5da35a 77ae051ad935d41f02b8cdefd77ab213ebca6cc9afb08bceacfbb011122895db Loading...

	4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=	415 B	2023-03-13	2023-03-13
Pretty URL 4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4= IP 193.108.118.121 ASN #61003 GlobalTeleHost Corp. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:33:46 Last Seen2023-03-13 19:33:46 Times Seen1 Hash 094ece9d6e649f10bd22d3bc37ba2a5c 0f4e26515f4cec4e8c73ea38071695f70ac9f2ec 43623f3e47747b8a13f73a623e97aea7748742312b38aeea93227b55f242999f Loading...

	10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=	415 B	2023-03-13	2023-03-13
Pretty URL 10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4= IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:33:46 Last Seen2023-03-13 19:33:46 Times Seen1 Hash 08334ab8f4db1cd985a1012570e26b08 6cc4710fd6fb82fb13b93441d7fdfe2bd8a7630b 033abc627de73c56d9faff28032e095392e144858c67b8963199b8a3b562bc28 Loading...

	3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=	415 B	2023-03-13	2023-03-13
Pretty URL 3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4= IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:33:46 Last Seen2023-03-13 19:33:46 Times Seen1 Hash 9d5faee0e33a73b72de3cb04e6c9bca4 3441593942495c7ec2081e74f91c1bfc96f5f57d 7f480ab9e482b6a9b730e87ac78cb658157c094bb46c2117b0306b772feca1c7 Loading...

	5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=	415 B	2023-03-13	2023-03-13
Pretty URL 5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4= IP 193.108.118.121 ASN #61003 GlobalTeleHost Corp. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:33:46 Last Seen2023-03-13 19:33:46 Times Seen1 Hash 41085b28d5df6da15f978027e2d8ed60 3ad5c4df2feb59c535b9ad774cf1ea7992ea0781 0b4e858c3be6b86624812132d23dde58f55df8ab12bc732261d48d6517843c0c Loading...

	news-civuse.com/revopush.js?v=4	10 kB	2023-03-09	2024-02-20
Pretty URL news-civuse.com/revopush.js?v=4 IP 193.108.118.121 ASN #61003 GlobalTeleHost Corp. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 11:48:00 Last Seen2024-02-20 08:46:21 Times Seen5751 Hash fc284a0e5d580856ae4863715ad6733e eb69f303c80ff8e44abc9601b8616c0cf92faafa 2240a1d10744494668058ba210d0d87203609def9fd69d2ac82092ebc79583c0 Loading...

	news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=	415 B	2023-03-13	2023-03-13
Pretty URL news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4= IP 193.108.118.121 ASN #61003 GlobalTeleHost Corp. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:33:46 Last Seen2023-03-13 19:33:46 Times Seen1 Hash 3631f2854bda2de4827c9b8f205f22f1 bbcadca5bdd3e5d3e1ee3e7a8cfb6875d5dc548e 2849ae9271a858026371be22644e1b032b660ca3b692f3014d9bbb83d75f94d2 Loading...

	news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=	538 B	2023-03-07	2023-04-17
Pretty URL news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4= IP 193.108.118.121 ASN #61003 GlobalTeleHost Corp. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:59 Last Seen2023-04-17 14:30:45 Times Seen95 Hash 6cb5429e23ed1a33ce1d60409d9d87df 8fc1837679470fc0023ffc06eb03049ce8e6b629 4593cba64d9a93b60d9b7a1a4be1514cc629afe713903a4d8ccc62aa044ddd9d Loading...

	news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=	387 B	2023-03-07	2023-04-05
Pretty URL news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4= IP 193.108.118.121 ASN #61003 GlobalTeleHost Corp. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:59 Last Seen2023-04-05 02:09:48 Times Seen93 Hash f24f44a05ef75b56b90acd720a4d83e4 73397760c7dddfcfef2a2792b74f2a5595d92fe5 fcd38317d5f1a2b5ea44e215cd3e7022157545851a932f80e1678a5328a2affc Loading...

	1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=	415 B	2023-03-13	2023-03-13
Pretty URL 1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4= IP 193.108.118.121 ASN #61003 GlobalTeleHost Corp. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:33:46 Last Seen2023-03-13 19:33:46 Times Seen1 Hash 97633faccf3980a0d6569de04705376d 47a8c9ac0b7ac4854bebcd24c82d50e728d40e48 99c71615f4698b64b7a75007665c6eaf9ba99c32cb362f49b8ac4725f614922d Loading...

HTTP Transactions (1028)

URL IP Response Size

evweinviw.com/WPMM8BgZ

104.21.6.137

301 Moved Permanently

0 B

URL HTTP/1.1
evweinviw.com/WPMM8BgZ
IP
104.21.6.137:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WPMM8BgZ HTTP/1.1
Host: evweinviw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Wed, 08 Feb 2023 07:43:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 08 Feb 2023 08:43:01 GMT
Location: https://evweinviw.com/WPMM8BgZ
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SDMO1ypODYgi507JzEuWIVaPR%2FApChwfD87Ni5lA9vbA8dc7WB3HF6KHjwx3j6mUVnx154gEJlcXlamrrij8vktttDR5%2B3mYXKAxOodPLAwzAXkhYdV2eFAd3wrx2BdO"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7962bb628cf30b49-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dca68db7aea32f6683ce8d542c078f04
19c495238df74fca680e21f18627ff94de5dd2e5
35cab3987fc0e4a41b305cb208c1e33fa38ce8bdfd9f386c3dc0411dd4d5ac61

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35CAB3987FC0E4A41B305CB208C1E33FA38CE8BDFD9F386C3DC0411DD4D5AC61"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16489
Expires: Wed, 08 Feb 2023 12:17:50 GMT
Date: Wed, 08 Feb 2023 07:43:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7232
Expires: Wed, 08 Feb 2023 09:43:33 GMT
Date: Wed, 08 Feb 2023 07:43:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7979
Expires: Wed, 08 Feb 2023 09:56:00 GMT
Date: Wed, 08 Feb 2023 07:43:01 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 08 Feb 2023 07:34:12 GMT
content-type: application/json
age: 529
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: dl6OntJ84qFWDW02wpeu3UMd/LEuG58U8W625ClGOUoIMPnh5TdQdgVHbc7NcZrR6jZBovlCEsxZ5/m4U8RFuQ==
x-amz-request-id: 1YYWCYFPHGJDSDSP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 08 Feb 2023 07:35:51 GMT
age: 430
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:01 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
59a0be1e357e52f94aebc54f04e04d49
a5d08a95475f21b65f82c1a319f65918aa255932
8a1933eff34e7bc5b66c6946456445eb514353ef46379efac50c5c9e333b4a63

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "8A1933EFF34E7BC5B66C6946456445EB514353EF46379EFAC50C5C9E333B4A63"
Last-Modified: Tue, 07 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21556
Expires: Wed, 08 Feb 2023 13:42:17 GMT
Date: Wed, 08 Feb 2023 07:43:01 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.76.226

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
59a0be1e357e52f94aebc54f04e04d49
a5d08a95475f21b65f82c1a319f65918aa255932
8a1933eff34e7bc5b66c6946456445eb514353ef46379efac50c5c9e333b4a63

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "8A1933EFF34E7BC5B66C6946456445EB514353EF46379EFAC50C5C9E333B4A63"
Last-Modified: Tue, 07 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21555
Expires: Wed, 08 Feb 2023 13:42:17 GMT
Date: Wed, 08 Feb 2023 07:43:02 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Content-Type, Pragma, ETag, Retry-After, Backoff, Expires, Alert, Cache-Control, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 08 Feb 2023 06:51:20 GMT
age: 3102
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

zerossl.ocsp.sectigo.com/

104.18.32.68

200 OK

316 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
316 B (316 bytes)
Hash
a0f625d612b29e5ce14287caa92842bb
1db1733da8986a1754554785d805967faeeea979
450cf0617ce885a2106aa6fb0ebf76899fd6f05ded678e16da7ff6d0fe187c64

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 07:43:02 GMT
Content-Type: application/ocsp-response
Content-Length: 316
Connection: keep-alive
Last-Modified: Sun, 05 Feb 2023 15:45:50 GMT
Expires: Sun, 12 Feb 2023 15:45:49 GMT
Etag: "1db1733da8986a1754554785d805967faeeea979"
Cache-Control: max-age=373966,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7962bb66d9290b49-OSL

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16788
Expires: Wed, 08 Feb 2023 12:22:50 GMT
Date: Wed, 08 Feb 2023 07:43:02 GMT
Connection: keep-alive

news-civuse.com/lands/38/lp.js

193.108.118.121

200 OK

1.4 kB

URL HTTP/2
news-civuse.com/lands/38/lp.js
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
Unicode text, UTF-8 text
Size
1.4 kB (1418 bytes)
Hash
8441b469fa0c093bd106a66a4068d944
c3698e755cd1ef7b5d29e233ef615219559a96f3
befe8e9f55c6e3fe10fd398534acb713129764b05d852089ac34bfa535a53902

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/lp.js HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: application/javascript
content-length: 1418
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-58a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/revopush.js?v=4

193.108.118.121

200 OK

10 kB

URL HTTP/2
news-civuse.com/revopush.js?v=4
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (9954), with no line terminators
Size
10 kB (9954 bytes)
Hash
fc284a0e5d580856ae4863715ad6733e
eb69f303c80ff8e44abc9601b8616c0cf92faafa
2240a1d10744494668058ba210d0d87203609def9fd69d2ac82092ebc79583c0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /revopush.js?v=4 HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: application/javascript
content-length: 9954
last-modified: Thu, 15 Dec 2022 09:31:10 GMT
etag: "639ae95e-26e2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css

193.108.118.121

200 OK

4.0 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (4028), with no line terminators
Size
4.0 kB (4028 bytes)
Hash
64f6d7d923f18e5d25a4506b45fcd51d
0e636e489bba7af08cb17f8a72c5dc5685774057
18818b4b5458636324d294a8dee67dbde4808ae542e6cefa18ca6d90c1fc4479

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: text/css
content-length: 4028
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: "61deb724-fbc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css

193.108.118.121

200 OK

6.0 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (5955), with no line terminators
Size
6.0 kB (5955 bytes)
Hash
0fe9d8c60b2c31a97fa966d14be642ef
eb4f94b637c54906ae38eb350b6310d552c75e6d
191ae0d72198f51609589e26c7d837d2978382861f60b360148e0af13c8583e1

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: text/css
content-length: 5955
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1743"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css

193.108.118.121

200 OK

8.3 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (8327), with no line terminators
Size
8.3 kB (8327 bytes)
Hash
8cd6ca47d55ffed774fde852523940e0
49e1e837355b3de08055c650488d0a3382bff9c0
17528d5914a702bb12ac6b36c8e3bbbfbcd3d52b54dd613acbacf8f4bb17ae33

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: text/css
content-length: 8327
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: "61deb724-2087"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css

193.108.118.121

200 OK

1.4 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (1391), with no line terminators
Size
1.4 kB (1391 bytes)
Hash
677a255a4a9dc3411b8013e8afb09c42
ec9f1a722b028da2eceb06cdc8c26fc6490a4e70
cc4494353809adb8bdfbbdea2ad72a1a0fc9c84816dc23c7ee1f9466e620eb5e

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: text/css
content-length: 1391
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-56f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/18.png

193.108.118.121

200 OK

12 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/18.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (12136 bytes)
Hash
833a12d372440b20017502d3c72e0b20
5fb9301142e3c53f65cd16502b35d7d1d5f82b98
1531ac56322b89715a35b1cdb5ca1f79f453614f368455b2cc8ef650a992f8cd

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/18.png HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/png
content-length: 12136
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2f68"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png

193.108.118.121

200 OK

22 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 150 x 40, 8-bit/color RGBA, non-interlaced\012- data
Size
22 kB (21724 bytes)
Hash
19b197d779dd9ee78737a456dbd5c1a6
a3f0b1d0659e5a76bdfaa52bb8f68096d1ab1359
806a8a4abe09c02f4e4b3ed4d6514bfcf1a93a941e838aadf56afaef858d8e37

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/png
content-length: 21724
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-54dc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/104.jpg

193.108.118.121

200 OK

28 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/104.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2014 (Windows), datetime=2016:03:16 09:26:15], baseline, precision 8, 118x88, components 3\012- data
Size
28 kB (27900 bytes)
Hash
c1a5819d50b9125f0c46ded86fd5b4b6
3926c15be79cb7522cefdbf5066d39623e36a283
374f0cede3c1f91ad174b97554017b74cbd29424d7467d039beab541f6deb873

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/104.jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 27900
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6cfc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg

193.108.118.121

200 OK

17 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 118x88, components 3\012- data
Size
17 kB (17350 bytes)
Hash
215029a9775d1e9a56c93912ab03f4c6
6a3dbd676e2ea61850d2a20086b9ec84127da0ae
e071c52839ef37679439165349ffdd98cf19aa7e35d0293a1bec69743db70b16

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 17350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-43c6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg

193.108.118.121

200 OK

12 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 118x88, components 3\012- data
Size
12 kB (12525 bytes)
Hash
ea52ae32ae4319fb03da1672b0c20ed3
4efd8189179b260a4b51fd4b28d729b6143ef00a
43a4ca83560d5720ffeccf17478d6a1741f86639f35744fb61fcb139dc3020a6

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 12525
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-30ed"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg

193.108.118.121

200 OK

11 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Size
11 kB (11238 bytes)
Hash
2f03fbd61721fdf46883333595050c77
8361f15c906a9457340fc21febd22b5ede56ac61
9f6c76cf695bc0785f4e4f8bb3abe93255af3ea1597307d567dc0fc93fa70560

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 11238
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2be6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg

193.108.118.121

200 OK

14 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Size
14 kB (13505 bytes)
Hash
9903db279cf9714141daac34523f39b6
ac412f9ce9b8c50155e9adb9f5095d82519ccd24
f562892c60fef407c954fd73d6908003c42f832c4ae86f8264438a576ce2c1cd

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 13505
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-34c1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg

193.108.118.121

200 OK

13 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 118x88, components 3\012- data
Size
13 kB (13106 bytes)
Hash
99a404d25bcdd47a141dafdbe046d0cf
04de642c5cbc865c29ab3599c1c4fa19f2a6ba8e
fbe779bcef340ba0b148f84b50a8323a2bbb493674e130bf877d87c6d163ed36

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 13106
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-3332"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg

193.108.118.121

200 OK

16 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Size
16 kB (15481 bytes)
Hash
5a34545daf4bc481bcbc3573062aa426
132d09d36ede8f32c3168ecaaa631e5959ce38ef
c044a81b14812c50f3142ad20d0ca862923daba2483eb164b0348ba98d3b7855

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 15481
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-3c79"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg

193.108.118.121

200 OK

18 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Size
18 kB (17978 bytes)
Hash
10e8794e65f20d32932985bf814b8965
0627b8648373340d2ba949fd7fe50611d11b033b
43b9f39f94acb50efb3b6981a6c931dcf25eefcc7b7734a927036255263eee39

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 17978
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-463a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif

193.108.118.121

200 OK

2.4 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
GIF image data, version 89a, 116 x 86\012- data
Size
2.4 kB (2350 bytes)
Hash
ec706a0634f1e5e06ad775b2b2ebdcf2
5a18c424f7b84b40709a6b78b2d632639bb3ff2b
9613f59211bd2194336c666d11a0d2e1daa4dd96d543e661f5835e0a621c2f5d

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/gif
content-length: 2350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-92e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg

193.108.118.121

200 OK

9.0 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xae3bf698", progressive, precision 8, 258x145, components 3\012- data
Size
9.0 kB (9007 bytes)
Hash
58357cada0f0171d2a84540391219649
57123e69e055b4d818faedec09884135c5d4a31e
742c68ecf3dcc1096143a0a5d00f4a15a3edb13fd497ea2931e67e66826addd0

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 9007
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-232f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg

193.108.118.121

200 OK

9.6 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x70755b56", progressive, precision 8, 258x145, components 3\012- data
Size
9.6 kB (9565 bytes)
Hash
8fcd27f0bcc790f75f46d275a19a6300
556d3ca4dec168c77ae4a73c0c6e8291ef1291c0
78410be719ee73e00845d44e100e280d3989fc3d0fa4d3dcfcd888f13ded1843

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 9565
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-255d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg

193.108.118.121

200 OK

15 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x541b39db", progressive, precision 8, 258x145, components 3\012- data
Size
15 kB (14653 bytes)
Hash
bb05342bd1f87ae7624aba323af77dca
4b7c875644d0b6a424abf06cda89ad135bd53d81
828e2c12259274e1eb1c212f3498fb31503462023c4b2642da4f795209b755de

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 14653
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-393d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg

193.108.118.121

200 OK

10 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1d6d8e5e", progressive, precision 8, 258x145, components 3\012- data
Size
10 kB (10352 bytes)
Hash
1541881a313c963dc754657aefd89ef0
fb41198c81ac17da4f9a34e4b4bf21c8c7fe6001
75e1629d9fad2e22b9d9983c65874a19a3f639db43c11db713a7f972b8f72117

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 10352
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2870"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg

193.108.118.121

200 OK

9.0 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 258x145, components 3\012- data
Size
9.0 kB (9032 bytes)
Hash
6c17c634ebd856cc85bedd931ac01680
d1e1b9358749b9fd4ff851bb4cbdce54a6223ce8
c1ced3a91bde391f64c6cef03b164cd89ffd499fa5d75a3f797bc57b1fc3c191

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 9032
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2348"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg

193.108.118.121

200 OK

8.3 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x8c97c7da", progressive, precision 8, 258x145, components 3\012- data
Size
8.3 kB (8266 bytes)
Hash
bc1cdeea817d887b981f26bc84236b93
4528ed7010e2e0c774890d6041a60cbeb3c69c92
d737ffd9379d8f2734c1dc6304e4ff75f1c946de29371a1ec9ddc01f423076dd

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 8266
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-204a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg

193.108.118.121

200 OK

9.3 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x7cd1fc83", progressive, precision 8, 258x145, components 3\012- data
Size
9.3 kB (9338 bytes)
Hash
5ec2461279f77afe0c6fbb935bd0b94a
95c6e9171db79ea69ce718b02484e36816d1a1cd
ac60e5738d3cf6d32004e1ddfcf4368e256f1928ea923f9369869b8e9af665ba

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 9338
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-247a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg

193.108.118.121

200 OK

9.9 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x50dba82c", progressive, precision 8, 258x145, components 3\012- data
Size
9.9 kB (9914 bytes)
Hash
eed80bba1e2813e70d57a5f3a6bbdf09
3965668a7340d071731a89abf73cc4b3efe4dac3
9ef4f06c23420fae9b1fd163d0719be1b2b258d74d27f7933c810ad64c93ac93

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 9914
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-26ba"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg

193.108.118.121

200 OK

8.9 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1f7d625b", progressive, precision 8, 258x145, components 3\012- data
Size
8.9 kB (8885 bytes)
Hash
77df6b7e2677b46a053508a92026cb8a
decad70c5281062495250250fdf985b6073a8a91
6143cd3687b480264dad4e3d3a237c30c26c859ef7fe1c2a7b32472fb65710c0

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 8885
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-22b5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg

193.108.118.121

200 OK

12 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 258x145, components 3\012- data
Size
12 kB (12127 bytes)
Hash
081a01df58865529d3edcbc765c4dcb5
a7fe3ca35fe5e244926a80addda994218806f613
edebf400c8f60c306491e7b2f8a695b7dde10cf49eed66125423571a1cd60d05

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 12127
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2f5f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/button.png

193.108.118.121

200 OK

20 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/button.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 107 x 93, 8-bit/color RGBA, non-interlaced\012- data
Size
20 kB (19948 bytes)
Hash
e2aadceedde9aef1bf42c176b31c585c
76c14eae7537160a304aa458bf11a985d5a57375
2b1ff8c49202306d33deac4cf49841f59c1a49d15c80a77c1e001369578cef3f

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/button.png HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/png
content-length: 19948
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-4dec"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/load.gif

193.108.118.121

200 OK

15 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/load.gif
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
GIF image data, version 89a, 64 x 64\012- data
Size
15 kB (14574 bytes)
Hash
571dfe045d66b88d2d5c82151a1bf579
8966eb7cd27754263bd2861737b695386273f423
7c7cd7a7155d3d38bb49fc82c83aa14ed24d56f6886623299b13b6a81486a871

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/load.gif HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/gif
content-length: 14574
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-38ee"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/flash.jpg

193.108.118.121

200 OK

3.8 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/flash.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Size
3.8 kB (3829 bytes)
Hash
d660b4b574161fdee86ae57edc8ed0ab
0b947dc39c7ba7415dd78683e06366ff3848b2d5
7483a49fc67a21c7a295b03880aa6c37425f3e96d60dff1ac36eff743ecf6078

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/flash.jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 3829
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-ef5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/panel.jpg

193.108.118.121

200 OK

24 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/panel.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2016:05:13 17:11:55], baseline, precision 8, 990x36, components 3\012- data
Size
24 kB (23598 bytes)
Hash
ab6b76c0cc6683324bd7fe5923b24d17
559b8b1e50f80b7a218e25ce443e523401882577
a923ea85ee73e53db73038b2ea8712e7e40b067cde25b05ffa999608b17a304d

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/panel.jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 23598
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-5c2e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg

193.108.118.121

200 OK

887 B

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
887 B (887 bytes)
Hash
7754ce192cf45ea10de0706da442d2ff
b5b7d0fcf5e84b04b34629d5a5a9c0bb69ca5238
0bfd7fc5264b6cede1f78a26a96cee917f96989822aa2aa20ac854e13ad46b2b

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 887
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-377"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg

193.108.118.121

200 OK

1.9 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.9 kB (1889 bytes)
Hash
ddf58dd1f8745a81264b21bcf1f9cc77
73a35df521dc648af06e2e490cac929bc681a06c
a2315bfaefeae19a449f38fe4131531c7603f5c7e75e956c240074da66123134

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 1889
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-761"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg

193.108.118.121

200 OK

1.4 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x2a0818fe", progressive, precision 8, 60x60, components 3\012- data
Size
1.4 kB (1394 bytes)
Hash
609e06417314a6476bc6d0f3c1900e20
0e2b0d425bd9e5cc0ebb386b093adf64d464ac1e
9450244a77e354c177c18a691c0e5f0c2fc5d0ddf921f40178cbb8bfe4a076ac

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 1394
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-572"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg

193.108.118.121

200 OK

2.6 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe705e0c1", progressive, precision 8, 60x60, components 3\012- data
Size
2.6 kB (2646 bytes)
Hash
677577d8c6ffb0107ee5c9fbabaa4af7
0bfcbbafee19eeeae113103080c41cd95b4083e5
3a215afa0d15ae2985cfb88e51e90b727f0ba03fe10f8e0b0980ef55af91bdb0

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 2646
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-a56"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg

193.108.118.121

200 OK

1.2 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.2 kB (1191 bytes)
Hash
1226a24c469c0fba3970548aab13650f
a6d371e4acc2a9181d1d6bf13b5d51f82c49a943
6a1513dacd3fcffe47245068fe9fa6a49cdc9c352b8d9cbf8f72005c4cf5cafc

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 1191
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-4a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg

193.108.118.121

200 OK

1.7 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.7 kB (1729 bytes)
Hash
3db490cc8f824e29d6fb07ba75a97a20
84c2c26447f7b49c76999f31c0ed526bde13c6c4
5c13ca439c63d5f3e5d638ba055f399058117d3b554ae3fb751d4a39043a14fd

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 1729
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6c1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg

193.108.118.121

200 OK

1.4 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xb7d2e3cb", progressive, precision 8, 60x60, components 3\012- data
Size
1.4 kB (1441 bytes)
Hash
47e765dc1abef2d79edafb5fce1c64b5
93d3e7f1e11dd2d98ca3ffb3b49a0211ed76f273
185540f06acc82b2dc4bdfa6d2deb4ce7454bb1e28783acdde67f8a9a90597b1

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 1441
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-5a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg

193.108.118.121

200 OK

1.8 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.8 kB (1809 bytes)
Hash
f042aa7a438ca85be0afeba44a3ac116
183c8b20394fdaf6ba757ff76d3f25e33092369e
05b76ed86b70990f4307223391e1c9abfff59ec545d75d94683c0f69713eed79

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 1809
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-711"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg

193.108.118.121

200 OK

1.9 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.9 kB (1902 bytes)
Hash
16b2fab44ddad0b620d0eaec2fc1e425
24fa279de6ceb2c0434ff4e750639e15eb22ed29
58076ed17c6377d23375ec949c6cb2eade75010dcf82ba0e64dbdcbd67583912

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 1902
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-76e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg

193.108.118.121

200 OK

1.1 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x0bb5b909", progressive, precision 8, 60x60, components 3\012- data
Size
1.1 kB (1085 bytes)
Hash
01ed303509acb0c822fa3c55976d4b96
7ed250f181498962ebafd21f1bde4ca15e6953c6
fba198ced4795895d1f6d0bc2247d315eb8cc6dda60ad119c99846d68d0ce445

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 1085
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-43d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg

193.108.118.121

200 OK

2.4 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xd191bb02", progressive, precision 8, 60x60, components 3\012- data
Size
2.4 kB (2350 bytes)
Hash
ec2823c426475d6766008dabf85a4bc2
f0681ce27ba96a1b4f6547a42495ebb5b0ca514a
2316f8554d54e907f9992475ced3bf03fc95412e98b2bc29aa6e5407260bcddd

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 2350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-92e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe0e89376", progressive, precision 8, 60x60, components 3\012- data
Size
2.0 kB (1979 bytes)
Hash
3f809b94b5e5607da5b5c6506a8729c1
26f4376095902a56db86ea2c76689f15ba3cf9c2
7b84461772bad27e431676a53efae81d8584a102f3f6f407ae0a54469a938ff6

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-7bb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg

193.108.118.121

200 OK

3.1 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xd191bb02", progressive, precision 8, 60x60, components 3\012- data
Size
3.1 kB (3063 bytes)
Hash
cbff1c490bcdcad2989c2549f278eae5
56e1b4489cfc0d54f9f72e15777788beba396c95
6d96d3de01207ab505c62b2da624ba787cabe4fee767c181b175186e50c23af4

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 3063
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-bf7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg

193.108.118.121

200 OK

1.8 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.8 kB (1758 bytes)
Hash
52eba434e5411806cd92add275d164ea
0cc9df3c52de111a307dc3d8d22254cf51b0c77f
a4c2a01f64274d0ede23e233e2be19225c68e5e5a6206b338fb8bc6410f7005f

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 1758
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6de"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png

193.108.118.121

200 OK

1.0 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
1.0 kB (1045 bytes)
Hash
c840b43a0575b0a1742c50f186a67c22
d1ac0da47b4394a9dbea90eee26a260b5268c4d9
6a8ef9be89e89c23d6d96c50e2fa62bd25473e9cc7a79e2cd1ef64e2647cb38a

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/png
content-length: 1045
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-415"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg

193.108.118.121

200 OK

1.4 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x2a0818fe", progressive, precision 8, 60x60, components 3\012- data
Size
1.4 kB (1373 bytes)
Hash
a08c2c5266f9701e422f042b4a3809c5
9884cf987f84b282f920634b2ab811077dfef7a3
054df6bf8ee2bcb904269745cd2c0830918d9e1a6ff1f965673af5f2946a3c37

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 1373
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-55d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg

193.108.118.121

200 OK

1.6 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe0e89376", progressive, precision 8, 60x60, components 3\012- data
Size
1.6 kB (1563 bytes)
Hash
bfa11442f9457a03384ecf8128a586a2
a30e6f6a18be085197605b6463f840cb249d0510
941411042624c554a5828ee596c1e3ade4a787ae2fad6e5b6d585ab6a6e1e3c6

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 1563
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-61b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png

193.108.118.121

200 OK

1.0 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
1.0 kB (1046 bytes)
Hash
96f46fad8cda5895b895f6ec3f95cda4
3bd79ef305bfa4b7c1a3f328828c63f89a818878
8e48576faf920cae224c669d61831d0ad5fc23f6220e83955275a3115bb568fc

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/png
content-length: 1046
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-416"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg

193.108.118.121

200 OK

887 B

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
887 B (887 bytes)
Hash
7754ce192cf45ea10de0706da442d2ff
b5b7d0fcf5e84b04b34629d5a5a9c0bb69ca5238
0bfd7fc5264b6cede1f78a26a96cee917f96989822aa2aa20ac854e13ad46b2b

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 887
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-377"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg

193.108.118.121

200 OK

841 B

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
841 B (841 bytes)
Hash
9cf522c306866742c2806e0c14c8bca7
7a3ff28af2c6f7cfd036ec4fc162651eaf634f7e
fa09bef7875241c06a9e2505bc698a189d3b3ce012af29c65817fd476627ec87

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 841
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-349"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg

193.108.118.121

200 OK

2.6 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe705e0c1", progressive, precision 8, 60x60, components 3\012- data
Size
2.6 kB (2553 bytes)
Hash
950ff8ae916df997fea302859ca2ccb4
42232e28878f65aaf4120d9435784ad46c2be71c
c0b01da5a48a7ddd619a2dee26bec77300b68bb1b028716320719f9c1a5f769e

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 2553
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-9f9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg

193.108.118.121

200 OK

4.6 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 150x84, components 3\012- data
Size
4.6 kB (4644 bytes)
Hash
0fa4a903a2adc9da58b52661ebc8d38c
061c6359c2951da7509f6ae4039c2f0bc1ce6b62
79d6da7e0398c3f607c4bbc93562cf6ab96bb800cdab4ef6df82718cf0a0d3e5

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 4644
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1224"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg

193.108.118.121

200 OK

4.4 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x550d5e4d", progressive, precision 8, 150x84, components 3\012- data
Size
4.4 kB (4397 bytes)
Hash
58477c52a9d639b91b16f022d4676bcf
51a85ef703617e996c50cd76b38f2507517a9f25
a0653cc819b252702f55439d6f8763d212fca2f9f604d67224a2a9891e8eadbe

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 4397
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-112d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg

193.108.118.121

200 OK

7.0 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x7ab4f024", progressive, precision 8, 233x131, components 3\012- data
Size
7.0 kB (6972 bytes)
Hash
2a4d527ed65de8e2e0a69dc9d50442d2
8ec4547a38c9e3d37469acfe21ea755531776f09
275876bbb5190da100ae4f9aca976ec15cea0de20d42e167f522a0a50ba8ca02

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 6972
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1b3c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg

193.108.118.121

200 OK

4.3 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x852b408e", progressive, precision 8, 150x84, components 3\012- data
Size
4.3 kB (4315 bytes)
Hash
365e215442256548316a73bc7c79edf1
13078402132cb89939a39edf11181fb88ebe390f
f8c35c02ff055694af23c83b1e3019a8c29965ab57ed7db8173a23a38494ff58

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 4315
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-10db"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg

193.108.118.121

200 OK

4.0 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x541b39db", progressive, precision 8, 150x84, components 3\012- data
Size
4.0 kB (4035 bytes)
Hash
416ec3af020687541765d48acb81fc08
48b80345ffb951535d4d6ca811d19bd9dd726998
75c30d77f900b2f4c91f502f45f00606b57a47bb84e6b700fb18482389d88f3c

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 4035
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-fc3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg

193.108.118.121

200 OK

8.6 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 233x131, components 3\012- data
Size
8.6 kB (8615 bytes)
Hash
55778c73ba99a9477464e5c90cdd7e02
bc49e8058f1dafe10e817441de952ba6aa3b7b58
c362fc3a2aafd1b0d8069fb1fae83b5f0abb06443d3e00b21b37be13aeb75bfa

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 8615
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-21a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg

193.108.118.121

200 OK

5.1 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x852b408e", progressive, precision 8, 150x84, components 3\012- data
Size
5.1 kB (5080 bytes)
Hash
72e270f7041c2fe2f326d11e162fb249
3f918a2023f10a01a2ed74713d292df415d14e05
b17ce663fab4421f728ea0dd218d2a8a6a10a4314759fdf139b9388fa26e37f6

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 5080
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-13d8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg

193.108.118.121

200 OK

4.4 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6359dcbc", progressive, precision 8, 150x84, components 3\012- data
Size
4.4 kB (4417 bytes)
Hash
447470b34b66b570c8fc0dbc11c06609
863180b376242e256189888eb99282e597d894c9
dd57f5a80517b8109279b57d702278f31a9878295045c6766931a0453244d749

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 4417
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1141"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg

193.108.118.121

200 OK

7.9 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 233x131, components 3\012- data
Size
7.9 kB (7904 bytes)
Hash
5df975e7a8c0b2610069610c54c5ce6c
ab6390fbb7be1be9a0f4477b4439e34d5175b6fc
bbfb6830dabc55fd598cc0948049f2367d17c80f286e0821e660ba7f5a6b360c

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 7904
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1ee0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg

193.108.118.121

200 OK

3.8 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x8c97c7da", progressive, precision 8, 150x84, components 3\012- data
Size
3.8 kB (3835 bytes)
Hash
6ed4eca1ed776930746531005fcf22aa
11e8643932e35a8ef65be8ef585afee241c8eddc
28849006b773d85fb8fb2295a86bcee5d2cdabb9a23d854ffebbd8dfd203588c

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 3835
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-efb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg

193.108.118.121

200 OK

4.7 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x550d5e4d", progressive, precision 8, 150x84, components 3\012- data
Size
4.7 kB (4664 bytes)
Hash
12f0c14e5943fd57577ce11155107bdb
a484cb296770fe6cb55d25cba19f831cf1aaf7d1
9eb468f7688a901a3626fdde8d0b07dc490a830718c2938d32f70f0ec122a344

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 4664
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1238"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg

193.108.118.121

200 OK

6.8 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1f7d625b", progressive, precision 8, 233x131, components 3\012- data
Size
6.8 kB (6827 bytes)
Hash
2ad4260dc1204ad8f3c0c29bd919830a
fd2ddfca32f55ba5d180af812a787e61ce136480
acc8f76a570c0833d34835f5694409e082b4af09783366596c2e151e0b0ed128

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 6827
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1aab"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif

193.108.118.121

200 OK

1.9 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
GIF image data, version 89a, 88 x 31\012- data
Size
1.9 kB (1882 bytes)
Hash
2bcf55138cde4a65770426a67ea247fc
13d8c808a4276dc88937817d7df7720182c093f6
348fd1e58aec8d99001aca1dd12b72eafef534c2d11725b2280a173d03b5fa6b

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/gif
content-length: 1882
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-75a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e3e21c5b9c6ce63a37f2840472fb7cd7
4c4a38a942ae2aee024225ced1d0c08af441d07b
60eb9863c4425aca9829c975a003ecc54fde71d556a0485456656352c2f59102

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60EB9863C4425ACA9829C975A003ECC54FDE71D556A0485456656352C2F59102"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11111
Expires: Wed, 08 Feb 2023 10:48:13 GMT
Date: Wed, 08 Feb 2023 07:43:02 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
325a8a10ce2837a8c6820e30572d181c
195d6189f0f10fcb301fce3af4c27028bbcb9eaa
2f1a0e948582fa64266617acc77e9beb71c5031d9cffe1bed1393a554f259810

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 07:43:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

52.88.112.71

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.88.112.71:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1huVjky6s1E85la5oIzjlQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: n3vTsPXlGRVxbvpavR8n/bNvTJw=

errors.house/js-sdk-loader/f1c7cfc107e94764b41b7a2b50de5ae0.min.js

144.76.158.184

200 OK

1.9 kB

URL HTTP/1.1
errors.house/js-sdk-loader/f1c7cfc107e94764b41b7a2b50de5ae0.min.js
IP
144.76.158.184:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (512)
Size
1.9 kB (1855 bytes)
Hash
80932f4dcde89b05c9a4e8f491d1137a
790824b7aee301fa9a3794fa34b7cef37a88f730
9a0262ebf8e5fcb4028b6ea0876c9e06270170be66a752a08dd4acdfa6ca7b93

HTTP Headers

GET /js-sdk-loader/f1c7cfc107e94764b41b7a2b50de5ae0.min.js HTTP/1.1
Host: errors.house
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://news-civuse.com
Connection: keep-alive
Referer: https://news-civuse.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Wed, 08 Feb 2023 07:43:02 GMT
Content-Type: text/javascript
Content-Length: 1855
Connection: close
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
Surrogate-Key: project/3 sdk/7.15.0 sdk-loader
X-Frame-Options: deny
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
325a8a10ce2837a8c6820e30572d181c
195d6189f0f10fcb301fce3af4c27028bbcb9eaa
2f1a0e948582fa64266617acc77e9beb71c5031d9cffe1bed1393a554f259810

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 07:43:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

news-civuse.com/sw.js

193.108.118.121

200 OK

4.2 kB

URL HTTP/2
news-civuse.com/sw.js
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (4168)
Size
4.2 kB (4199 bytes)
Hash
569090f90a522f4c62af3b9e40635957
4e6f57da49920f30777f3fe71f83f6183aeb4f3f
ee8c6af307c8d085753adb810c69c8379d1e8d01211b491409c43e9edc9f6fb5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sw.js HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: application/javascript
content-length: 4199
last-modified: Thu, 01 Dec 2022 08:31:02 GMT
etag: "63886646-1067"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/index.php_files/pu.swf

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
news-civuse.com/lands/38/index.php_files/pu.swf
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1953 bytes)
Hash
6d40122b8a5b7fd31b5aef2749f519fd
518d585dd26c947344ddea5403324850d1b2f7cd
1da7814acd0d6913438bf701d8a2d2cf29814174b5eff0e6ff129ee74f68a7cf

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/index.php_files/pu.swf HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: application/x-shockwave-flash
content-length: 1953
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css

193.108.118.121

200 OK

8.2 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
8.2 kB (8220 bytes)
Hash
09a3857817c56da56ca915546555bb33
4eef039030de077e7e63d2894f7d0951b1e137c8
44b605c2a3dcc7994d49fb945c6731ed8f03fc7154ab70f7c805c5b6e810e07f

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-8353"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1979 bytes)
Hash
613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250 HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1995 bytes)
Hash
1b6ee6a5fdcf3c781a0b768964797646
f0bf83f6368d7c31471ad258ce8cfb4848109192
511ad4ad0f3db18490c9b7876d44c887f60d78dd8d06a585367c0ab4ddbbe92f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250 HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/fon2.jpg

193.108.118.121

200 OK

234 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/fon2.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2014 (Windows), datetime=2016:06:21 11:55:20], baseline, precision 8, 990x513, components 3\012- data
Size
234 kB (234218 bytes)
Hash
60f67e63f85561c6f95fd573252d2311
6fc6d41b27131074786778522b86077f477dbd51
0e80e9257f1dd0149894bf37342cb082ef2410263de490e851111fa9531e15c6

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/fon2.jpg HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: image/jpeg
content-length: 234218
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-392ea"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1979 bytes)
Hash
613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250 HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1995 bytes)
Hash
787dca6a9c809e6dcc3d3018f3f639bb
cf5838982dcd16a1cca3e810716270434413ea80
6fe734b116afdc3782aef601ddee34dfa45e93c69ff372143f3ae187c47627d3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250 HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1995 bytes)
Hash
787dca6a9c809e6dcc3d3018f3f639bb
cf5838982dcd16a1cca3e810716270434413ea80
6fe734b116afdc3782aef601ddee34dfa45e93c69ff372143f3ae187c47627d3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250 HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2

browser.sentry-cdn.com/7.19.0/bundle.es5.min.js

151.101.66.217

200 OK

20 kB

URL HTTP/2
browser.sentry-cdn.com/7.19.0/bundle.es5.min.js
IP
151.101.66.217:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (62031)
Size
20 kB (20174 bytes)
Hash
1c6083f7ae34ed2fa3236569eec9ff56
0c1be1b5468042e65e02c8b886c50d26427c9ce7
2b1d69121eb9dc0629126ff02cf7acef2f1924b32b0bb654792ecd9101e10c44

HTTP Headers

GET /7.19.0/bundle.es5.min.js HTTP/1.1
Host: browser.sentry-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Sat, 11 Nov 2023 17:34:32 GMT
last-modified: Thu, 10 Nov 2022 15:50:35 GMT
etag: "1c6083f7ae34ed2fa3236569eec9ff56"
content-type: application/javascript; charset=utf-8
content-encoding: gzip
accept-ranges: bytes
date: Wed, 08 Feb 2023 07:43:03 GMT
age: 7654110
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 20174
X-Firefox-Spdy: h2

browser.sentry-cdn.com/7.15.0/bundle.es5.min.js

151.101.66.217

200 OK

20 kB

URL HTTP/2
browser.sentry-cdn.com/7.15.0/bundle.es5.min.js
IP
151.101.66.217:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (61994)
Size
20 kB (20163 bytes)
Hash
630573cba95f68cf0b327187fb13c020
d43f4f70268aa019fc4d2627cd477864dc291271
ece93676dd48b988b7f480f72442e66e243ed2d1a5989ed742687391c1f21ef6

HTTP Headers

GET /7.15.0/bundle.es5.min.js HTTP/1.1
Host: browser.sentry-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://news-civuse.com
Connection: keep-alive
Referer: https://news-civuse.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 08:56:47 GMT
last-modified: Mon, 10 Oct 2022 12:23:16 GMT
etag: "630573cba95f68cf0b327187fb13c020"
content-type: application/javascript; charset=utf-8
content-encoding: gzip
accept-ranges: bytes
date: Wed, 08 Feb 2023 07:43:03 GMT
age: 5957176
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 20163
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:03 GMT
cache-control: max-age=13260
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842183.dop201.sk1.t,1675842183.cds232.sk1.hn,1675842183.cds212.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:03 GMT
cache-control: max-age=17421
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842183.dop201.sk1.t,1675842183.cds232.sk1.hn,1675842183.cds247.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201504/13/47540711/original/3.jpg

205.185.208.60

200 OK

13 kB

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201504/13/47540711/original/3.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 258x145, components 3\012- data
Size
13 kB (13332 bytes)
Hash
dce82d44b4b11da45323c7fb3d48f2e8
1f89ba9a7c5f9bb914f4d9a8546119f68f7ddcfc
71035bfb92d2af8dd1b035d0b27b853e08adfc90b0c248d1ce3a131cf7631601

HTTP Headers

GET /m=ecuK8daaaa/videos/201504/13/47540711/original/3.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 08 Feb 2023 07:43:03 GMT
etag: "1576646962"
content-length: 13332
content-type: image/jpeg
last-modified: Wed, 18 Dec 2019 05:29:22 GMT
accept-ranges: bytes
cache-control: max-age=10377942
x-hw: 1675842183.dop201.sk1.t,1675842183.cds232.sk1.hn,1675842183.cds240.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:03 GMT
cache-control: max-age=20259
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842183.dop201.sk1.t,1675842183.cds232.sk1.hn,1675842183.cds251.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:03 GMT
cache-control: max-age=1577
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842183.dop201.sk1.t,1675842183.cds232.sk1.hn,1675842183.cds205.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:03 GMT
cache-control: max-age=5484
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842183.dop201.sk1.t,1675842183.cds232.sk1.hn,1675842183.cds003.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:03 GMT
cache-control: max-age=23824
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842183.dop201.sk1.t,1675842183.cds232.sk1.hn,1675842183.cds219.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:03 GMT
cache-control: max-age=12683
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842183.dop201.sk1.t,1675842183.cds232.sk1.hn,1675842183.cds001.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/lp.js

193.108.118.121

200 OK

1.4 kB

URL HTTP/2
1.news-civuse.com/lands/38/lp.js
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
Unicode text, UTF-8 text
Size
1.4 kB (1418 bytes)
Hash
8441b469fa0c093bd106a66a4068d944
c3698e755cd1ef7b5d29e233ef615219559a96f3
befe8e9f55c6e3fe10fd398534acb713129764b05d852089ac34bfa535a53902

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/lp.js HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: application/javascript
content-length: 1418
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-58a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

1.news-civuse.com/revopush.js?v=4

193.108.118.121

200 OK

10 kB

URL HTTP/2
1.news-civuse.com/revopush.js?v=4
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (9954), with no line terminators
Size
10 kB (9954 bytes)
Hash
fc284a0e5d580856ae4863715ad6733e
eb69f303c80ff8e44abc9601b8616c0cf92faafa
2240a1d10744494668058ba210d0d87203609def9fd69d2ac82092ebc79583c0

HTTP Headers

GET /revopush.js?v=4 HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: application/javascript
content-length: 9954
last-modified: Thu, 15 Dec 2022 09:31:10 GMT
etag: "639ae95e-26e2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css

193.108.118.121

200 OK

4.0 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (4028), with no line terminators
Size
4.0 kB (4028 bytes)
Hash
64f6d7d923f18e5d25a4506b45fcd51d
0e636e489bba7af08cb17f8a72c5dc5685774057
18818b4b5458636324d294a8dee67dbde4808ae542e6cefa18ca6d90c1fc4479

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: text/css
content-length: 4028
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: "61deb724-fbc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css

193.108.118.121

200 OK

6.0 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (5955), with no line terminators
Size
6.0 kB (5955 bytes)
Hash
0fe9d8c60b2c31a97fa966d14be642ef
eb4f94b637c54906ae38eb350b6310d552c75e6d
191ae0d72198f51609589e26c7d837d2978382861f60b360148e0af13c8583e1

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: text/css
content-length: 5955
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1743"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css

193.108.118.121

200 OK

8.3 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (8327), with no line terminators
Size
8.3 kB (8327 bytes)
Hash
8cd6ca47d55ffed774fde852523940e0
49e1e837355b3de08055c650488d0a3382bff9c0
17528d5914a702bb12ac6b36c8e3bbbfbcd3d52b54dd613acbacf8f4bb17ae33

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: text/css
content-length: 8327
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: "61deb724-2087"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css

193.108.118.121

200 OK

1.4 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (1391), with no line terminators
Size
1.4 kB (1391 bytes)
Hash
677a255a4a9dc3411b8013e8afb09c42
ec9f1a722b028da2eceb06cdc8c26fc6490a4e70
cc4494353809adb8bdfbbdea2ad72a1a0fc9c84816dc23c7ee1f9466e620eb5e

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: text/css
content-length: 1391
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-56f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/18.png

193.108.118.121

200 OK

12 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/18.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (12136 bytes)
Hash
833a12d372440b20017502d3c72e0b20
5fb9301142e3c53f65cd16502b35d7d1d5f82b98
1531ac56322b89715a35b1cdb5ca1f79f453614f368455b2cc8ef650a992f8cd

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/18.png HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/png
content-length: 12136
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2f68"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png

193.108.118.121

200 OK

22 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 150 x 40, 8-bit/color RGBA, non-interlaced\012- data
Size
22 kB (21724 bytes)
Hash
19b197d779dd9ee78737a456dbd5c1a6
a3f0b1d0659e5a76bdfaa52bb8f68096d1ab1359
806a8a4abe09c02f4e4b3ed4d6514bfcf1a93a941e838aadf56afaef858d8e37

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/png
content-length: 21724
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-54dc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/104.jpg

193.108.118.121

200 OK

28 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/104.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2014 (Windows), datetime=2016:03:16 09:26:15], baseline, precision 8, 118x88, components 3\012- data
Size
28 kB (27900 bytes)
Hash
c1a5819d50b9125f0c46ded86fd5b4b6
3926c15be79cb7522cefdbf5066d39623e36a283
374f0cede3c1f91ad174b97554017b74cbd29424d7467d039beab541f6deb873

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/104.jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 27900
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6cfc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg

193.108.118.121

200 OK

17 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 118x88, components 3\012- data
Size
17 kB (17350 bytes)
Hash
215029a9775d1e9a56c93912ab03f4c6
6a3dbd676e2ea61850d2a20086b9ec84127da0ae
e071c52839ef37679439165349ffdd98cf19aa7e35d0293a1bec69743db70b16

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 17350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-43c6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg

193.108.118.121

200 OK

12 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 118x88, components 3\012- data
Size
12 kB (12525 bytes)
Hash
ea52ae32ae4319fb03da1672b0c20ed3
4efd8189179b260a4b51fd4b28d729b6143ef00a
43a4ca83560d5720ffeccf17478d6a1741f86639f35744fb61fcb139dc3020a6

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 12525
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-30ed"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg

193.108.118.121

200 OK

11 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Size
11 kB (11238 bytes)
Hash
2f03fbd61721fdf46883333595050c77
8361f15c906a9457340fc21febd22b5ede56ac61
9f6c76cf695bc0785f4e4f8bb3abe93255af3ea1597307d567dc0fc93fa70560

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 11238
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2be6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/jquery-3.2.1.min.js

193.108.118.121

200 OK

44 kB

URL HTTP/2
news-civuse.com/lands/38/jquery-3.2.1.min.js
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
44 kB (43683 bytes)
Hash
38faff69cd8157ed3c0a0d868e68a2a9
5465ed29ad1a94d1e814320d62fee0f3c0601ebc
daf4345390a416fed7687b23a7315b2beab514067e1107b99882c65b1821d6eb

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/jquery-3.2.1.min.js HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: application/javascript
last-modified: Thu, 12 Sep 2019 09:33:06 GMT
etag: W/"5d7a10d2-15283"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg

193.108.118.121

200 OK

13 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 118x88, components 3\012- data
Size
13 kB (13106 bytes)
Hash
99a404d25bcdd47a141dafdbe046d0cf
04de642c5cbc865c29ab3599c1c4fa19f2a6ba8e
fbe779bcef340ba0b148f84b50a8323a2bbb493674e130bf877d87c6d163ed36

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 13106
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-3332"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:03 GMT
cache-control: max-age=13260
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842183.dop201.sk1.t,1675842183.cds232.sk1.hn,1675842183.cds212.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg

193.108.118.121

200 OK

18 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Size
18 kB (17978 bytes)
Hash
10e8794e65f20d32932985bf814b8965
0627b8648373340d2ba949fd7fe50611d11b033b
43b9f39f94acb50efb3b6981a6c931dcf25eefcc7b7734a927036255263eee39

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 17978
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-463a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:03 GMT
cache-control: max-age=20259
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842183.dop201.sk1.t,1675842183.cds232.sk1.hn,1675842183.cds251.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif

193.108.118.121

200 OK

2.4 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
GIF image data, version 89a, 116 x 86\012- data
Size
2.4 kB (2350 bytes)
Hash
ec706a0634f1e5e06ad775b2b2ebdcf2
5a18c424f7b84b40709a6b78b2d632639bb3ff2b
9613f59211bd2194336c666d11a0d2e1daa4dd96d543e661f5835e0a621c2f5d

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/gif
content-length: 2350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-92e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg

193.108.118.121

200 OK

9.0 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xae3bf698", progressive, precision 8, 258x145, components 3\012- data
Size
9.0 kB (9007 bytes)
Hash
58357cada0f0171d2a84540391219649
57123e69e055b4d818faedec09884135c5d4a31e
742c68ecf3dcc1096143a0a5d00f4a15a3edb13fd497ea2931e67e66826addd0

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 9007
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-232f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg

193.108.118.121

200 OK

9.6 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x70755b56", progressive, precision 8, 258x145, components 3\012- data
Size
9.6 kB (9565 bytes)
Hash
8fcd27f0bcc790f75f46d275a19a6300
556d3ca4dec168c77ae4a73c0c6e8291ef1291c0
78410be719ee73e00845d44e100e280d3989fc3d0fa4d3dcfcd888f13ded1843

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 9565
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-255d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg

193.108.118.121

200 OK

15 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x541b39db", progressive, precision 8, 258x145, components 3\012- data
Size
15 kB (14653 bytes)
Hash
bb05342bd1f87ae7624aba323af77dca
4b7c875644d0b6a424abf06cda89ad135bd53d81
828e2c12259274e1eb1c212f3498fb31503462023c4b2642da4f795209b755de

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 14653
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-393d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg

193.108.118.121

200 OK

10 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1d6d8e5e", progressive, precision 8, 258x145, components 3\012- data
Size
10 kB (10352 bytes)
Hash
1541881a313c963dc754657aefd89ef0
fb41198c81ac17da4f9a34e4b4bf21c8c7fe6001
75e1629d9fad2e22b9d9983c65874a19a3f639db43c11db713a7f972b8f72117

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 10352
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2870"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:03 GMT
cache-control: max-age=1577
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842183.dop201.sk1.t,1675842183.cds232.sk1.hn,1675842183.cds205.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg

193.108.118.121

200 OK

9.0 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 258x145, components 3\012- data
Size
9.0 kB (9032 bytes)
Hash
6c17c634ebd856cc85bedd931ac01680
d1e1b9358749b9fd4ff851bb4cbdce54a6223ce8
c1ced3a91bde391f64c6cef03b164cd89ffd499fa5d75a3f797bc57b1fc3c191

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 9032
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2348"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg

193.108.118.121

200 OK

8.3 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x8c97c7da", progressive, precision 8, 258x145, components 3\012- data
Size
8.3 kB (8266 bytes)
Hash
bc1cdeea817d887b981f26bc84236b93
4528ed7010e2e0c774890d6041a60cbeb3c69c92
d737ffd9379d8f2734c1dc6304e4ff75f1c946de29371a1ec9ddc01f423076dd

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 8266
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-204a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg

193.108.118.121

200 OK

9.3 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x7cd1fc83", progressive, precision 8, 258x145, components 3\012- data
Size
9.3 kB (9338 bytes)
Hash
5ec2461279f77afe0c6fbb935bd0b94a
95c6e9171db79ea69ce718b02484e36816d1a1cd
ac60e5738d3cf6d32004e1ddfcf4368e256f1928ea923f9369869b8e9af665ba

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 9338
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-247a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg

193.108.118.121

200 OK

9.9 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x50dba82c", progressive, precision 8, 258x145, components 3\012- data
Size
9.9 kB (9914 bytes)
Hash
eed80bba1e2813e70d57a5f3a6bbdf09
3965668a7340d071731a89abf73cc4b3efe4dac3
9ef4f06c23420fae9b1fd163d0719be1b2b258d74d27f7933c810ad64c93ac93

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 9914
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-26ba"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg

193.108.118.121

200 OK

8.9 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1f7d625b", progressive, precision 8, 258x145, components 3\012- data
Size
8.9 kB (8885 bytes)
Hash
77df6b7e2677b46a053508a92026cb8a
decad70c5281062495250250fdf985b6073a8a91
6143cd3687b480264dad4e3d3a237c30c26c859ef7fe1c2a7b32472fb65710c0

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 8885
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-22b5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg

193.108.118.121

200 OK

12 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 258x145, components 3\012- data
Size
12 kB (12127 bytes)
Hash
081a01df58865529d3edcbc765c4dcb5
a7fe3ca35fe5e244926a80addda994218806f613
edebf400c8f60c306491e7b2f8a695b7dde10cf49eed66125423571a1cd60d05

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 12127
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2f5f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:03 GMT
cache-control: max-age=5484
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842183.dop201.sk1.t,1675842183.cds232.sk1.hn,1675842183.cds003.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/button.png

193.108.118.121

200 OK

20 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/button.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 107 x 93, 8-bit/color RGBA, non-interlaced\012- data
Size
20 kB (19948 bytes)
Hash
e2aadceedde9aef1bf42c176b31c585c
76c14eae7537160a304aa458bf11a985d5a57375
2b1ff8c49202306d33deac4cf49841f59c1a49d15c80a77c1e001369578cef3f

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/button.png HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/png
content-length: 19948
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-4dec"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:03 GMT
cache-control: max-age=12683
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842183.dop201.sk1.t,1675842183.cds232.sk1.hn,1675842183.cds001.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/load.gif

193.108.118.121

200 OK

15 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/load.gif
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
GIF image data, version 89a, 64 x 64\012- data
Size
15 kB (14574 bytes)
Hash
571dfe045d66b88d2d5c82151a1bf579
8966eb7cd27754263bd2861737b695386273f423
7c7cd7a7155d3d38bb49fc82c83aa14ed24d56f6886623299b13b6a81486a871

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/load.gif HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/gif
content-length: 14574
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-38ee"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:03 GMT
cache-control: max-age=17421
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842183.dop201.sk1.t,1675842183.cds232.sk1.hn,1675842183.cds247.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/flash.jpg

193.108.118.121

200 OK

3.8 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/flash.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Size
3.8 kB (3829 bytes)
Hash
d660b4b574161fdee86ae57edc8ed0ab
0b947dc39c7ba7415dd78683e06366ff3848b2d5
7483a49fc67a21c7a295b03880aa6c37425f3e96d60dff1ac36eff743ecf6078

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/flash.jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 3829
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-ef5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:03 GMT
cache-control: max-age=23824
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842183.dop201.sk1.t,1675842183.cds232.sk1.hn,1675842183.cds219.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/panel.jpg

193.108.118.121

200 OK

24 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/panel.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2016:05:13 17:11:55], baseline, precision 8, 990x36, components 3\012- data
Size
24 kB (23598 bytes)
Hash
ab6b76c0cc6683324bd7fe5923b24d17
559b8b1e50f80b7a218e25ce443e523401882577
a923ea85ee73e53db73038b2ea8712e7e40b067cde25b05ffa999608b17a304d

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/panel.jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 23598
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-5c2e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg

193.108.118.121

200 OK

887 B

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
887 B (887 bytes)
Hash
7754ce192cf45ea10de0706da442d2ff
b5b7d0fcf5e84b04b34629d5a5a9c0bb69ca5238
0bfd7fc5264b6cede1f78a26a96cee917f96989822aa2aa20ac854e13ad46b2b

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 887
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-377"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg

193.108.118.121

200 OK

1.9 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.9 kB (1889 bytes)
Hash
ddf58dd1f8745a81264b21bcf1f9cc77
73a35df521dc648af06e2e490cac929bc681a06c
a2315bfaefeae19a449f38fe4131531c7603f5c7e75e956c240074da66123134

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 1889
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-761"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg

193.108.118.121

200 OK

1.4 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x2a0818fe", progressive, precision 8, 60x60, components 3\012- data
Size
1.4 kB (1394 bytes)
Hash
609e06417314a6476bc6d0f3c1900e20
0e2b0d425bd9e5cc0ebb386b093adf64d464ac1e
9450244a77e354c177c18a691c0e5f0c2fc5d0ddf921f40178cbb8bfe4a076ac

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 1394
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-572"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg

193.108.118.121

200 OK

2.6 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe705e0c1", progressive, precision 8, 60x60, components 3\012- data
Size
2.6 kB (2646 bytes)
Hash
677577d8c6ffb0107ee5c9fbabaa4af7
0bfcbbafee19eeeae113103080c41cd95b4083e5
3a215afa0d15ae2985cfb88e51e90b727f0ba03fe10f8e0b0980ef55af91bdb0

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 2646
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-a56"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg

193.108.118.121

200 OK

1.2 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.2 kB (1191 bytes)
Hash
1226a24c469c0fba3970548aab13650f
a6d371e4acc2a9181d1d6bf13b5d51f82c49a943
6a1513dacd3fcffe47245068fe9fa6a49cdc9c352b8d9cbf8f72005c4cf5cafc

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 1191
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-4a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

errors.house/api/3/envelope/?sentry_key=f1c7cfc107e94764b41b7a2b50de5ae0&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.15.0

144.76.158.184

429 Too Many Requests

162 B

URL HTTP/1.1
errors.house/api/3/envelope/?sentry_key=f1c7cfc107e94764b41b7a2b50de5ae0&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.15.0
IP
144.76.158.184:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
7f44c7691673d77d8557d4d5699ef23a
f30daebcb81f94af5e6dfd9e70585b8904d72ac1
413d294fad14524bf94e764b33ff0f327682549408545171fcf9240189c154ae

HTTP Headers

POST /api/3/envelope/?sentry_key=f1c7cfc107e94764b41b7a2b50de5ae0&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.15.0 HTTP/1.1
Host: errors.house
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 136
Origin: https://news-civuse.com
Connection: keep-alive
Referer: https://news-civuse.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 429 Too Many Requests
Server: nginx/1.22.1
Date: Wed, 08 Feb 2023 07:43:03 GMT
Content-Type: text/html
Content-Length: 162
Connection: close

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg

193.108.118.121

200 OK

1.7 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.7 kB (1729 bytes)
Hash
3db490cc8f824e29d6fb07ba75a97a20
84c2c26447f7b49c76999f31c0ed526bde13c6c4
5c13ca439c63d5f3e5d638ba055f399058117d3b554ae3fb751d4a39043a14fd

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 1729
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6c1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg

193.108.118.121

200 OK

1.4 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xb7d2e3cb", progressive, precision 8, 60x60, components 3\012- data
Size
1.4 kB (1441 bytes)
Hash
47e765dc1abef2d79edafb5fce1c64b5
93d3e7f1e11dd2d98ca3ffb3b49a0211ed76f273
185540f06acc82b2dc4bdfa6d2deb4ce7454bb1e28783acdde67f8a9a90597b1

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 1441
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-5a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg

193.108.118.121

200 OK

1.8 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.8 kB (1809 bytes)
Hash
f042aa7a438ca85be0afeba44a3ac116
183c8b20394fdaf6ba757ff76d3f25e33092369e
05b76ed86b70990f4307223391e1c9abfff59ec545d75d94683c0f69713eed79

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 1809
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-711"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg

193.108.118.121

200 OK

1.9 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.9 kB (1902 bytes)
Hash
16b2fab44ddad0b620d0eaec2fc1e425
24fa279de6ceb2c0434ff4e750639e15eb22ed29
58076ed17c6377d23375ec949c6cb2eade75010dcf82ba0e64dbdcbd67583912

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 1902
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-76e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg

193.108.118.121

200 OK

1.1 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x0bb5b909", progressive, precision 8, 60x60, components 3\012- data
Size
1.1 kB (1085 bytes)
Hash
01ed303509acb0c822fa3c55976d4b96
7ed250f181498962ebafd21f1bde4ca15e6953c6
fba198ced4795895d1f6d0bc2247d315eb8cc6dda60ad119c99846d68d0ce445

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 1085
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-43d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg

193.108.118.121

200 OK

2.4 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xd191bb02", progressive, precision 8, 60x60, components 3\012- data
Size
2.4 kB (2350 bytes)
Hash
ec2823c426475d6766008dabf85a4bc2
f0681ce27ba96a1b4f6547a42495ebb5b0ca514a
2316f8554d54e907f9992475ced3bf03fc95412e98b2bc29aa6e5407260bcddd

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 2350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-92e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe0e89376", progressive, precision 8, 60x60, components 3\012- data
Size
2.0 kB (1979 bytes)
Hash
3f809b94b5e5607da5b5c6506a8729c1
26f4376095902a56db86ea2c76689f15ba3cf9c2
7b84461772bad27e431676a53efae81d8584a102f3f6f407ae0a54469a938ff6

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-7bb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg

193.108.118.121

200 OK

3.1 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xd191bb02", progressive, precision 8, 60x60, components 3\012- data
Size
3.1 kB (3063 bytes)
Hash
cbff1c490bcdcad2989c2549f278eae5
56e1b4489cfc0d54f9f72e15777788beba396c95
6d96d3de01207ab505c62b2da624ba787cabe4fee767c181b175186e50c23af4

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 3063
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-bf7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg

193.108.118.121

200 OK

1.8 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.8 kB (1758 bytes)
Hash
52eba434e5411806cd92add275d164ea
0cc9df3c52de111a307dc3d8d22254cf51b0c77f
a4c2a01f64274d0ede23e233e2be19225c68e5e5a6206b338fb8bc6410f7005f

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 1758
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6de"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png

193.108.118.121

200 OK

1.0 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
1.0 kB (1045 bytes)
Hash
c840b43a0575b0a1742c50f186a67c22
d1ac0da47b4394a9dbea90eee26a260b5268c4d9
6a8ef9be89e89c23d6d96c50e2fa62bd25473e9cc7a79e2cd1ef64e2647cb38a

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/png
content-length: 1045
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-415"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg

193.108.118.121

200 OK

1.4 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x2a0818fe", progressive, precision 8, 60x60, components 3\012- data
Size
1.4 kB (1373 bytes)
Hash
a08c2c5266f9701e422f042b4a3809c5
9884cf987f84b282f920634b2ab811077dfef7a3
054df6bf8ee2bcb904269745cd2c0830918d9e1a6ff1f965673af5f2946a3c37

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 1373
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-55d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38

193.108.118.121

200 OK

11 kB

URL HTTP/2
news-civuse.com/traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
11 kB (10828 bytes)
Hash
993e7043a962b3932dbc23eeb842d357
aa911dc217366213b25b4d82293e95f9a1cf1bea
3bd131dc259f18b82d398ff06da63ccaeaa9629a58540fe2d566746dc3870ff8

HTTP Headers

GET /traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38 HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Connection: keep-alive
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/jquery-3.2.1.min.js

193.108.118.121

200 OK

31 kB

URL HTTP/2
1.news-civuse.com/lands/38/jquery-3.2.1.min.js
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
31 kB (31224 bytes)
Hash
7a99c8fc412370c6736820f33c83172b
6c1e1f2e34817deddde513881baed016f93915e6
daeb19f236c7dc9a9e71849ce1f50bcd14db5338d4d311ba208d7c655b2f0120

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/jquery-3.2.1.min.js HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: application/javascript
last-modified: Thu, 12 Sep 2019 09:33:06 GMT
etag: W/"5d7a10d2-15283"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css

193.108.118.121

200 OK

6.2 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
6.2 kB (6161 bytes)
Hash
26c8a9c9a1b5ae6f4479f3df9e14bac0
1faff49e20c35bae164207fdd234c150e3b5de7f
fb2e52f3679422ed27b5dcb937ed9f397806020bcf0cad9ce74be11b4cf86bb7

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-6aa0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg

193.108.118.121

200 OK

841 B

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
841 B (841 bytes)
Hash
9cf522c306866742c2806e0c14c8bca7
7a3ff28af2c6f7cfd036ec4fc162651eaf634f7e
fa09bef7875241c06a9e2505bc698a189d3b3ce012af29c65817fd476627ec87

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 841
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-349"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css

193.108.118.121

200 OK

13 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
13 kB (13266 bytes)
Hash
04ad7b45329d2c0b103522c2619e9658
5d58ee7f7ac86608fc3c3bd6f5b12226327e3110
f1131e38ca67ceca2a036f87d46d0a052ea50d38eed4469994a9bb1d1046b69a

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-1327c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg

193.108.118.121

200 OK

4.6 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 150x84, components 3\012- data
Size
4.6 kB (4644 bytes)
Hash
0fa4a903a2adc9da58b52661ebc8d38c
061c6359c2951da7509f6ae4039c2f0bc1ce6b62
79d6da7e0398c3f607c4bbc93562cf6ab96bb800cdab4ef6df82718cf0a0d3e5

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 4644
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1224"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg

193.108.118.121

200 OK

4.4 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x550d5e4d", progressive, precision 8, 150x84, components 3\012- data
Size
4.4 kB (4397 bytes)
Hash
58477c52a9d639b91b16f022d4676bcf
51a85ef703617e996c50cd76b38f2507517a9f25
a0653cc819b252702f55439d6f8763d212fca2f9f604d67224a2a9891e8eadbe

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 4397
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-112d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css

193.108.118.121

200 OK

10 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
10 kB (10043 bytes)
Hash
892b6aac57c35ab1a1ccf4f554a8b6c8
0807fde7c08a64d3702fae411805c075fa14dc05
5f2461ebdb1f50b6bce05d34298ad810a00146d7abc81e709bfec5a32b05894f

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-3957"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js

193.108.118.121

200 OK

20 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
20 kB (19492 bytes)
Hash
bb61327c12be2131e4fd39667e1625b1
5652ad34726013866f350def02135c7244f8d82a
9a0ca42d0939591140b9678cbbfd84cfc026ee9a0c0dd3aa9b0aa8fef5089f99

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: application/javascript
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: W/"5d7a0ef0-f889"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg

193.108.118.121

200 OK

4.0 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x541b39db", progressive, precision 8, 150x84, components 3\012- data
Size
4.0 kB (4035 bytes)
Hash
416ec3af020687541765d48acb81fc08
48b80345ffb951535d4d6ca811d19bd9dd726998
75c30d77f900b2f4c91f502f45f00606b57a47bb84e6b700fb18482389d88f3c

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 4035
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-fc3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg

193.108.118.121

200 OK

8.6 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 233x131, components 3\012- data
Size
8.6 kB (8615 bytes)
Hash
55778c73ba99a9477464e5c90cdd7e02
bc49e8058f1dafe10e817441de952ba6aa3b7b58
c362fc3a2aafd1b0d8069fb1fae83b5f0abb06443d3e00b21b37be13aeb75bfa

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 8615
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-21a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg

193.108.118.121

200 OK

5.1 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x852b408e", progressive, precision 8, 150x84, components 3\012- data
Size
5.1 kB (5080 bytes)
Hash
72e270f7041c2fe2f326d11e162fb249
3f918a2023f10a01a2ed74713d292df415d14e05
b17ce663fab4421f728ea0dd218d2a8a6a10a4314759fdf139b9388fa26e37f6

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 5080
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-13d8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg

193.108.118.121

200 OK

4.4 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6359dcbc", progressive, precision 8, 150x84, components 3\012- data
Size
4.4 kB (4417 bytes)
Hash
447470b34b66b570c8fc0dbc11c06609
863180b376242e256189888eb99282e597d894c9
dd57f5a80517b8109279b57d702278f31a9878295045c6766931a0453244d749

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 4417
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1141"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg

193.108.118.121

200 OK

7.9 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 233x131, components 3\012- data
Size
7.9 kB (7904 bytes)
Hash
5df975e7a8c0b2610069610c54c5ce6c
ab6390fbb7be1be9a0f4477b4439e34d5175b6fc
bbfb6830dabc55fd598cc0948049f2367d17c80f286e0821e660ba7f5a6b360c

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 7904
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1ee0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg

193.108.118.121

200 OK

3.8 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x8c97c7da", progressive, precision 8, 150x84, components 3\012- data
Size
3.8 kB (3835 bytes)
Hash
6ed4eca1ed776930746531005fcf22aa
11e8643932e35a8ef65be8ef585afee241c8eddc
28849006b773d85fb8fb2295a86bcee5d2cdabb9a23d854ffebbd8dfd203588c

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 3835
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-efb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg

193.108.118.121

200 OK

4.7 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x550d5e4d", progressive, precision 8, 150x84, components 3\012- data
Size
4.7 kB (4664 bytes)
Hash
12f0c14e5943fd57577ce11155107bdb
a484cb296770fe6cb55d25cba19f831cf1aaf7d1
9eb468f7688a901a3626fdde8d0b07dc490a830718c2938d32f70f0ec122a344

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 4664
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1238"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg

193.108.118.121

200 OK

6.8 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1f7d625b", progressive, precision 8, 233x131, components 3\012- data
Size
6.8 kB (6827 bytes)
Hash
2ad4260dc1204ad8f3c0c29bd919830a
fd2ddfca32f55ba5d180af812a787e61ce136480
acc8f76a570c0833d34835f5694409e082b4af09783366596c2e151e0b0ed128

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 6827
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1aab"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif

193.108.118.121

200 OK

1.9 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
GIF image data, version 89a, 88 x 31\012- data
Size
1.9 kB (1882 bytes)
Hash
2bcf55138cde4a65770426a67ea247fc
13d8c808a4276dc88937817d7df7720182c093f6
348fd1e58aec8d99001aca1dd12b72eafef534c2d11725b2280a173d03b5fa6b

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/gif
content-length: 1882
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-75a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

1.news-civuse.com/sw.js

193.108.118.121

200 OK

4.2 kB

URL HTTP/2
1.news-civuse.com/sw.js
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (4168)
Size
4.2 kB (4199 bytes)
Hash
569090f90a522f4c62af3b9e40635957
4e6f57da49920f30777f3fe71f83f6183aeb4f3f
ee8c6af307c8d085753adb810c69c8379d1e8d01211b491409c43e9edc9f6fb5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sw.js HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: application/javascript
content-length: 4199
last-modified: Thu, 01 Dec 2022 08:31:02 GMT
etag: "63886646-1067"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/index.php_files/pu.swf

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
1.news-civuse.com/lands/38/index.php_files/pu.swf
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1953 bytes)
Hash
6d40122b8a5b7fd31b5aef2749f519fd
518d585dd26c947344ddea5403324850d1b2f7cd
1da7814acd0d6913438bf701d8a2d2cf29814174b5eff0e6ff129ee74f68a7cf

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/index.php_files/pu.swf HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: application/x-shockwave-flash
content-length: 1953
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:03 GMT
cache-control: max-age=13260
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842183.dop201.sk1.t,1675842183.cds232.sk1.hn,1675842183.cds212.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:03 GMT
cache-control: max-age=20259
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842183.dop201.sk1.t,1675842183.cds232.sk1.hn,1675842183.cds251.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:03 GMT
cache-control: max-age=1577
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842183.dop201.sk1.t,1675842183.cds232.sk1.hn,1675842183.cds205.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:03 GMT
cache-control: max-age=5484
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842183.dop201.sk1.t,1675842183.cds232.sk1.hn,1675842183.cds003.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:03 GMT
cache-control: max-age=12683
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842183.dop201.sk1.t,1675842183.cds232.sk1.hn,1675842183.cds001.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:03 GMT
cache-control: max-age=17421
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842183.dop201.sk1.t,1675842183.cds232.sk1.hn,1675842183.cds247.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:03 GMT
cache-control: max-age=23824
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842183.dop201.sk1.t,1675842183.cds232.sk1.hn,1675842183.cds219.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

zerossl.ocsp.sectigo.com/

104.18.32.68

200 OK

317 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
317 B (317 bytes)
Hash
f6d27652a67d020ef95fc90618634887
78b7aea766f85b3156a79229d08c76961a89868a
01fa6be9f50fe1bfa7fe7d8fdec1c05a13fdbca931bb1752f2f4a4b83922df78

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 07:43:03 GMT
Content-Type: application/ocsp-response
Content-Length: 317
Connection: keep-alive
Last-Modified: Sun, 05 Feb 2023 14:16:14 GMT
Expires: Sun, 12 Feb 2023 14:16:13 GMT
Etag: "78b7aea766f85b3156a79229d08c76961a89868a"
Cache-Control: max-age=368589,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7962bb6e7f660b49-OSL

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css

193.108.118.121

200 OK

7.5 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
7.5 kB (7474 bytes)
Hash
4a29a7232d0715bebf86fff347173ec8
e5d508580d5d8309f5cde536bf499dda3ba4de5d
5b0c059250ed6f96788447c04b80ec6b313860d7b68ec5ae0b45543abfe704f0

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-8353"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1979 bytes)
Hash
613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250 HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1979 bytes)
Hash
613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250 HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1995 bytes)
Hash
1b6ee6a5fdcf3c781a0b768964797646
f0bf83f6368d7c31471ad258ce8cfb4848109192
511ad4ad0f3db18490c9b7876d44c887f60d78dd8d06a585367c0ab4ddbbe92f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250 HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/fon2.jpg

193.108.118.121

200 OK

234 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/fon2.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2014 (Windows), datetime=2016:06:21 11:55:20], baseline, precision 8, 990x513, components 3\012- data
Size
234 kB (234218 bytes)
Hash
60f67e63f85561c6f95fd573252d2311
6fc6d41b27131074786778522b86077f477dbd51
0e80e9257f1dd0149894bf37342cb082ef2410263de490e851111fa9531e15c6

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/fon2.jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 234218
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-392ea"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1979 bytes)
Hash
613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250 HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1995 bytes)
Hash
787dca6a9c809e6dcc3d3018f3f639bb
cf5838982dcd16a1cca3e810716270434413ea80
6fe734b116afdc3782aef601ddee34dfa45e93c69ff372143f3ae187c47627d3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250 HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1995 bytes)
Hash
787dca6a9c809e6dcc3d3018f3f639bb
cf5838982dcd16a1cca3e810716270434413ea80
6fe734b116afdc3782aef601ddee34dfa45e93c69ff372143f3ae187c47627d3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250 HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2

browser.sentry-cdn.com/7.19.0/bundle.es5.min.js

151.101.66.217

200 OK

20 kB

URL HTTP/2
browser.sentry-cdn.com/7.19.0/bundle.es5.min.js
IP
151.101.66.217:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (62031)
Size
20 kB (20174 bytes)
Hash
1c6083f7ae34ed2fa3236569eec9ff56
0c1be1b5468042e65e02c8b886c50d26427c9ce7
2b1d69121eb9dc0629126ff02cf7acef2f1924b32b0bb654792ecd9101e10c44

HTTP Headers

GET /7.19.0/bundle.es5.min.js HTTP/1.1
Host: browser.sentry-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Sat, 11 Nov 2023 17:34:32 GMT
last-modified: Thu, 10 Nov 2022 15:50:35 GMT
etag: "1c6083f7ae34ed2fa3236569eec9ff56"
content-type: application/javascript; charset=utf-8
content-encoding: gzip
accept-ranges: bytes
date: Wed, 08 Feb 2023 07:43:03 GMT
age: 7654111
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 20174
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18452
Expires: Wed, 08 Feb 2023 12:50:35 GMT
Date: Wed, 08 Feb 2023 07:43:03 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18452
Expires: Wed, 08 Feb 2023 12:50:35 GMT
Date: Wed, 08 Feb 2023 07:43:03 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18452
Expires: Wed, 08 Feb 2023 12:50:35 GMT
Date: Wed, 08 Feb 2023 07:43:03 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18452
Expires: Wed, 08 Feb 2023 12:50:35 GMT
Date: Wed, 08 Feb 2023 07:43:03 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18452
Expires: Wed, 08 Feb 2023 12:50:35 GMT
Date: Wed, 08 Feb 2023 07:43:03 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06b5f2a3-c53c-4690-b548-2c3d0f556f73.jpeg

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06b5f2a3-c53c-4690-b548-2c3d0f556f73.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8629 bytes)
Hash
02fde25be5ded120af759d19d8304f73
8d2a4d9ab5947113ce0737d4d4bed3e30a971026
7cdf26668cca22f28eee047d3fcf30cea8d97b1d8804fe2132728f26cd11558d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06b5f2a3-c53c-4690-b548-2c3d0f556f73.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8629
x-amzn-requestid: cc20d28e-3937-4826-97ef-100fb5dd2645
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7LFn3oAMF61A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c514-6e764236604212fa26dab38a;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: GIAPTJF7sfpuubLSngEDMrowvBWW5c1xRlyVf7PQ3o6rGWdFITVioA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 22:15:10 GMT
etag: "8d2a4d9ab5947113ce0737d4d4bed3e30a971026"
content-type: image/jpeg
age: 34073
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7e586b8-49f5-40c3-b0d4-f6cdfc375a2b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9760 bytes)
Hash
18a84ae645223aba0709b5e16c0207f7
0b865e797846520ccc6fff6fb2ee38d8836bd2c0
b1e4868045f074a84e3de1d82ec3ae22f6d2a1a4131b2a40bcce7f3f5375aff7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7e586b8-49f5-40c3-b0d4-f6cdfc375a2b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9760
x-amzn-requestid: d5d8fdde-048f-4705-9fa4-99fd7d29d804
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f582DETSIAMFmEA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0a826-52a3b175584df1914260c8ae;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 07:11:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: wUaruDuqNDIlR6CWz9G7DAofcvS7UNmtPM7C2ve-RRbp57J43rWPxQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 04:09:02 GMT
age: 12841
etag: "0b865e797846520ccc6fff6fb2ee38d8836bd2c0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5416f10c-2a0c-46e5-a76b-853a2be4c374.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12216 bytes)
Hash
fe800d6af728cd622a6192ad5e7dda6a
3a301dd894fc428c7d1863c9d5eaf2652f5c2083
f4923c211ef24e933bbe73bd8d2033d6b6da4a9fa0c9d4699a1041a7bd8bf5a2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5416f10c-2a0c-46e5-a76b-853a2be4c374.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12216
x-amzn-requestid: cc61a63b-35fe-4bfa-ad20-1db3f4165446
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7LFrCIAMFoYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c514-2b5e27c62218510b74ea0989;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: C1EXSLUCdc9GzSKxUzv9_uWK4ZTqggdr03uVW5SWuZwVVSn2wc4k7w==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:44:01 GMT
age: 35942
etag: "3a301dd894fc428c7d1863c9d5eaf2652f5c2083"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css

193.108.118.121

200 OK

42 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
42 kB (42237 bytes)
Hash
30863b433c65bed32643bf79a5f8a735
da64e4140b22da8be785ef7e01039d520c744319
97f0466c303f66ae6f0bd29eae5c750399be033ddb4229264790f7a2e4eda68f

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-2f3dd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a8e532-be72-47cc-8389-e8f28ffc3c2a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.3 kB (4269 bytes)
Hash
33b061f03be149fea0df63b42a8ec226
e5e491c6ef8b6234450a34ee5df28b9a58a8ad43
a5970bbb40be173878cd2e920bd1a6ed27775fbdc222bb66ccbc5969984882f1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a8e532-be72-47cc-8389-e8f28ffc3c2a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4269
x-amzn-requestid: df152b3a-fa15-4dac-96f9-41b9ea8e5136
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_OkQH5PoAMFl1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c481-63636a42419209fb0c17eceb;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:37:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ViawdcUij4_pKnUmO34Oaqjmbtv19ModMaku0MWYTHDeLCR1ikzB_A==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:42:03 GMT
age: 36060
etag: "e5e491c6ef8b6234450a34ee5df28b9a58a8ad43"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe56753b9-ced9-4038-88f6-9ea3a7bc9f04.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11205 bytes)
Hash
aa6c416b3a87ded887c9dcf7c51e5dd0
45f4ef9e68591c00669043abe96959bead8f17ae
9e10394b387916e40c44d4e02fbc1ea72214d870df189ce16d24015de00682bf

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe56753b9-ced9-4038-88f6-9ea3a7bc9f04.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11205
x-amzn-requestid: abdf9c40-a2b7-49ae-bea1-ff5abfcea781
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fvszZFOZoAMFkNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc8e7b-6e508da05ff6f33e691de130;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 04:33:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hLrbI5Acy2RBlg7VqGE2b83zuqgt-bx0kD0nlH8uYaJ8tii2FqMLfw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 14:35:27 GMT
age: 61656
etag: "45f4ef9e68591c00669043abe96959bead8f17ae"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/lp.js

193.108.118.121

200 OK

1.4 kB

URL HTTP/2
2.news-civuse.com/lands/38/lp.js
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
Unicode text, UTF-8 text
Size
1.4 kB (1418 bytes)
Hash
8441b469fa0c093bd106a66a4068d944
c3698e755cd1ef7b5d29e233ef615219559a96f3
befe8e9f55c6e3fe10fd398534acb713129764b05d852089ac34bfa535a53902

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/lp.js HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: application/javascript
content-length: 1418
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-58a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/revopush.js?v=4

193.108.118.121

200 OK

10 kB

URL HTTP/2
2.news-civuse.com/revopush.js?v=4
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (9954), with no line terminators
Size
10 kB (9954 bytes)
Hash
fc284a0e5d580856ae4863715ad6733e
eb69f303c80ff8e44abc9601b8616c0cf92faafa
2240a1d10744494668058ba210d0d87203609def9fd69d2ac82092ebc79583c0

HTTP Headers

GET /revopush.js?v=4 HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: application/javascript
content-length: 9954
last-modified: Thu, 15 Dec 2022 09:31:10 GMT
etag: "639ae95e-26e2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css

193.108.118.121

200 OK

4.0 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (4028), with no line terminators
Size
4.0 kB (4028 bytes)
Hash
64f6d7d923f18e5d25a4506b45fcd51d
0e636e489bba7af08cb17f8a72c5dc5685774057
18818b4b5458636324d294a8dee67dbde4808ae542e6cefa18ca6d90c1fc4479

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: text/css
content-length: 4028
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: "61deb724-fbc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css

193.108.118.121

200 OK

6.0 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (5955), with no line terminators
Size
6.0 kB (5955 bytes)
Hash
0fe9d8c60b2c31a97fa966d14be642ef
eb4f94b637c54906ae38eb350b6310d552c75e6d
191ae0d72198f51609589e26c7d837d2978382861f60b360148e0af13c8583e1

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: text/css
content-length: 5955
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1743"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css

193.108.118.121

200 OK

8.3 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (8327), with no line terminators
Size
8.3 kB (8327 bytes)
Hash
8cd6ca47d55ffed774fde852523940e0
49e1e837355b3de08055c650488d0a3382bff9c0
17528d5914a702bb12ac6b36c8e3bbbfbcd3d52b54dd613acbacf8f4bb17ae33

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: text/css
content-length: 8327
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: "61deb724-2087"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css

193.108.118.121

200 OK

1.4 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (1391), with no line terminators
Size
1.4 kB (1391 bytes)
Hash
677a255a4a9dc3411b8013e8afb09c42
ec9f1a722b028da2eceb06cdc8c26fc6490a4e70
cc4494353809adb8bdfbbdea2ad72a1a0fc9c84816dc23c7ee1f9466e620eb5e

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: text/css
content-length: 1391
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-56f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/18.png

193.108.118.121

200 OK

12 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/18.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (12136 bytes)
Hash
833a12d372440b20017502d3c72e0b20
5fb9301142e3c53f65cd16502b35d7d1d5f82b98
1531ac56322b89715a35b1cdb5ca1f79f453614f368455b2cc8ef650a992f8cd

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/18.png HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/png
content-length: 12136
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2f68"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

errors.house/api/3/envelope/?sentry_key=f1c7cfc107e94764b41b7a2b50de5ae0&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.15.0

144.76.158.184

429 Too Many Requests

162 B

URL HTTP/1.1
errors.house/api/3/envelope/?sentry_key=f1c7cfc107e94764b41b7a2b50de5ae0&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.15.0
IP
144.76.158.184:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
7f44c7691673d77d8557d4d5699ef23a
f30daebcb81f94af5e6dfd9e70585b8904d72ac1
413d294fad14524bf94e764b33ff0f327682549408545171fcf9240189c154ae

HTTP Headers

POST /api/3/envelope/?sentry_key=f1c7cfc107e94764b41b7a2b50de5ae0&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.15.0 HTTP/1.1
Host: errors.house
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 135
Origin: https://1.news-civuse.com
Connection: keep-alive
Referer: https://1.news-civuse.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 429 Too Many Requests
Server: nginx/1.22.1
Date: Wed, 08 Feb 2023 07:43:04 GMT
Content-Type: text/html
Content-Length: 162
Connection: close

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png

193.108.118.121

200 OK

22 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 150 x 40, 8-bit/color RGBA, non-interlaced\012- data
Size
22 kB (21724 bytes)
Hash
19b197d779dd9ee78737a456dbd5c1a6
a3f0b1d0659e5a76bdfaa52bb8f68096d1ab1359
806a8a4abe09c02f4e4b3ed4d6514bfcf1a93a941e838aadf56afaef858d8e37

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/png
content-length: 21724
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-54dc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/104.jpg

193.108.118.121

200 OK

28 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/104.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2014 (Windows), datetime=2016:03:16 09:26:15], baseline, precision 8, 118x88, components 3\012- data
Size
28 kB (27900 bytes)
Hash
c1a5819d50b9125f0c46ded86fd5b4b6
3926c15be79cb7522cefdbf5066d39623e36a283
374f0cede3c1f91ad174b97554017b74cbd29424d7467d039beab541f6deb873

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/104.jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 27900
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6cfc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg

193.108.118.121

200 OK

17 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 118x88, components 3\012- data
Size
17 kB (17350 bytes)
Hash
215029a9775d1e9a56c93912ab03f4c6
6a3dbd676e2ea61850d2a20086b9ec84127da0ae
e071c52839ef37679439165349ffdd98cf19aa7e35d0293a1bec69743db70b16

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 17350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-43c6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:04 GMT
cache-control: max-age=13259
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842184.dop201.sk1.t,1675842184.cds232.sk1.hn,1675842184.cds212.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg

193.108.118.121

200 OK

12 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 118x88, components 3\012- data
Size
12 kB (12525 bytes)
Hash
ea52ae32ae4319fb03da1672b0c20ed3
4efd8189179b260a4b51fd4b28d729b6143ef00a
43a4ca83560d5720ffeccf17478d6a1741f86639f35744fb61fcb139dc3020a6

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 12525
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-30ed"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg

193.108.118.121

200 OK

11 kB

URL HTTP/2
1.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Size
11 kB (11238 bytes)
Hash
2f03fbd61721fdf46883333595050c77
8361f15c906a9457340fc21febd22b5ede56ac61
9f6c76cf695bc0785f4e4f8bb3abe93255af3ea1597307d567dc0fc93fa70560

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: image/jpeg
content-length: 15481
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-3c79"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg

193.108.118.121

200 OK

14 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Size
14 kB (13505 bytes)
Hash
9903db279cf9714141daac34523f39b6
ac412f9ce9b8c50155e9adb9f5095d82519ccd24
f562892c60fef407c954fd73d6908003c42f832c4ae86f8264438a576ce2c1cd

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 13505
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-34c1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:04 GMT
cache-control: max-age=20258
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842184.dop201.sk1.t,1675842184.cds232.sk1.hn,1675842184.cds251.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg

193.108.118.121

200 OK

13 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 118x88, components 3\012- data
Size
13 kB (13106 bytes)
Hash
99a404d25bcdd47a141dafdbe046d0cf
04de642c5cbc865c29ab3599c1c4fa19f2a6ba8e
fbe779bcef340ba0b148f84b50a8323a2bbb493674e130bf877d87c6d163ed36

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 13106
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-3332"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg

193.108.118.121

200 OK

16 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Size
16 kB (15481 bytes)
Hash
5a34545daf4bc481bcbc3573062aa426
132d09d36ede8f32c3168ecaaa631e5959ce38ef
c044a81b14812c50f3142ad20d0ca862923daba2483eb164b0348ba98d3b7855

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 15481
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-3c79"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg

193.108.118.121

200 OK

18 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Size
18 kB (17978 bytes)
Hash
10e8794e65f20d32932985bf814b8965
0627b8648373340d2ba949fd7fe50611d11b033b
43b9f39f94acb50efb3b6981a6c931dcf25eefcc7b7734a927036255263eee39

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 17978
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-463a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif

193.108.118.121

200 OK

2.4 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
GIF image data, version 89a, 116 x 86\012- data
Size
2.4 kB (2350 bytes)
Hash
ec706a0634f1e5e06ad775b2b2ebdcf2
5a18c424f7b84b40709a6b78b2d632639bb3ff2b
9613f59211bd2194336c666d11a0d2e1daa4dd96d543e661f5835e0a621c2f5d

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/gif
content-length: 2350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-92e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:04 GMT
cache-control: max-age=1576
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842184.dop201.sk1.t,1675842184.cds232.sk1.hn,1675842184.cds205.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg

193.108.118.121

200 OK

9.0 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xae3bf698", progressive, precision 8, 258x145, components 3\012- data
Size
9.0 kB (9007 bytes)
Hash
58357cada0f0171d2a84540391219649
57123e69e055b4d818faedec09884135c5d4a31e
742c68ecf3dcc1096143a0a5d00f4a15a3edb13fd497ea2931e67e66826addd0

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 9007
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-232f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg

193.108.118.121

200 OK

9.6 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x70755b56", progressive, precision 8, 258x145, components 3\012- data
Size
9.6 kB (9565 bytes)
Hash
8fcd27f0bcc790f75f46d275a19a6300
556d3ca4dec168c77ae4a73c0c6e8291ef1291c0
78410be719ee73e00845d44e100e280d3989fc3d0fa4d3dcfcd888f13ded1843

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 9565
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-255d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:04 GMT
cache-control: max-age=5483
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842184.dop201.sk1.t,1675842184.cds232.sk1.hn,1675842184.cds003.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg

193.108.118.121

200 OK

15 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x541b39db", progressive, precision 8, 258x145, components 3\012- data
Size
15 kB (14653 bytes)
Hash
bb05342bd1f87ae7624aba323af77dca
4b7c875644d0b6a424abf06cda89ad135bd53d81
828e2c12259274e1eb1c212f3498fb31503462023c4b2642da4f795209b755de

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 14653
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-393d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:04 GMT
cache-control: max-age=12682
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842184.dop201.sk1.t,1675842184.cds232.sk1.hn,1675842184.cds001.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg

193.108.118.121

200 OK

10 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1d6d8e5e", progressive, precision 8, 258x145, components 3\012- data
Size
10 kB (10352 bytes)
Hash
1541881a313c963dc754657aefd89ef0
fb41198c81ac17da4f9a34e4b4bf21c8c7fe6001
75e1629d9fad2e22b9d9983c65874a19a3f639db43c11db713a7f972b8f72117

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 10352
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2870"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg

193.108.118.121

200 OK

9.0 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 258x145, components 3\012- data
Size
9.0 kB (9032 bytes)
Hash
6c17c634ebd856cc85bedd931ac01680
d1e1b9358749b9fd4ff851bb4cbdce54a6223ce8
c1ced3a91bde391f64c6cef03b164cd89ffd499fa5d75a3f797bc57b1fc3c191

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 9032
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2348"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:04 GMT
cache-control: max-age=17420
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842184.dop201.sk1.t,1675842184.cds232.sk1.hn,1675842184.cds247.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg

193.108.118.121

200 OK

8.3 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x8c97c7da", progressive, precision 8, 258x145, components 3\012- data
Size
8.3 kB (8266 bytes)
Hash
bc1cdeea817d887b981f26bc84236b93
4528ed7010e2e0c774890d6041a60cbeb3c69c92
d737ffd9379d8f2734c1dc6304e4ff75f1c946de29371a1ec9ddc01f423076dd

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 8266
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-204a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg

193.108.118.121

200 OK

9.3 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x7cd1fc83", progressive, precision 8, 258x145, components 3\012- data
Size
9.3 kB (9338 bytes)
Hash
5ec2461279f77afe0c6fbb935bd0b94a
95c6e9171db79ea69ce718b02484e36816d1a1cd
ac60e5738d3cf6d32004e1ddfcf4368e256f1928ea923f9369869b8e9af665ba

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 9338
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-247a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg

193.108.118.121

200 OK

9.9 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x50dba82c", progressive, precision 8, 258x145, components 3\012- data
Size
9.9 kB (9914 bytes)
Hash
eed80bba1e2813e70d57a5f3a6bbdf09
3965668a7340d071731a89abf73cc4b3efe4dac3
9ef4f06c23420fae9b1fd163d0719be1b2b258d74d27f7933c810ad64c93ac93

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 9914
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-26ba"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg

193.108.118.121

200 OK

8.9 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1f7d625b", progressive, precision 8, 258x145, components 3\012- data
Size
8.9 kB (8885 bytes)
Hash
77df6b7e2677b46a053508a92026cb8a
decad70c5281062495250250fdf985b6073a8a91
6143cd3687b480264dad4e3d3a237c30c26c859ef7fe1c2a7b32472fb65710c0

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 8885
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-22b5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg

193.108.118.121

200 OK

12 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 258x145, components 3\012- data
Size
12 kB (12127 bytes)
Hash
081a01df58865529d3edcbc765c4dcb5
a7fe3ca35fe5e244926a80addda994218806f613
edebf400c8f60c306491e7b2f8a695b7dde10cf49eed66125423571a1cd60d05

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 12127
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2f5f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/button.png

193.108.118.121

200 OK

20 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/button.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 107 x 93, 8-bit/color RGBA, non-interlaced\012- data
Size
20 kB (19948 bytes)
Hash
e2aadceedde9aef1bf42c176b31c585c
76c14eae7537160a304aa458bf11a985d5a57375
2b1ff8c49202306d33deac4cf49841f59c1a49d15c80a77c1e001369578cef3f

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/button.png HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/png
content-length: 19948
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-4dec"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:04 GMT
cache-control: max-age=23823
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842184.dop201.sk1.t,1675842184.cds232.sk1.hn,1675842184.cds219.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/load.gif

193.108.118.121

200 OK

15 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/load.gif
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
GIF image data, version 89a, 64 x 64\012- data
Size
15 kB (14574 bytes)
Hash
571dfe045d66b88d2d5c82151a1bf579
8966eb7cd27754263bd2861737b695386273f423
7c7cd7a7155d3d38bb49fc82c83aa14ed24d56f6886623299b13b6a81486a871

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/load.gif HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/gif
content-length: 14574
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-38ee"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/flash.jpg

193.108.118.121

200 OK

3.8 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/flash.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Size
3.8 kB (3829 bytes)
Hash
d660b4b574161fdee86ae57edc8ed0ab
0b947dc39c7ba7415dd78683e06366ff3848b2d5
7483a49fc67a21c7a295b03880aa6c37425f3e96d60dff1ac36eff743ecf6078

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/flash.jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 3829
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-ef5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/panel.jpg

193.108.118.121

200 OK

24 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/panel.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2016:05:13 17:11:55], baseline, precision 8, 990x36, components 3\012- data
Size
24 kB (23598 bytes)
Hash
ab6b76c0cc6683324bd7fe5923b24d17
559b8b1e50f80b7a218e25ce443e523401882577
a923ea85ee73e53db73038b2ea8712e7e40b067cde25b05ffa999608b17a304d

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/panel.jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 23598
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-5c2e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg

193.108.118.121

200 OK

887 B

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
887 B (887 bytes)
Hash
7754ce192cf45ea10de0706da442d2ff
b5b7d0fcf5e84b04b34629d5a5a9c0bb69ca5238
0bfd7fc5264b6cede1f78a26a96cee917f96989822aa2aa20ac854e13ad46b2b

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 887
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-377"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg

193.108.118.121

200 OK

1.9 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.9 kB (1889 bytes)
Hash
ddf58dd1f8745a81264b21bcf1f9cc77
73a35df521dc648af06e2e490cac929bc681a06c
a2315bfaefeae19a449f38fe4131531c7603f5c7e75e956c240074da66123134

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 1889
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-761"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg

193.108.118.121

200 OK

1.4 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x2a0818fe", progressive, precision 8, 60x60, components 3\012- data
Size
1.4 kB (1394 bytes)
Hash
609e06417314a6476bc6d0f3c1900e20
0e2b0d425bd9e5cc0ebb386b093adf64d464ac1e
9450244a77e354c177c18a691c0e5f0c2fc5d0ddf921f40178cbb8bfe4a076ac

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 1394
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-572"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg

193.108.118.121

200 OK

2.6 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe705e0c1", progressive, precision 8, 60x60, components 3\012- data
Size
2.6 kB (2646 bytes)
Hash
677577d8c6ffb0107ee5c9fbabaa4af7
0bfcbbafee19eeeae113103080c41cd95b4083e5
3a215afa0d15ae2985cfb88e51e90b727f0ba03fe10f8e0b0980ef55af91bdb0

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 2646
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-a56"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg

193.108.118.121

200 OK

1.2 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.2 kB (1191 bytes)
Hash
1226a24c469c0fba3970548aab13650f
a6d371e4acc2a9181d1d6bf13b5d51f82c49a943
6a1513dacd3fcffe47245068fe9fa6a49cdc9c352b8d9cbf8f72005c4cf5cafc

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 1191
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-4a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg

193.108.118.121

200 OK

1.7 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.7 kB (1729 bytes)
Hash
3db490cc8f824e29d6fb07ba75a97a20
84c2c26447f7b49c76999f31c0ed526bde13c6c4
5c13ca439c63d5f3e5d638ba055f399058117d3b554ae3fb751d4a39043a14fd

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 1729
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6c1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg

193.108.118.121

200 OK

1.4 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xb7d2e3cb", progressive, precision 8, 60x60, components 3\012- data
Size
1.4 kB (1441 bytes)
Hash
47e765dc1abef2d79edafb5fce1c64b5
93d3e7f1e11dd2d98ca3ffb3b49a0211ed76f273
185540f06acc82b2dc4bdfa6d2deb4ce7454bb1e28783acdde67f8a9a90597b1

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 1441
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-5a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg

193.108.118.121

200 OK

1.8 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.8 kB (1809 bytes)
Hash
f042aa7a438ca85be0afeba44a3ac116
183c8b20394fdaf6ba757ff76d3f25e33092369e
05b76ed86b70990f4307223391e1c9abfff59ec545d75d94683c0f69713eed79

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 1809
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-711"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg

193.108.118.121

200 OK

1.9 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.9 kB (1902 bytes)
Hash
16b2fab44ddad0b620d0eaec2fc1e425
24fa279de6ceb2c0434ff4e750639e15eb22ed29
58076ed17c6377d23375ec949c6cb2eade75010dcf82ba0e64dbdcbd67583912

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 1902
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-76e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg

193.108.118.121

200 OK

1.1 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x0bb5b909", progressive, precision 8, 60x60, components 3\012- data
Size
1.1 kB (1085 bytes)
Hash
01ed303509acb0c822fa3c55976d4b96
7ed250f181498962ebafd21f1bde4ca15e6953c6
fba198ced4795895d1f6d0bc2247d315eb8cc6dda60ad119c99846d68d0ce445

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 1085
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-43d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg

193.108.118.121

200 OK

2.4 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xd191bb02", progressive, precision 8, 60x60, components 3\012- data
Size
2.4 kB (2350 bytes)
Hash
ec2823c426475d6766008dabf85a4bc2
f0681ce27ba96a1b4f6547a42495ebb5b0ca514a
2316f8554d54e907f9992475ced3bf03fc95412e98b2bc29aa6e5407260bcddd

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 2350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-92e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/jquery-3.2.1.min.js

193.108.118.121

200 OK

32 kB

URL HTTP/2
2.news-civuse.com/lands/38/jquery-3.2.1.min.js
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
32 kB (32157 bytes)
Hash
47237e0c30d0fedab08abc260a22ce46
cb0bfad358135ae703e0355bed5826cba160da8a
0385523da1cd345081b9aacc6c0d827da2a04b3db93b3c16cf1e42ee577c7472

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/jquery-3.2.1.min.js HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: application/javascript
last-modified: Thu, 12 Sep 2019 09:33:06 GMT
etag: W/"5d7a10d2-15283"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg

193.108.118.121

200 OK

3.1 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xd191bb02", progressive, precision 8, 60x60, components 3\012- data
Size
3.1 kB (3063 bytes)
Hash
cbff1c490bcdcad2989c2549f278eae5
56e1b4489cfc0d54f9f72e15777788beba396c95
6d96d3de01207ab505c62b2da624ba787cabe4fee767c181b175186e50c23af4

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 3063
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-bf7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg

193.108.118.121

200 OK

1.8 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.8 kB (1758 bytes)
Hash
52eba434e5411806cd92add275d164ea
0cc9df3c52de111a307dc3d8d22254cf51b0c77f
a4c2a01f64274d0ede23e233e2be19225c68e5e5a6206b338fb8bc6410f7005f

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 1758
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6de"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css

193.108.118.121

200 OK

10 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
10 kB (10214 bytes)
Hash
0b9dd427f672286e6afbe41793e5efbc
19b5221de0b657c39420189b17af7fa2fda8d4c5
b5fa54c80bbadde42e85a5e8d6fd55ea324109c5e585feca9258870a47e71ffc

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-10b2b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg

193.108.118.121

200 OK

1.4 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x2a0818fe", progressive, precision 8, 60x60, components 3\012- data
Size
1.4 kB (1373 bytes)
Hash
a08c2c5266f9701e422f042b4a3809c5
9884cf987f84b282f920634b2ab811077dfef7a3
054df6bf8ee2bcb904269745cd2c0830918d9e1a6ff1f965673af5f2946a3c37

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 1373
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-55d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg

193.108.118.121

200 OK

1.6 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe0e89376", progressive, precision 8, 60x60, components 3\012- data
Size
1.6 kB (1563 bytes)
Hash
bfa11442f9457a03384ecf8128a586a2
a30e6f6a18be085197605b6463f840cb249d0510
941411042624c554a5828ee596c1e3ade4a787ae2fad6e5b6d585ab6a6e1e3c6

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 1563
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-61b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png

193.108.118.121

200 OK

1.0 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
1.0 kB (1046 bytes)
Hash
96f46fad8cda5895b895f6ec3f95cda4
3bd79ef305bfa4b7c1a3f328828c63f89a818878
8e48576faf920cae224c669d61831d0ad5fc23f6220e83955275a3115bb568fc

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/png
content-length: 1046
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-416"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg

193.108.118.121

200 OK

887 B

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
887 B (887 bytes)
Hash
7754ce192cf45ea10de0706da442d2ff
b5b7d0fcf5e84b04b34629d5a5a9c0bb69ca5238
0bfd7fc5264b6cede1f78a26a96cee917f96989822aa2aa20ac854e13ad46b2b

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 887
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-377"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg

193.108.118.121

200 OK

841 B

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
841 B (841 bytes)
Hash
9cf522c306866742c2806e0c14c8bca7
7a3ff28af2c6f7cfd036ec4fc162651eaf634f7e
fa09bef7875241c06a9e2505bc698a189d3b3ce012af29c65817fd476627ec87

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 841
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-349"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg

193.108.118.121

200 OK

2.6 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe705e0c1", progressive, precision 8, 60x60, components 3\012- data
Size
2.6 kB (2553 bytes)
Hash
950ff8ae916df997fea302859ca2ccb4
42232e28878f65aaf4120d9435784ad46c2be71c
c0b01da5a48a7ddd619a2dee26bec77300b68bb1b028716320719f9c1a5f769e

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 2553
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-9f9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg

193.108.118.121

200 OK

4.6 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 150x84, components 3\012- data
Size
4.6 kB (4644 bytes)
Hash
0fa4a903a2adc9da58b52661ebc8d38c
061c6359c2951da7509f6ae4039c2f0bc1ce6b62
79d6da7e0398c3f607c4bbc93562cf6ab96bb800cdab4ef6df82718cf0a0d3e5

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 4644
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1224"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg

193.108.118.121

200 OK

4.4 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x550d5e4d", progressive, precision 8, 150x84, components 3\012- data
Size
4.4 kB (4397 bytes)
Hash
58477c52a9d639b91b16f022d4676bcf
51a85ef703617e996c50cd76b38f2507517a9f25
a0653cc819b252702f55439d6f8763d212fca2f9f604d67224a2a9891e8eadbe

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 4397
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-112d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg

193.108.118.121

200 OK

7.0 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x7ab4f024", progressive, precision 8, 233x131, components 3\012- data
Size
7.0 kB (6972 bytes)
Hash
2a4d527ed65de8e2e0a69dc9d50442d2
8ec4547a38c9e3d37469acfe21ea755531776f09
275876bbb5190da100ae4f9aca976ec15cea0de20d42e167f522a0a50ba8ca02

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 6972
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1b3c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg

193.108.118.121

200 OK

4.3 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x852b408e", progressive, precision 8, 150x84, components 3\012- data
Size
4.3 kB (4315 bytes)
Hash
365e215442256548316a73bc7c79edf1
13078402132cb89939a39edf11181fb88ebe390f
f8c35c02ff055694af23c83b1e3019a8c29965ab57ed7db8173a23a38494ff58

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 4315
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-10db"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg

193.108.118.121

200 OK

4.0 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x541b39db", progressive, precision 8, 150x84, components 3\012- data
Size
4.0 kB (4035 bytes)
Hash
416ec3af020687541765d48acb81fc08
48b80345ffb951535d4d6ca811d19bd9dd726998
75c30d77f900b2f4c91f502f45f00606b57a47bb84e6b700fb18482389d88f3c

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 4035
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-fc3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg

193.108.118.121

200 OK

8.6 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 233x131, components 3\012- data
Size
8.6 kB (8615 bytes)
Hash
55778c73ba99a9477464e5c90cdd7e02
bc49e8058f1dafe10e817441de952ba6aa3b7b58
c362fc3a2aafd1b0d8069fb1fae83b5f0abb06443d3e00b21b37be13aeb75bfa

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 8615
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-21a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg

193.108.118.121

200 OK

5.1 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x852b408e", progressive, precision 8, 150x84, components 3\012- data
Size
5.1 kB (5080 bytes)
Hash
72e270f7041c2fe2f326d11e162fb249
3f918a2023f10a01a2ed74713d292df415d14e05
b17ce663fab4421f728ea0dd218d2a8a6a10a4314759fdf139b9388fa26e37f6

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 5080
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-13d8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg

193.108.118.121

200 OK

4.4 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6359dcbc", progressive, precision 8, 150x84, components 3\012- data
Size
4.4 kB (4417 bytes)
Hash
447470b34b66b570c8fc0dbc11c06609
863180b376242e256189888eb99282e597d894c9
dd57f5a80517b8109279b57d702278f31a9878295045c6766931a0453244d749

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 4417
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1141"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg

193.108.118.121

200 OK

7.9 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 233x131, components 3\012- data
Size
7.9 kB (7904 bytes)
Hash
5df975e7a8c0b2610069610c54c5ce6c
ab6390fbb7be1be9a0f4477b4439e34d5175b6fc
bbfb6830dabc55fd598cc0948049f2367d17c80f286e0821e660ba7f5a6b360c

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 7904
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1ee0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg

193.108.118.121

200 OK

3.8 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x8c97c7da", progressive, precision 8, 150x84, components 3\012- data
Size
3.8 kB (3835 bytes)
Hash
6ed4eca1ed776930746531005fcf22aa
11e8643932e35a8ef65be8ef585afee241c8eddc
28849006b773d85fb8fb2295a86bcee5d2cdabb9a23d854ffebbd8dfd203588c

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 3835
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-efb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg

193.108.118.121

200 OK

4.7 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x550d5e4d", progressive, precision 8, 150x84, components 3\012- data
Size
4.7 kB (4664 bytes)
Hash
12f0c14e5943fd57577ce11155107bdb
a484cb296770fe6cb55d25cba19f831cf1aaf7d1
9eb468f7688a901a3626fdde8d0b07dc490a830718c2938d32f70f0ec122a344

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 4664
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1238"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg

193.108.118.121

200 OK

6.8 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1f7d625b", progressive, precision 8, 233x131, components 3\012- data
Size
6.8 kB (6827 bytes)
Hash
2ad4260dc1204ad8f3c0c29bd919830a
fd2ddfca32f55ba5d180af812a787e61ce136480
acc8f76a570c0833d34835f5694409e082b4af09783366596c2e151e0b0ed128

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 6827
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1aab"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif

193.108.118.121

200 OK

1.9 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
GIF image data, version 89a, 88 x 31\012- data
Size
1.9 kB (1882 bytes)
Hash
2bcf55138cde4a65770426a67ea247fc
13d8c808a4276dc88937817d7df7720182c093f6
348fd1e58aec8d99001aca1dd12b72eafef534c2d11725b2280a173d03b5fa6b

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/gif
content-length: 1882
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-75a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/sw.js

193.108.118.121

200 OK

4.2 kB

URL HTTP/2
2.news-civuse.com/sw.js
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (4168)
Size
4.2 kB (4199 bytes)
Hash
569090f90a522f4c62af3b9e40635957
4e6f57da49920f30777f3fe71f83f6183aeb4f3f
ee8c6af307c8d085753adb810c69c8379d1e8d01211b491409c43e9edc9f6fb5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sw.js HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: application/javascript
content-length: 4199
last-modified: Thu, 01 Dec 2022 08:31:02 GMT
etag: "63886646-1067"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/index.php_files/pu.swf

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
2.news-civuse.com/lands/38/index.php_files/pu.swf
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1953 bytes)
Hash
6d40122b8a5b7fd31b5aef2749f519fd
518d585dd26c947344ddea5403324850d1b2f7cd
1da7814acd0d6913438bf701d8a2d2cf29814174b5eff0e6ff129ee74f68a7cf

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/index.php_files/pu.swf HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: application/x-shockwave-flash
content-length: 1953
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:04 GMT
cache-control: max-age=13259
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842184.dop201.sk1.t,1675842184.cds232.sk1.hn,1675842184.cds212.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:04 GMT
cache-control: max-age=20258
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842184.dop201.sk1.t,1675842184.cds232.sk1.hn,1675842184.cds251.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:04 GMT
cache-control: max-age=1576
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842184.dop201.sk1.t,1675842184.cds232.sk1.hn,1675842184.cds205.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:04 GMT
cache-control: max-age=5483
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842184.dop201.sk1.t,1675842184.cds232.sk1.hn,1675842184.cds003.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:04 GMT
cache-control: max-age=12682
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842184.dop201.sk1.t,1675842184.cds232.sk1.hn,1675842184.cds001.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:04 GMT
cache-control: max-age=17420
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842184.dop201.sk1.t,1675842184.cds232.sk1.hn,1675842184.cds247.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:04 GMT
cache-control: max-age=23823
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842184.dop201.sk1.t,1675842184.cds232.sk1.hn,1675842184.cds219.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1979 bytes)
Hash
613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250 HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1979 bytes)
Hash
613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250 HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1995 bytes)
Hash
1b6ee6a5fdcf3c781a0b768964797646
f0bf83f6368d7c31471ad258ce8cfb4848109192
511ad4ad0f3db18490c9b7876d44c887f60d78dd8d06a585367c0ab4ddbbe92f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250 HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/fon2.jpg

193.108.118.121

200 OK

234 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/fon2.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2014 (Windows), datetime=2016:06:21 11:55:20], baseline, precision 8, 990x513, components 3\012- data
Size
234 kB (234218 bytes)
Hash
60f67e63f85561c6f95fd573252d2311
6fc6d41b27131074786778522b86077f477dbd51
0e80e9257f1dd0149894bf37342cb082ef2410263de490e851111fa9531e15c6

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/fon2.jpg HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 234218
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-392ea"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css

193.108.118.121

200 OK

8.2 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
8.2 kB (8220 bytes)
Hash
09a3857817c56da56ca915546555bb33
4eef039030de077e7e63d2894f7d0951b1e137c8
44b605c2a3dcc7994d49fb945c6731ed8f03fc7154ab70f7c805c5b6e810e07f

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-8353"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1995 bytes)
Hash
787dca6a9c809e6dcc3d3018f3f639bb
cf5838982dcd16a1cca3e810716270434413ea80
6fe734b116afdc3782aef601ddee34dfa45e93c69ff372143f3ae187c47627d3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250 HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1995 bytes)
Hash
787dca6a9c809e6dcc3d3018f3f639bb
cf5838982dcd16a1cca3e810716270434413ea80
6fe734b116afdc3782aef601ddee34dfa45e93c69ff372143f3ae187c47627d3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250 HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2

browser.sentry-cdn.com/7.19.0/bundle.es5.min.js

151.101.66.217

200 OK

20 kB

URL HTTP/2
browser.sentry-cdn.com/7.19.0/bundle.es5.min.js
IP
151.101.66.217:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (62031)
Size
20 kB (20174 bytes)
Hash
1c6083f7ae34ed2fa3236569eec9ff56
0c1be1b5468042e65e02c8b886c50d26427c9ce7
2b1d69121eb9dc0629126ff02cf7acef2f1924b32b0bb654792ecd9101e10c44

HTTP Headers

GET /7.19.0/bundle.es5.min.js HTTP/1.1
Host: browser.sentry-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Sat, 11 Nov 2023 17:34:32 GMT
last-modified: Thu, 10 Nov 2022 15:50:35 GMT
etag: "1c6083f7ae34ed2fa3236569eec9ff56"
content-type: application/javascript; charset=utf-8
content-encoding: gzip
accept-ranges: bytes
date: Wed, 08 Feb 2023 07:43:04 GMT
age: 7654111
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 20174
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/favicon.png

193.108.118.121

200 OK

1.2 kB

URL HTTP/2
2.news-civuse.com/lands/38/favicon.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
1.2 kB (1233 bytes)
Hash
e7ffe9c659d8c729e12e20dfe05509be
2c413e09ebd14dd3020209fe9c9183e0335fc250
880c000a3ca23bb89262d9c2ccf9d48bab37dcec09f3b3bf55c8385f58745f50

HTTP Headers

GET /lands/38/favicon.png HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/png
content-length: 1233
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-4d1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/lp.js

193.108.118.121

200 OK

1.4 kB

URL HTTP/2
3.news-civuse.com/lands/38/lp.js
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
Unicode text, UTF-8 text
Size
1.4 kB (1418 bytes)
Hash
8441b469fa0c093bd106a66a4068d944
c3698e755cd1ef7b5d29e233ef615219559a96f3
befe8e9f55c6e3fe10fd398534acb713129764b05d852089ac34bfa535a53902

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/lp.js HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: application/javascript
content-length: 1418
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-58a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/revopush.js?v=4

193.108.118.121

200 OK

10 kB

URL HTTP/2
3.news-civuse.com/revopush.js?v=4
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (9954), with no line terminators
Size
10 kB (9954 bytes)
Hash
fc284a0e5d580856ae4863715ad6733e
eb69f303c80ff8e44abc9601b8616c0cf92faafa
2240a1d10744494668058ba210d0d87203609def9fd69d2ac82092ebc79583c0

HTTP Headers

GET /revopush.js?v=4 HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: application/javascript
content-length: 9954
last-modified: Thu, 15 Dec 2022 09:31:10 GMT
etag: "639ae95e-26e2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css

193.108.118.121

200 OK

4.0 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (4028), with no line terminators
Size
4.0 kB (4028 bytes)
Hash
64f6d7d923f18e5d25a4506b45fcd51d
0e636e489bba7af08cb17f8a72c5dc5685774057
18818b4b5458636324d294a8dee67dbde4808ae542e6cefa18ca6d90c1fc4479

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: text/css
content-length: 4028
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: "61deb724-fbc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38

193.108.118.121

200 OK

36 kB

URL HTTP/2
2.news-civuse.com/traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
36 kB (35959 bytes)
Hash
792eec61ff2516f9e786d63e1086ac07
92aa320e035635fc6842dff713aee3dbde67655c
0c01c10aa97cf140dec14a12cf6892d696a781ea8034142ddb506ee7b576a31b

HTTP Headers

GET /traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38 HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Connection: keep-alive
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css

193.108.118.121

200 OK

6.0 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (5955), with no line terminators
Size
6.0 kB (5955 bytes)
Hash
0fe9d8c60b2c31a97fa966d14be642ef
eb4f94b637c54906ae38eb350b6310d552c75e6d
191ae0d72198f51609589e26c7d837d2978382861f60b360148e0af13c8583e1

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: text/css
content-length: 5955
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1743"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css

193.108.118.121

200 OK

8.3 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (8327), with no line terminators
Size
8.3 kB (8327 bytes)
Hash
8cd6ca47d55ffed774fde852523940e0
49e1e837355b3de08055c650488d0a3382bff9c0
17528d5914a702bb12ac6b36c8e3bbbfbcd3d52b54dd613acbacf8f4bb17ae33

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: text/css
content-length: 8327
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: "61deb724-2087"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css

193.108.118.121

200 OK

1.4 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (1391), with no line terminators
Size
1.4 kB (1391 bytes)
Hash
677a255a4a9dc3411b8013e8afb09c42
ec9f1a722b028da2eceb06cdc8c26fc6490a4e70
cc4494353809adb8bdfbbdea2ad72a1a0fc9c84816dc23c7ee1f9466e620eb5e

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: text/css
content-length: 1391
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-56f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/18.png

193.108.118.121

200 OK

12 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/18.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (12136 bytes)
Hash
833a12d372440b20017502d3c72e0b20
5fb9301142e3c53f65cd16502b35d7d1d5f82b98
1531ac56322b89715a35b1cdb5ca1f79f453614f368455b2cc8ef650a992f8cd

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/18.png HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/png
content-length: 12136
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2f68"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png

193.108.118.121

200 OK

22 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 150 x 40, 8-bit/color RGBA, non-interlaced\012- data
Size
22 kB (21724 bytes)
Hash
19b197d779dd9ee78737a456dbd5c1a6
a3f0b1d0659e5a76bdfaa52bb8f68096d1ab1359
806a8a4abe09c02f4e4b3ed4d6514bfcf1a93a941e838aadf56afaef858d8e37

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/png
content-length: 21724
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-54dc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/104.jpg

193.108.118.121

200 OK

28 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/104.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2014 (Windows), datetime=2016:03:16 09:26:15], baseline, precision 8, 118x88, components 3\012- data
Size
28 kB (27900 bytes)
Hash
c1a5819d50b9125f0c46ded86fd5b4b6
3926c15be79cb7522cefdbf5066d39623e36a283
374f0cede3c1f91ad174b97554017b74cbd29424d7467d039beab541f6deb873

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/104.jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 27900
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6cfc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg

193.108.118.121

200 OK

17 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 118x88, components 3\012- data
Size
17 kB (17350 bytes)
Hash
215029a9775d1e9a56c93912ab03f4c6
6a3dbd676e2ea61850d2a20086b9ec84127da0ae
e071c52839ef37679439165349ffdd98cf19aa7e35d0293a1bec69743db70b16

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 17350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-43c6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg

12 kB

URL
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg
IP
:0
ASN
#0

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 118x88, components 3\012- data
Size
12 kB (12525 bytes)
Hash
ea52ae32ae4319fb03da1672b0c20ed3
4efd8189179b260a4b51fd4b28d729b6143ef00a
43a4ca83560d5720ffeccf17478d6a1741f86639f35744fb61fcb139dc3020a6

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg

193.108.118.121

200 OK

11 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Size
11 kB (11238 bytes)
Hash
2f03fbd61721fdf46883333595050c77
8361f15c906a9457340fc21febd22b5ede56ac61
9f6c76cf695bc0785f4e4f8bb3abe93255af3ea1597307d567dc0fc93fa70560

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 11238
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2be6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg

193.108.118.121

200 OK

14 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Size
14 kB (13505 bytes)
Hash
9903db279cf9714141daac34523f39b6
ac412f9ce9b8c50155e9adb9f5095d82519ccd24
f562892c60fef407c954fd73d6908003c42f832c4ae86f8264438a576ce2c1cd

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 13505
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-34c1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg

193.108.118.121

200 OK

13 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 118x88, components 3\012- data
Size
13 kB (13106 bytes)
Hash
99a404d25bcdd47a141dafdbe046d0cf
04de642c5cbc865c29ab3599c1c4fa19f2a6ba8e
fbe779bcef340ba0b148f84b50a8323a2bbb493674e130bf877d87c6d163ed36

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 13106
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-3332"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg

193.108.118.121

200 OK

16 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Size
16 kB (15481 bytes)
Hash
5a34545daf4bc481bcbc3573062aa426
132d09d36ede8f32c3168ecaaa631e5959ce38ef
c044a81b14812c50f3142ad20d0ca862923daba2483eb164b0348ba98d3b7855

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 15481
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-3c79"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg

193.108.118.121

200 OK

18 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Size
18 kB (17978 bytes)
Hash
10e8794e65f20d32932985bf814b8965
0627b8648373340d2ba949fd7fe50611d11b033b
43b9f39f94acb50efb3b6981a6c931dcf25eefcc7b7734a927036255263eee39

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 17978
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-463a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif

193.108.118.121

200 OK

2.4 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
GIF image data, version 89a, 116 x 86\012- data
Size
2.4 kB (2350 bytes)
Hash
ec706a0634f1e5e06ad775b2b2ebdcf2
5a18c424f7b84b40709a6b78b2d632639bb3ff2b
9613f59211bd2194336c666d11a0d2e1daa4dd96d543e661f5835e0a621c2f5d

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/gif
content-length: 2350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-92e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg

193.108.118.121

200 OK

9.0 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xae3bf698", progressive, precision 8, 258x145, components 3\012- data
Size
9.0 kB (9007 bytes)
Hash
58357cada0f0171d2a84540391219649
57123e69e055b4d818faedec09884135c5d4a31e
742c68ecf3dcc1096143a0a5d00f4a15a3edb13fd497ea2931e67e66826addd0

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 9007
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-232f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg

193.108.118.121

200 OK

9.6 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x70755b56", progressive, precision 8, 258x145, components 3\012- data
Size
9.6 kB (9565 bytes)
Hash
8fcd27f0bcc790f75f46d275a19a6300
556d3ca4dec168c77ae4a73c0c6e8291ef1291c0
78410be719ee73e00845d44e100e280d3989fc3d0fa4d3dcfcd888f13ded1843

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 9565
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-255d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg

193.108.118.121

200 OK

15 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x541b39db", progressive, precision 8, 258x145, components 3\012- data
Size
15 kB (14653 bytes)
Hash
bb05342bd1f87ae7624aba323af77dca
4b7c875644d0b6a424abf06cda89ad135bd53d81
828e2c12259274e1eb1c212f3498fb31503462023c4b2642da4f795209b755de

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 14653
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-393d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg

193.108.118.121

200 OK

10 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1d6d8e5e", progressive, precision 8, 258x145, components 3\012- data
Size
10 kB (10352 bytes)
Hash
1541881a313c963dc754657aefd89ef0
fb41198c81ac17da4f9a34e4b4bf21c8c7fe6001
75e1629d9fad2e22b9d9983c65874a19a3f639db43c11db713a7f972b8f72117

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 10352
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2870"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg

193.108.118.121

200 OK

9.0 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 258x145, components 3\012- data
Size
9.0 kB (9032 bytes)
Hash
6c17c634ebd856cc85bedd931ac01680
d1e1b9358749b9fd4ff851bb4cbdce54a6223ce8
c1ced3a91bde391f64c6cef03b164cd89ffd499fa5d75a3f797bc57b1fc3c191

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 9032
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2348"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg

193.108.118.121

200 OK

8.3 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x8c97c7da", progressive, precision 8, 258x145, components 3\012- data
Size
8.3 kB (8266 bytes)
Hash
bc1cdeea817d887b981f26bc84236b93
4528ed7010e2e0c774890d6041a60cbeb3c69c92
d737ffd9379d8f2734c1dc6304e4ff75f1c946de29371a1ec9ddc01f423076dd

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 8266
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-204a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg

193.108.118.121

200 OK

9.3 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x7cd1fc83", progressive, precision 8, 258x145, components 3\012- data
Size
9.3 kB (9338 bytes)
Hash
5ec2461279f77afe0c6fbb935bd0b94a
95c6e9171db79ea69ce718b02484e36816d1a1cd
ac60e5738d3cf6d32004e1ddfcf4368e256f1928ea923f9369869b8e9af665ba

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 9338
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-247a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/jquery-3.2.1.min.js

193.108.118.121

200 OK

40 kB

URL HTTP/2
3.news-civuse.com/lands/38/jquery-3.2.1.min.js
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
40 kB (40092 bytes)
Hash
a5a035d418f1c98c6dd1b5311cc8389d
67e9a9e08fa1c82fd668377d5a5d198750b8d18b
771f9b800926e9262eec139cfc221518c857ce6eebd67215e892ad29decd411f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/jquery-3.2.1.min.js HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: application/javascript
last-modified: Thu, 12 Sep 2019 09:33:06 GMT
etag: W/"5d7a10d2-15283"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:04 GMT
cache-control: max-age=13259
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842184.dop201.sk1.t,1675842184.cds232.sk1.hn,1675842184.cds212.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css

193.108.118.121

200 OK

11 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
11 kB (10722 bytes)
Hash
a0bd8fc4369589e155458ef80626040b
1bca34e4cf03de587d454580868a132b0957b873
160cca693a3e0a0a865b6c811a4a2e49983b06f3454d50bcb883e5dcc7137b48

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-1327c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:04 GMT
cache-control: max-age=1576
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842184.dop201.sk1.t,1675842184.cds232.sk1.hn,1675842184.cds205.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=

193.108.118.121

200 OK

39 kB

URL HTTP/2
2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
39 kB (38778 bytes)
Hash
0c8661a8942115404d9e13649d92dd18
45ccb507a41f9be8c71a597833da469f6e4b458c
bb03c89e87299b9ae58e93d4e2fe79cada2623178419d00443d4953af4ef2cdf

HTTP Headers

GET /lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4= HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-civuse.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
pragma: no-cache
set-cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8; expires=Wed, 08-Feb-2023 08:43:04 GMT; Max-Age=3600; path=/
content-encoding: gzip
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css

193.108.118.121

200 OK

5.3 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
5.3 kB (5283 bytes)
Hash
a5804562fb31668fa149b7b9c0620034
89494d5e286d7246d643fd1b10007e4112a2de8b
46e7b1862cfc231947c65b59a32333f08851d2469b7eca150a00833486de9410

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-6aa0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css

193.108.118.121

200 OK

18 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
18 kB (18054 bytes)
Hash
edfc900e8b3d847808c25f9f43544113
9addd7b820d2e2ad503be8a4f32b1125987f4cb2
0377d19dc05d393a33f9b0fa98b5612b5172cb1a66a673162cfd95462736ec00

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-10b2b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg

193.108.118.121

200 OK

12 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 258x145, components 3\012- data
Size
12 kB (12127 bytes)
Hash
081a01df58865529d3edcbc765c4dcb5
a7fe3ca35fe5e244926a80addda994218806f613
edebf400c8f60c306491e7b2f8a695b7dde10cf49eed66125423571a1cd60d05

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 12127
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2f5f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css

193.108.118.121

200 OK

52 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
52 kB (52127 bytes)
Hash
48955885180897751b8095ce9e03fb8a
8e18e4fab5c2514663bf1f572b1582e439d31896
cbb13362fea9ecae84dc4221391c484f63ff8483d7d3891e83eaac092a60cf60

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-2f3dd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/load.gif

193.108.118.121

200 OK

15 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/load.gif
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
GIF image data, version 89a, 64 x 64\012- data
Size
15 kB (14574 bytes)
Hash
571dfe045d66b88d2d5c82151a1bf579
8966eb7cd27754263bd2861737b695386273f423
7c7cd7a7155d3d38bb49fc82c83aa14ed24d56f6886623299b13b6a81486a871

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/load.gif HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/gif
content-length: 14574
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-38ee"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/flash.jpg

193.108.118.121

200 OK

3.8 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/flash.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Size
3.8 kB (3829 bytes)
Hash
d660b4b574161fdee86ae57edc8ed0ab
0b947dc39c7ba7415dd78683e06366ff3848b2d5
7483a49fc67a21c7a295b03880aa6c37425f3e96d60dff1ac36eff743ecf6078

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/flash.jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 3829
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-ef5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/panel.jpg

193.108.118.121

200 OK

24 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/panel.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2016:05:13 17:11:55], baseline, precision 8, 990x36, components 3\012- data
Size
24 kB (23598 bytes)
Hash
ab6b76c0cc6683324bd7fe5923b24d17
559b8b1e50f80b7a218e25ce443e523401882577
a923ea85ee73e53db73038b2ea8712e7e40b067cde25b05ffa999608b17a304d

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/panel.jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: image/jpeg
content-length: 23598
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-5c2e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg

193.108.118.121

200 OK

887 B

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
887 B (887 bytes)
Hash
7754ce192cf45ea10de0706da442d2ff
b5b7d0fcf5e84b04b34629d5a5a9c0bb69ca5238
0bfd7fc5264b6cede1f78a26a96cee917f96989822aa2aa20ac854e13ad46b2b

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 887
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-377"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:04 GMT
cache-control: max-age=17420
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842184.dop201.sk1.t,1675842184.cds232.sk1.hn,1675842184.cds247.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css

193.108.118.121

200 OK

32 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
32 kB (32188 bytes)
Hash
e775e9d6fb489e8292ab592b55bb8e57
4a968dae9ef6c025b655ce8fa9c2f51a5058098c
435e00d163ce0c23d1ca047cc9854375d3775339d28345b366d49b1905b178f5

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-2f3dd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg

193.108.118.121

200 OK

1.9 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.9 kB (1889 bytes)
Hash
ddf58dd1f8745a81264b21bcf1f9cc77
73a35df521dc648af06e2e490cac929bc681a06c
a2315bfaefeae19a449f38fe4131531c7603f5c7e75e956c240074da66123134

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 1889
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-761"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css

193.108.118.121

200 OK

6.7 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
6.7 kB (6668 bytes)
Hash
aae89e95d4f9d9a49823ec325f2ffd43
cd6cf756a4368a2cc7ad9c38916629314c1e8acb
c2ae5810d291a891a368c72b104125df425f942f9e1c05eb7c80309d8311df31

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-6aa0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg

193.108.118.121

200 OK

2.6 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe705e0c1", progressive, precision 8, 60x60, components 3\012- data
Size
2.6 kB (2646 bytes)
Hash
677577d8c6ffb0107ee5c9fbabaa4af7
0bfcbbafee19eeeae113103080c41cd95b4083e5
3a215afa0d15ae2985cfb88e51e90b727f0ba03fe10f8e0b0980ef55af91bdb0

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 2646
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-a56"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg

193.108.118.121

200 OK

1.2 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.2 kB (1191 bytes)
Hash
1226a24c469c0fba3970548aab13650f
a6d371e4acc2a9181d1d6bf13b5d51f82c49a943
6a1513dacd3fcffe47245068fe9fa6a49cdc9c352b8d9cbf8f72005c4cf5cafc

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 1191
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-4a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg

193.108.118.121

200 OK

1.7 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.7 kB (1729 bytes)
Hash
3db490cc8f824e29d6fb07ba75a97a20
84c2c26447f7b49c76999f31c0ed526bde13c6c4
5c13ca439c63d5f3e5d638ba055f399058117d3b554ae3fb751d4a39043a14fd

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 1729
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6c1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg

193.108.118.121

200 OK

1.4 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xb7d2e3cb", progressive, precision 8, 60x60, components 3\012- data
Size
1.4 kB (1441 bytes)
Hash
47e765dc1abef2d79edafb5fce1c64b5
93d3e7f1e11dd2d98ca3ffb3b49a0211ed76f273
185540f06acc82b2dc4bdfa6d2deb4ce7454bb1e28783acdde67f8a9a90597b1

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 1441
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-5a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js

193.108.118.121

200 OK

17 kB

URL HTTP/2
2.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
17 kB (16986 bytes)
Hash
a12e8ee1fa1ef71acc11895f06c89f01
e1a2d57787e5ece3580084bde73b74cacb9797f6
459879a1857cb425aa3adf9a0adc8862f2adbf06d8c0e064983aa281a59490bc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js HTTP/1.1
Host: 2.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: application/javascript
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: W/"5d7a0ef0-f889"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg

193.108.118.121

200 OK

1.9 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.9 kB (1902 bytes)
Hash
16b2fab44ddad0b620d0eaec2fc1e425
24fa279de6ceb2c0434ff4e750639e15eb22ed29
58076ed17c6377d23375ec949c6cb2eade75010dcf82ba0e64dbdcbd67583912

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 1902
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-76e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg

193.108.118.121

200 OK

1.1 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x0bb5b909", progressive, precision 8, 60x60, components 3\012- data
Size
1.1 kB (1085 bytes)
Hash
01ed303509acb0c822fa3c55976d4b96
7ed250f181498962ebafd21f1bde4ca15e6953c6
fba198ced4795895d1f6d0bc2247d315eb8cc6dda60ad119c99846d68d0ce445

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 1085
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-43d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg

193.108.118.121

200 OK

2.4 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xd191bb02", progressive, precision 8, 60x60, components 3\012- data
Size
2.4 kB (2350 bytes)
Hash
ec2823c426475d6766008dabf85a4bc2
f0681ce27ba96a1b4f6547a42495ebb5b0ca514a
2316f8554d54e907f9992475ced3bf03fc95412e98b2bc29aa6e5407260bcddd

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 2350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-92e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css

193.108.118.121

200 OK

13 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
13 kB (12692 bytes)
Hash
71a09fd423d03523e836dfdce6adc335
aeb3b1ce25e3b8f27edfee2d9e88875c472b48a2
8505ec15da9ba12c3ca91ba9ce4be41af7dec5379eee4f7d76fabdc958fe9519

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-1327c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css

193.108.118.121

200 OK

6.1 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
6.1 kB (6134 bytes)
Hash
d80f2f7a42e56657afe80e64778b4c50
5c90f44f03094501e4c82097b6f7738f9f16c786
32dd8bb782d745fa221bad514ecd115017b2f26fe100ccc9aaa710751420260c

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-3957"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg

193.108.118.121

200 OK

1.8 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.8 kB (1758 bytes)
Hash
52eba434e5411806cd92add275d164ea
0cc9df3c52de111a307dc3d8d22254cf51b0c77f
a4c2a01f64274d0ede23e233e2be19225c68e5e5a6206b338fb8bc6410f7005f

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 1758
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6de"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png

193.108.118.121

200 OK

1.0 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
1.0 kB (1045 bytes)
Hash
c840b43a0575b0a1742c50f186a67c22
d1ac0da47b4394a9dbea90eee26a260b5268c4d9
6a8ef9be89e89c23d6d96c50e2fa62bd25473e9cc7a79e2cd1ef64e2647cb38a

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/png
content-length: 1045
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-415"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg

193.108.118.121

200 OK

1.4 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x2a0818fe", progressive, precision 8, 60x60, components 3\012- data
Size
1.4 kB (1373 bytes)
Hash
a08c2c5266f9701e422f042b4a3809c5
9884cf987f84b282f920634b2ab811077dfef7a3
054df6bf8ee2bcb904269745cd2c0830918d9e1a6ff1f965673af5f2946a3c37

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 1373
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-55d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg

193.108.118.121

200 OK

1.6 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe0e89376", progressive, precision 8, 60x60, components 3\012- data
Size
1.6 kB (1563 bytes)
Hash
bfa11442f9457a03384ecf8128a586a2
a30e6f6a18be085197605b6463f840cb249d0510
941411042624c554a5828ee596c1e3ade4a787ae2fad6e5b6d585ab6a6e1e3c6

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 1563
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-61b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png

193.108.118.121

200 OK

1.0 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
1.0 kB (1046 bytes)
Hash
96f46fad8cda5895b895f6ec3f95cda4
3bd79ef305bfa4b7c1a3f328828c63f89a818878
8e48576faf920cae224c669d61831d0ad5fc23f6220e83955275a3115bb568fc

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/png
content-length: 1046
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-416"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg

193.108.118.121

200 OK

887 B

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
887 B (887 bytes)
Hash
7754ce192cf45ea10de0706da442d2ff
b5b7d0fcf5e84b04b34629d5a5a9c0bb69ca5238
0bfd7fc5264b6cede1f78a26a96cee917f96989822aa2aa20ac854e13ad46b2b

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 887
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-377"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg

193.108.118.121

200 OK

841 B

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
841 B (841 bytes)
Hash
9cf522c306866742c2806e0c14c8bca7
7a3ff28af2c6f7cfd036ec4fc162651eaf634f7e
fa09bef7875241c06a9e2505bc698a189d3b3ce012af29c65817fd476627ec87

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 841
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-349"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg

193.108.118.121

200 OK

2.6 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe705e0c1", progressive, precision 8, 60x60, components 3\012- data
Size
2.6 kB (2553 bytes)
Hash
950ff8ae916df997fea302859ca2ccb4
42232e28878f65aaf4120d9435784ad46c2be71c
c0b01da5a48a7ddd619a2dee26bec77300b68bb1b028716320719f9c1a5f769e

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 2553
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-9f9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg

193.108.118.121

200 OK

4.6 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 150x84, components 3\012- data
Size
4.6 kB (4644 bytes)
Hash
0fa4a903a2adc9da58b52661ebc8d38c
061c6359c2951da7509f6ae4039c2f0bc1ce6b62
79d6da7e0398c3f607c4bbc93562cf6ab96bb800cdab4ef6df82718cf0a0d3e5

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 4644
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1224"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg

193.108.118.121

200 OK

4.4 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x550d5e4d", progressive, precision 8, 150x84, components 3\012- data
Size
4.4 kB (4397 bytes)
Hash
58477c52a9d639b91b16f022d4676bcf
51a85ef703617e996c50cd76b38f2507517a9f25
a0653cc819b252702f55439d6f8763d212fca2f9f604d67224a2a9891e8eadbe

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 4397
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-112d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg

193.108.118.121

200 OK

7.0 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x7ab4f024", progressive, precision 8, 233x131, components 3\012- data
Size
7.0 kB (6972 bytes)
Hash
2a4d527ed65de8e2e0a69dc9d50442d2
8ec4547a38c9e3d37469acfe21ea755531776f09
275876bbb5190da100ae4f9aca976ec15cea0de20d42e167f522a0a50ba8ca02

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 6972
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1b3c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg

193.108.118.121

200 OK

4.3 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x852b408e", progressive, precision 8, 150x84, components 3\012- data
Size
4.3 kB (4315 bytes)
Hash
365e215442256548316a73bc7c79edf1
13078402132cb89939a39edf11181fb88ebe390f
f8c35c02ff055694af23c83b1e3019a8c29965ab57ed7db8173a23a38494ff58

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 4315
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-10db"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg

193.108.118.121

200 OK

4.0 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x541b39db", progressive, precision 8, 150x84, components 3\012- data
Size
4.0 kB (4035 bytes)
Hash
416ec3af020687541765d48acb81fc08
48b80345ffb951535d4d6ca811d19bd9dd726998
75c30d77f900b2f4c91f502f45f00606b57a47bb84e6b700fb18482389d88f3c

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 4035
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-fc3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg

193.108.118.121

200 OK

8.6 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 233x131, components 3\012- data
Size
8.6 kB (8615 bytes)
Hash
55778c73ba99a9477464e5c90cdd7e02
bc49e8058f1dafe10e817441de952ba6aa3b7b58
c362fc3a2aafd1b0d8069fb1fae83b5f0abb06443d3e00b21b37be13aeb75bfa

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 8615
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-21a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg

193.108.118.121

200 OK

5.1 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x852b408e", progressive, precision 8, 150x84, components 3\012- data
Size
5.1 kB (5080 bytes)
Hash
72e270f7041c2fe2f326d11e162fb249
3f918a2023f10a01a2ed74713d292df415d14e05
b17ce663fab4421f728ea0dd218d2a8a6a10a4314759fdf139b9388fa26e37f6

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 5080
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-13d8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg

193.108.118.121

200 OK

4.4 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6359dcbc", progressive, precision 8, 150x84, components 3\012- data
Size
4.4 kB (4417 bytes)
Hash
447470b34b66b570c8fc0dbc11c06609
863180b376242e256189888eb99282e597d894c9
dd57f5a80517b8109279b57d702278f31a9878295045c6766931a0453244d749

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 4417
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1141"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg

193.108.118.121

200 OK

7.9 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 233x131, components 3\012- data
Size
7.9 kB (7904 bytes)
Hash
5df975e7a8c0b2610069610c54c5ce6c
ab6390fbb7be1be9a0f4477b4439e34d5175b6fc
bbfb6830dabc55fd598cc0948049f2367d17c80f286e0821e660ba7f5a6b360c

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 7904
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1ee0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg

193.108.118.121

200 OK

3.8 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x8c97c7da", progressive, precision 8, 150x84, components 3\012- data
Size
3.8 kB (3835 bytes)
Hash
6ed4eca1ed776930746531005fcf22aa
11e8643932e35a8ef65be8ef585afee241c8eddc
28849006b773d85fb8fb2295a86bcee5d2cdabb9a23d854ffebbd8dfd203588c

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 3835
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-efb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg

193.108.118.121

200 OK

4.7 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x550d5e4d", progressive, precision 8, 150x84, components 3\012- data
Size
4.7 kB (4664 bytes)
Hash
12f0c14e5943fd57577ce11155107bdb
a484cb296770fe6cb55d25cba19f831cf1aaf7d1
9eb468f7688a901a3626fdde8d0b07dc490a830718c2938d32f70f0ec122a344

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 4664
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1238"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg

193.108.118.121

200 OK

6.8 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1f7d625b", progressive, precision 8, 233x131, components 3\012- data
Size
6.8 kB (6827 bytes)
Hash
2ad4260dc1204ad8f3c0c29bd919830a
fd2ddfca32f55ba5d180af812a787e61ce136480
acc8f76a570c0833d34835f5694409e082b4af09783366596c2e151e0b0ed128

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 6827
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1aab"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif

193.108.118.121

200 OK

1.9 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
GIF image data, version 89a, 88 x 31\012- data
Size
1.9 kB (1882 bytes)
Hash
2bcf55138cde4a65770426a67ea247fc
13d8c808a4276dc88937817d7df7720182c093f6
348fd1e58aec8d99001aca1dd12b72eafef534c2d11725b2280a173d03b5fa6b

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/gif
content-length: 1882
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-75a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/sw.js

193.108.118.121

200 OK

4.2 kB

URL HTTP/2
3.news-civuse.com/sw.js
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (4168)
Size
4.2 kB (4199 bytes)
Hash
569090f90a522f4c62af3b9e40635957
4e6f57da49920f30777f3fe71f83f6183aeb4f3f
ee8c6af307c8d085753adb810c69c8379d1e8d01211b491409c43e9edc9f6fb5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sw.js HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: application/javascript
content-length: 4199
last-modified: Thu, 01 Dec 2022 08:31:02 GMT
etag: "63886646-1067"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:05 GMT
cache-control: max-age=13258
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842185.dop201.sk1.t,1675842185.cds232.sk1.hn,1675842185.cds212.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/index.php_files/pu.swf

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
3.news-civuse.com/lands/38/index.php_files/pu.swf
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1953 bytes)
Hash
6d40122b8a5b7fd31b5aef2749f519fd
518d585dd26c947344ddea5403324850d1b2f7cd
1da7814acd0d6913438bf701d8a2d2cf29814174b5eff0e6ff129ee74f68a7cf

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/index.php_files/pu.swf HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: application/x-shockwave-flash
content-length: 1953
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:05 GMT
cache-control: max-age=20257
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842185.dop201.sk1.t,1675842185.cds232.sk1.hn,1675842185.cds251.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:05 GMT
cache-control: max-age=1575
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842185.dop201.sk1.t,1675842185.cds232.sk1.hn,1675842185.cds205.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:05 GMT
cache-control: max-age=5482
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842185.dop201.sk1.t,1675842185.cds232.sk1.hn,1675842185.cds003.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:05 GMT
cache-control: max-age=12681
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842185.dop201.sk1.t,1675842185.cds232.sk1.hn,1675842185.cds001.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:05 GMT
cache-control: max-age=17419
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842185.dop201.sk1.t,1675842185.cds232.sk1.hn,1675842185.cds247.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:05 GMT
cache-control: max-age=23822
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842185.dop201.sk1.t,1675842185.cds232.sk1.hn,1675842185.cds219.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1979 bytes)
Hash
613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250 HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1979 bytes)
Hash
613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250 HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1995 bytes)
Hash
1b6ee6a5fdcf3c781a0b768964797646
f0bf83f6368d7c31471ad258ce8cfb4848109192
511ad4ad0f3db18490c9b7876d44c887f60d78dd8d06a585367c0ab4ddbbe92f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250 HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/fon2.jpg

193.108.118.121

200 OK

234 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/fon2.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2014 (Windows), datetime=2016:06:21 11:55:20], baseline, precision 8, 990x513, components 3\012- data
Size
234 kB (234218 bytes)
Hash
60f67e63f85561c6f95fd573252d2311
6fc6d41b27131074786778522b86077f477dbd51
0e80e9257f1dd0149894bf37342cb082ef2410263de490e851111fa9531e15c6

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/fon2.jpg HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 234218
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-392ea"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1979 bytes)
Hash
613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250 HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1995 bytes)
Hash
787dca6a9c809e6dcc3d3018f3f639bb
cf5838982dcd16a1cca3e810716270434413ea80
6fe734b116afdc3782aef601ddee34dfa45e93c69ff372143f3ae187c47627d3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250 HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1995 bytes)
Hash
787dca6a9c809e6dcc3d3018f3f639bb
cf5838982dcd16a1cca3e810716270434413ea80
6fe734b116afdc3782aef601ddee34dfa45e93c69ff372143f3ae187c47627d3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250 HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2

browser.sentry-cdn.com/7.19.0/bundle.es5.min.js

151.101.66.217

200 OK

20 kB

URL HTTP/2
browser.sentry-cdn.com/7.19.0/bundle.es5.min.js
IP
151.101.66.217:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (62031)
Size
20 kB (20174 bytes)
Hash
1c6083f7ae34ed2fa3236569eec9ff56
0c1be1b5468042e65e02c8b886c50d26427c9ce7
2b1d69121eb9dc0629126ff02cf7acef2f1924b32b0bb654792ecd9101e10c44

HTTP Headers

GET /7.19.0/bundle.es5.min.js HTTP/1.1
Host: browser.sentry-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Sat, 11 Nov 2023 17:34:32 GMT
last-modified: Thu, 10 Nov 2022 15:50:35 GMT
etag: "1c6083f7ae34ed2fa3236569eec9ff56"
content-type: application/javascript; charset=utf-8
content-encoding: gzip
accept-ranges: bytes
date: Wed, 08 Feb 2023 07:43:05 GMT
age: 7654112
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 20174
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/favicon.png

193.108.118.121

200 OK

1.2 kB

URL HTTP/2
3.news-civuse.com/lands/38/favicon.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
1.2 kB (1233 bytes)
Hash
e7ffe9c659d8c729e12e20dfe05509be
2c413e09ebd14dd3020209fe9c9183e0335fc250
880c000a3ca23bb89262d9c2ccf9d48bab37dcec09f3b3bf55c8385f58745f50

HTTP Headers

GET /lands/38/favicon.png HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/png
content-length: 1233
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-4d1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css

193.108.118.121

200 OK

7.7 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
7.7 kB (7659 bytes)
Hash
b1582ad9a83a227028dade6f5b3512ae
b348cb790f6c4ac837b8553dffd63a275401a07f
48d4cc8779a804c02fdf060b477a0871d9202146ac37334254d07b4c527c23b4

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-8353"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

4.news-civuse.com/revopush.js?v=4

193.108.118.121

200 OK

10 kB

URL HTTP/2
4.news-civuse.com/revopush.js?v=4
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (9954), with no line terminators
Size
10 kB (9954 bytes)
Hash
fc284a0e5d580856ae4863715ad6733e
eb69f303c80ff8e44abc9601b8616c0cf92faafa
2240a1d10744494668058ba210d0d87203609def9fd69d2ac82092ebc79583c0

HTTP Headers

GET /revopush.js?v=4 HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: application/javascript
content-length: 9954
last-modified: Thu, 15 Dec 2022 09:31:10 GMT
etag: "639ae95e-26e2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css

193.108.118.121

200 OK

4.0 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (4028), with no line terminators
Size
4.0 kB (4028 bytes)
Hash
64f6d7d923f18e5d25a4506b45fcd51d
0e636e489bba7af08cb17f8a72c5dc5685774057
18818b4b5458636324d294a8dee67dbde4808ae542e6cefa18ca6d90c1fc4479

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: text/css
content-length: 4028
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: "61deb724-fbc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css

193.108.118.121

200 OK

6.0 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (5955), with no line terminators
Size
6.0 kB (5955 bytes)
Hash
0fe9d8c60b2c31a97fa966d14be642ef
eb4f94b637c54906ae38eb350b6310d552c75e6d
191ae0d72198f51609589e26c7d837d2978382861f60b360148e0af13c8583e1

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: text/css
content-length: 5955
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1743"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css

193.108.118.121

200 OK

8.3 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (8327), with no line terminators
Size
8.3 kB (8327 bytes)
Hash
8cd6ca47d55ffed774fde852523940e0
49e1e837355b3de08055c650488d0a3382bff9c0
17528d5914a702bb12ac6b36c8e3bbbfbcd3d52b54dd613acbacf8f4bb17ae33

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: text/css
content-length: 8327
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: "61deb724-2087"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css

193.108.118.121

200 OK

1.4 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (1391), with no line terminators
Size
1.4 kB (1391 bytes)
Hash
677a255a4a9dc3411b8013e8afb09c42
ec9f1a722b028da2eceb06cdc8c26fc6490a4e70
cc4494353809adb8bdfbbdea2ad72a1a0fc9c84816dc23c7ee1f9466e620eb5e

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: text/css
content-length: 1391
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-56f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/18.png

193.108.118.121

200 OK

12 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/18.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (12136 bytes)
Hash
833a12d372440b20017502d3c72e0b20
5fb9301142e3c53f65cd16502b35d7d1d5f82b98
1531ac56322b89715a35b1cdb5ca1f79f453614f368455b2cc8ef650a992f8cd

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/18.png HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/png
content-length: 12136
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2f68"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png

193.108.118.121

200 OK

22 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 150 x 40, 8-bit/color RGBA, non-interlaced\012- data
Size
22 kB (21724 bytes)
Hash
19b197d779dd9ee78737a456dbd5c1a6
a3f0b1d0659e5a76bdfaa52bb8f68096d1ab1359
806a8a4abe09c02f4e4b3ed4d6514bfcf1a93a941e838aadf56afaef858d8e37

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/png
content-length: 21724
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-54dc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/104.jpg

193.108.118.121

200 OK

28 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/104.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2014 (Windows), datetime=2016:03:16 09:26:15], baseline, precision 8, 118x88, components 3\012- data
Size
28 kB (27900 bytes)
Hash
c1a5819d50b9125f0c46ded86fd5b4b6
3926c15be79cb7522cefdbf5066d39623e36a283
374f0cede3c1f91ad174b97554017b74cbd29424d7467d039beab541f6deb873

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/104.jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 27900
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6cfc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg

193.108.118.121

200 OK

17 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 118x88, components 3\012- data
Size
17 kB (17350 bytes)
Hash
215029a9775d1e9a56c93912ab03f4c6
6a3dbd676e2ea61850d2a20086b9ec84127da0ae
e071c52839ef37679439165349ffdd98cf19aa7e35d0293a1bec69743db70b16

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 17350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-43c6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg

193.108.118.121

200 OK

12 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 118x88, components 3\012- data
Size
12 kB (12525 bytes)
Hash
ea52ae32ae4319fb03da1672b0c20ed3
4efd8189179b260a4b51fd4b28d729b6143ef00a
43a4ca83560d5720ffeccf17478d6a1741f86639f35744fb61fcb139dc3020a6

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 12525
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-30ed"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg

193.108.118.121

200 OK

11 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Size
11 kB (11238 bytes)
Hash
2f03fbd61721fdf46883333595050c77
8361f15c906a9457340fc21febd22b5ede56ac61
9f6c76cf695bc0785f4e4f8bb3abe93255af3ea1597307d567dc0fc93fa70560

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 11238
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2be6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg

193.108.118.121

200 OK

14 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Size
14 kB (13505 bytes)
Hash
9903db279cf9714141daac34523f39b6
ac412f9ce9b8c50155e9adb9f5095d82519ccd24
f562892c60fef407c954fd73d6908003c42f832c4ae86f8264438a576ce2c1cd

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 13505
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-34c1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg

193.108.118.121

200 OK

13 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 118x88, components 3\012- data
Size
13 kB (13106 bytes)
Hash
99a404d25bcdd47a141dafdbe046d0cf
04de642c5cbc865c29ab3599c1c4fa19f2a6ba8e
fbe779bcef340ba0b148f84b50a8323a2bbb493674e130bf877d87c6d163ed36

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 13106
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-3332"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg

193.108.118.121

200 OK

16 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Size
16 kB (15481 bytes)
Hash
5a34545daf4bc481bcbc3573062aa426
132d09d36ede8f32c3168ecaaa631e5959ce38ef
c044a81b14812c50f3142ad20d0ca862923daba2483eb164b0348ba98d3b7855

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 15481
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-3c79"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg

193.108.118.121

200 OK

18 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Size
18 kB (17978 bytes)
Hash
10e8794e65f20d32932985bf814b8965
0627b8648373340d2ba949fd7fe50611d11b033b
43b9f39f94acb50efb3b6981a6c931dcf25eefcc7b7734a927036255263eee39

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 17978
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-463a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:05 GMT
cache-control: max-age=13258
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842185.dop201.sk1.t,1675842185.cds232.sk1.hn,1675842185.cds212.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

3.news-civuse.com/traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38

193.108.118.121

200 OK

258 B

URL HTTP/2
3.news-civuse.com/traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
258 B (258 bytes)
Hash
81cb47fd5e709fc77e52147a8965b64b
0a012ceb0c3df44b13dfc801c79f876f79d4d0ff
d5d8d63d3ff51f9a568cbe25b785d2f30a9b8a65564ef28a91115526158f0d09

HTTP Headers

GET /traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38 HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Connection: keep-alive
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif

193.108.118.121

200 OK

2.4 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
GIF image data, version 89a, 116 x 86\012- data
Size
2.4 kB (2350 bytes)
Hash
ec706a0634f1e5e06ad775b2b2ebdcf2
5a18c424f7b84b40709a6b78b2d632639bb3ff2b
9613f59211bd2194336c666d11a0d2e1daa4dd96d543e661f5835e0a621c2f5d

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/gif
content-length: 2350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-92e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg

193.108.118.121

200 OK

9.0 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xae3bf698", progressive, precision 8, 258x145, components 3\012- data
Size
9.0 kB (9007 bytes)
Hash
58357cada0f0171d2a84540391219649
57123e69e055b4d818faedec09884135c5d4a31e
742c68ecf3dcc1096143a0a5d00f4a15a3edb13fd497ea2931e67e66826addd0

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 9007
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-232f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:05 GMT
cache-control: max-age=20257
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842185.dop201.sk1.t,1675842185.cds232.sk1.hn,1675842185.cds251.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg

193.108.118.121

200 OK

9.6 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x70755b56", progressive, precision 8, 258x145, components 3\012- data
Size
9.6 kB (9565 bytes)
Hash
8fcd27f0bcc790f75f46d275a19a6300
556d3ca4dec168c77ae4a73c0c6e8291ef1291c0
78410be719ee73e00845d44e100e280d3989fc3d0fa4d3dcfcd888f13ded1843

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 9565
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-255d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:05 GMT
cache-control: max-age=1575
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842185.dop201.sk1.t,1675842185.cds232.sk1.hn,1675842185.cds205.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg

193.108.118.121

200 OK

15 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x541b39db", progressive, precision 8, 258x145, components 3\012- data
Size
15 kB (14653 bytes)
Hash
bb05342bd1f87ae7624aba323af77dca
4b7c875644d0b6a424abf06cda89ad135bd53d81
828e2c12259274e1eb1c212f3498fb31503462023c4b2642da4f795209b755de

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 14653
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-393d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:05 GMT
cache-control: max-age=5482
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842185.dop201.sk1.t,1675842185.cds232.sk1.hn,1675842185.cds003.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg

193.108.118.121

200 OK

10 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1d6d8e5e", progressive, precision 8, 258x145, components 3\012- data
Size
10 kB (10352 bytes)
Hash
1541881a313c963dc754657aefd89ef0
fb41198c81ac17da4f9a34e4b4bf21c8c7fe6001
75e1629d9fad2e22b9d9983c65874a19a3f639db43c11db713a7f972b8f72117

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 10352
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2870"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:05 GMT
cache-control: max-age=12681
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842185.dop201.sk1.t,1675842185.cds232.sk1.hn,1675842185.cds001.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg

193.108.118.121

200 OK

9.0 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 258x145, components 3\012- data
Size
9.0 kB (9032 bytes)
Hash
6c17c634ebd856cc85bedd931ac01680
d1e1b9358749b9fd4ff851bb4cbdce54a6223ce8
c1ced3a91bde391f64c6cef03b164cd89ffd499fa5d75a3f797bc57b1fc3c191

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 9032
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2348"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:05 GMT
cache-control: max-age=17419
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842185.dop201.sk1.t,1675842185.cds232.sk1.hn,1675842185.cds247.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg

193.108.118.121

200 OK

8.3 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x8c97c7da", progressive, precision 8, 258x145, components 3\012- data
Size
8.3 kB (8266 bytes)
Hash
bc1cdeea817d887b981f26bc84236b93
4528ed7010e2e0c774890d6041a60cbeb3c69c92
d737ffd9379d8f2734c1dc6304e4ff75f1c946de29371a1ec9ddc01f423076dd

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 8266
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-204a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:05 GMT
cache-control: max-age=23822
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842185.dop201.sk1.t,1675842185.cds232.sk1.hn,1675842185.cds219.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg

193.108.118.121

200 OK

9.3 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x7cd1fc83", progressive, precision 8, 258x145, components 3\012- data
Size
9.3 kB (9338 bytes)
Hash
5ec2461279f77afe0c6fbb935bd0b94a
95c6e9171db79ea69ce718b02484e36816d1a1cd
ac60e5738d3cf6d32004e1ddfcf4368e256f1928ea923f9369869b8e9af665ba

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 9338
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-247a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg

193.108.118.121

200 OK

9.9 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x50dba82c", progressive, precision 8, 258x145, components 3\012- data
Size
9.9 kB (9914 bytes)
Hash
eed80bba1e2813e70d57a5f3a6bbdf09
3965668a7340d071731a89abf73cc4b3efe4dac3
9ef4f06c23420fae9b1fd163d0719be1b2b258d74d27f7933c810ad64c93ac93

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 9914
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-26ba"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg

193.108.118.121

200 OK

8.9 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1f7d625b", progressive, precision 8, 258x145, components 3\012- data
Size
8.9 kB (8885 bytes)
Hash
77df6b7e2677b46a053508a92026cb8a
decad70c5281062495250250fdf985b6073a8a91
6143cd3687b480264dad4e3d3a237c30c26c859ef7fe1c2a7b32472fb65710c0

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 8885
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-22b5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg

193.108.118.121

200 OK

12 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 258x145, components 3\012- data
Size
12 kB (12127 bytes)
Hash
081a01df58865529d3edcbc765c4dcb5
a7fe3ca35fe5e244926a80addda994218806f613
edebf400c8f60c306491e7b2f8a695b7dde10cf49eed66125423571a1cd60d05

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 12127
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2f5f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/button.png

193.108.118.121

200 OK

20 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/button.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 107 x 93, 8-bit/color RGBA, non-interlaced\012- data
Size
20 kB (19948 bytes)
Hash
e2aadceedde9aef1bf42c176b31c585c
76c14eae7537160a304aa458bf11a985d5a57375
2b1ff8c49202306d33deac4cf49841f59c1a49d15c80a77c1e001369578cef3f

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/button.png HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/png
content-length: 19948
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-4dec"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/load.gif

193.108.118.121

200 OK

15 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/load.gif
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
GIF image data, version 89a, 64 x 64\012- data
Size
15 kB (14574 bytes)
Hash
571dfe045d66b88d2d5c82151a1bf579
8966eb7cd27754263bd2861737b695386273f423
7c7cd7a7155d3d38bb49fc82c83aa14ed24d56f6886623299b13b6a81486a871

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/load.gif HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/gif
content-length: 14574
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-38ee"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/flash.jpg

193.108.118.121

200 OK

3.8 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/flash.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Size
3.8 kB (3829 bytes)
Hash
d660b4b574161fdee86ae57edc8ed0ab
0b947dc39c7ba7415dd78683e06366ff3848b2d5
7483a49fc67a21c7a295b03880aa6c37425f3e96d60dff1ac36eff743ecf6078

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/flash.jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 3829
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-ef5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/panel.jpg

193.108.118.121

200 OK

24 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/panel.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2016:05:13 17:11:55], baseline, precision 8, 990x36, components 3\012- data
Size
24 kB (23598 bytes)
Hash
ab6b76c0cc6683324bd7fe5923b24d17
559b8b1e50f80b7a218e25ce443e523401882577
a923ea85ee73e53db73038b2ea8712e7e40b067cde25b05ffa999608b17a304d

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/panel.jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 23598
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-5c2e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg

193.108.118.121

200 OK

887 B

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
887 B (887 bytes)
Hash
7754ce192cf45ea10de0706da442d2ff
b5b7d0fcf5e84b04b34629d5a5a9c0bb69ca5238
0bfd7fc5264b6cede1f78a26a96cee917f96989822aa2aa20ac854e13ad46b2b

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 887
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-377"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg

193.108.118.121

200 OK

1.9 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.9 kB (1889 bytes)
Hash
ddf58dd1f8745a81264b21bcf1f9cc77
73a35df521dc648af06e2e490cac929bc681a06c
a2315bfaefeae19a449f38fe4131531c7603f5c7e75e956c240074da66123134

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 1889
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-761"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg

193.108.118.121

200 OK

1.4 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x2a0818fe", progressive, precision 8, 60x60, components 3\012- data
Size
1.4 kB (1394 bytes)
Hash
609e06417314a6476bc6d0f3c1900e20
0e2b0d425bd9e5cc0ebb386b093adf64d464ac1e
9450244a77e354c177c18a691c0e5f0c2fc5d0ddf921f40178cbb8bfe4a076ac

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 1394
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-572"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg

193.108.118.121

200 OK

2.6 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe705e0c1", progressive, precision 8, 60x60, components 3\012- data
Size
2.6 kB (2646 bytes)
Hash
677577d8c6ffb0107ee5c9fbabaa4af7
0bfcbbafee19eeeae113103080c41cd95b4083e5
3a215afa0d15ae2985cfb88e51e90b727f0ba03fe10f8e0b0980ef55af91bdb0

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 2646
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-a56"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg

193.108.118.121

200 OK

1.2 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.2 kB (1191 bytes)
Hash
1226a24c469c0fba3970548aab13650f
a6d371e4acc2a9181d1d6bf13b5d51f82c49a943
6a1513dacd3fcffe47245068fe9fa6a49cdc9c352b8d9cbf8f72005c4cf5cafc

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 1191
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-4a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg

193.108.118.121

200 OK

1.7 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.7 kB (1729 bytes)
Hash
3db490cc8f824e29d6fb07ba75a97a20
84c2c26447f7b49c76999f31c0ed526bde13c6c4
5c13ca439c63d5f3e5d638ba055f399058117d3b554ae3fb751d4a39043a14fd

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 1729
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6c1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg

193.108.118.121

200 OK

1.4 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xb7d2e3cb", progressive, precision 8, 60x60, components 3\012- data
Size
1.4 kB (1441 bytes)
Hash
47e765dc1abef2d79edafb5fce1c64b5
93d3e7f1e11dd2d98ca3ffb3b49a0211ed76f273
185540f06acc82b2dc4bdfa6d2deb4ce7454bb1e28783acdde67f8a9a90597b1

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 1441
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-5a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg

193.108.118.121

200 OK

1.8 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.8 kB (1809 bytes)
Hash
f042aa7a438ca85be0afeba44a3ac116
183c8b20394fdaf6ba757ff76d3f25e33092369e
05b76ed86b70990f4307223391e1c9abfff59ec545d75d94683c0f69713eed79

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 1809
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-711"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg

193.108.118.121

200 OK

1.9 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.9 kB (1902 bytes)
Hash
16b2fab44ddad0b620d0eaec2fc1e425
24fa279de6ceb2c0434ff4e750639e15eb22ed29
58076ed17c6377d23375ec949c6cb2eade75010dcf82ba0e64dbdcbd67583912

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 1902
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-76e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg

193.108.118.121

200 OK

1.1 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x0bb5b909", progressive, precision 8, 60x60, components 3\012- data
Size
1.1 kB (1085 bytes)
Hash
01ed303509acb0c822fa3c55976d4b96
7ed250f181498962ebafd21f1bde4ca15e6953c6
fba198ced4795895d1f6d0bc2247d315eb8cc6dda60ad119c99846d68d0ce445

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 1085
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-43d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg

193.108.118.121

200 OK

2.4 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xd191bb02", progressive, precision 8, 60x60, components 3\012- data
Size
2.4 kB (2350 bytes)
Hash
ec2823c426475d6766008dabf85a4bc2
f0681ce27ba96a1b4f6547a42495ebb5b0ca514a
2316f8554d54e907f9992475ced3bf03fc95412e98b2bc29aa6e5407260bcddd

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 2350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-92e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe0e89376", progressive, precision 8, 60x60, components 3\012- data
Size
2.0 kB (1979 bytes)
Hash
3f809b94b5e5607da5b5c6506a8729c1
26f4376095902a56db86ea2c76689f15ba3cf9c2
7b84461772bad27e431676a53efae81d8584a102f3f6f407ae0a54469a938ff6

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-7bb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg

193.108.118.121

200 OK

3.1 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xd191bb02", progressive, precision 8, 60x60, components 3\012- data
Size
3.1 kB (3063 bytes)
Hash
cbff1c490bcdcad2989c2549f278eae5
56e1b4489cfc0d54f9f72e15777788beba396c95
6d96d3de01207ab505c62b2da624ba787cabe4fee767c181b175186e50c23af4

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 3063
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-bf7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg

193.108.118.121

200 OK

1.8 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.8 kB (1758 bytes)
Hash
52eba434e5411806cd92add275d164ea
0cc9df3c52de111a307dc3d8d22254cf51b0c77f
a4c2a01f64274d0ede23e233e2be19225c68e5e5a6206b338fb8bc6410f7005f

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 1758
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6de"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png

193.108.118.121

200 OK

1.0 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
1.0 kB (1045 bytes)
Hash
c840b43a0575b0a1742c50f186a67c22
d1ac0da47b4394a9dbea90eee26a260b5268c4d9
6a8ef9be89e89c23d6d96c50e2fa62bd25473e9cc7a79e2cd1ef64e2647cb38a

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/png
content-length: 1045
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-415"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg

193.108.118.121

200 OK

1.4 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x2a0818fe", progressive, precision 8, 60x60, components 3\012- data
Size
1.4 kB (1373 bytes)
Hash
a08c2c5266f9701e422f042b4a3809c5
9884cf987f84b282f920634b2ab811077dfef7a3
054df6bf8ee2bcb904269745cd2c0830918d9e1a6ff1f965673af5f2946a3c37

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 1373
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-55d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg

193.108.118.121

200 OK

1.6 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe0e89376", progressive, precision 8, 60x60, components 3\012- data
Size
1.6 kB (1563 bytes)
Hash
bfa11442f9457a03384ecf8128a586a2
a30e6f6a18be085197605b6463f840cb249d0510
941411042624c554a5828ee596c1e3ade4a787ae2fad6e5b6d585ab6a6e1e3c6

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 1563
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-61b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png

193.108.118.121

200 OK

1.0 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
1.0 kB (1046 bytes)
Hash
96f46fad8cda5895b895f6ec3f95cda4
3bd79ef305bfa4b7c1a3f328828c63f89a818878
8e48576faf920cae224c669d61831d0ad5fc23f6220e83955275a3115bb568fc

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/png
content-length: 1046
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-416"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg

193.108.118.121

200 OK

887 B

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
887 B (887 bytes)
Hash
7754ce192cf45ea10de0706da442d2ff
b5b7d0fcf5e84b04b34629d5a5a9c0bb69ca5238
0bfd7fc5264b6cede1f78a26a96cee917f96989822aa2aa20ac854e13ad46b2b

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 887
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-377"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg

193.108.118.121

200 OK

841 B

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
841 B (841 bytes)
Hash
9cf522c306866742c2806e0c14c8bca7
7a3ff28af2c6f7cfd036ec4fc162651eaf634f7e
fa09bef7875241c06a9e2505bc698a189d3b3ce012af29c65817fd476627ec87

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 841
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-349"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg

193.108.118.121

200 OK

2.6 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe705e0c1", progressive, precision 8, 60x60, components 3\012- data
Size
2.6 kB (2553 bytes)
Hash
950ff8ae916df997fea302859ca2ccb4
42232e28878f65aaf4120d9435784ad46c2be71c
c0b01da5a48a7ddd619a2dee26bec77300b68bb1b028716320719f9c1a5f769e

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 2553
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-9f9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg

193.108.118.121

200 OK

4.6 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 150x84, components 3\012- data
Size
4.6 kB (4644 bytes)
Hash
0fa4a903a2adc9da58b52661ebc8d38c
061c6359c2951da7509f6ae4039c2f0bc1ce6b62
79d6da7e0398c3f607c4bbc93562cf6ab96bb800cdab4ef6df82718cf0a0d3e5

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 4644
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1224"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg

193.108.118.121

200 OK

4.4 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x550d5e4d", progressive, precision 8, 150x84, components 3\012- data
Size
4.4 kB (4397 bytes)
Hash
58477c52a9d639b91b16f022d4676bcf
51a85ef703617e996c50cd76b38f2507517a9f25
a0653cc819b252702f55439d6f8763d212fca2f9f604d67224a2a9891e8eadbe

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 4397
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-112d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg

193.108.118.121

200 OK

7.0 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x7ab4f024", progressive, precision 8, 233x131, components 3\012- data
Size
7.0 kB (6972 bytes)
Hash
2a4d527ed65de8e2e0a69dc9d50442d2
8ec4547a38c9e3d37469acfe21ea755531776f09
275876bbb5190da100ae4f9aca976ec15cea0de20d42e167f522a0a50ba8ca02

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 6972
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1b3c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg

193.108.118.121

200 OK

4.3 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x852b408e", progressive, precision 8, 150x84, components 3\012- data
Size
4.3 kB (4315 bytes)
Hash
365e215442256548316a73bc7c79edf1
13078402132cb89939a39edf11181fb88ebe390f
f8c35c02ff055694af23c83b1e3019a8c29965ab57ed7db8173a23a38494ff58

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 4315
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-10db"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg

193.108.118.121

200 OK

4.0 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x541b39db", progressive, precision 8, 150x84, components 3\012- data
Size
4.0 kB (4035 bytes)
Hash
416ec3af020687541765d48acb81fc08
48b80345ffb951535d4d6ca811d19bd9dd726998
75c30d77f900b2f4c91f502f45f00606b57a47bb84e6b700fb18482389d88f3c

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 4035
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-fc3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg

193.108.118.121

200 OK

8.6 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 233x131, components 3\012- data
Size
8.6 kB (8615 bytes)
Hash
55778c73ba99a9477464e5c90cdd7e02
bc49e8058f1dafe10e817441de952ba6aa3b7b58
c362fc3a2aafd1b0d8069fb1fae83b5f0abb06443d3e00b21b37be13aeb75bfa

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 8615
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-21a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg

193.108.118.121

200 OK

5.1 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x852b408e", progressive, precision 8, 150x84, components 3\012- data
Size
5.1 kB (5080 bytes)
Hash
72e270f7041c2fe2f326d11e162fb249
3f918a2023f10a01a2ed74713d292df415d14e05
b17ce663fab4421f728ea0dd218d2a8a6a10a4314759fdf139b9388fa26e37f6

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 5080
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-13d8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg

193.108.118.121

200 OK

4.4 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6359dcbc", progressive, precision 8, 150x84, components 3\012- data
Size
4.4 kB (4417 bytes)
Hash
447470b34b66b570c8fc0dbc11c06609
863180b376242e256189888eb99282e597d894c9
dd57f5a80517b8109279b57d702278f31a9878295045c6766931a0453244d749

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 4417
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1141"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg

193.108.118.121

200 OK

7.9 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 233x131, components 3\012- data
Size
7.9 kB (7904 bytes)
Hash
5df975e7a8c0b2610069610c54c5ce6c
ab6390fbb7be1be9a0f4477b4439e34d5175b6fc
bbfb6830dabc55fd598cc0948049f2367d17c80f286e0821e660ba7f5a6b360c

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 7904
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1ee0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg

193.108.118.121

200 OK

3.8 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x8c97c7da", progressive, precision 8, 150x84, components 3\012- data
Size
3.8 kB (3835 bytes)
Hash
6ed4eca1ed776930746531005fcf22aa
11e8643932e35a8ef65be8ef585afee241c8eddc
28849006b773d85fb8fb2295a86bcee5d2cdabb9a23d854ffebbd8dfd203588c

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 3835
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-efb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg

193.108.118.121

200 OK

4.7 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x550d5e4d", progressive, precision 8, 150x84, components 3\012- data
Size
4.7 kB (4664 bytes)
Hash
12f0c14e5943fd57577ce11155107bdb
a484cb296770fe6cb55d25cba19f831cf1aaf7d1
9eb468f7688a901a3626fdde8d0b07dc490a830718c2938d32f70f0ec122a344

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 4664
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1238"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg

193.108.118.121

200 OK

6.8 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1f7d625b", progressive, precision 8, 233x131, components 3\012- data
Size
6.8 kB (6827 bytes)
Hash
2ad4260dc1204ad8f3c0c29bd919830a
fd2ddfca32f55ba5d180af812a787e61ce136480
acc8f76a570c0833d34835f5694409e082b4af09783366596c2e151e0b0ed128

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 6827
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1aab"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif

193.108.118.121

200 OK

1.9 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
GIF image data, version 89a, 88 x 31\012- data
Size
1.9 kB (1882 bytes)
Hash
2bcf55138cde4a65770426a67ea247fc
13d8c808a4276dc88937817d7df7720182c093f6
348fd1e58aec8d99001aca1dd12b72eafef534c2d11725b2280a173d03b5fa6b

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/gif
content-length: 1882
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-75a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/sw.js

193.108.118.121

200 OK

4.2 kB

URL HTTP/2
4.news-civuse.com/sw.js
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (4168)
Size
4.2 kB (4199 bytes)
Hash
569090f90a522f4c62af3b9e40635957
4e6f57da49920f30777f3fe71f83f6183aeb4f3f
ee8c6af307c8d085753adb810c69c8379d1e8d01211b491409c43e9edc9f6fb5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sw.js HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: application/javascript
content-length: 4199
last-modified: Thu, 01 Dec 2022 08:31:02 GMT
etag: "63886646-1067"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/index.php_files/pu.swf

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
4.news-civuse.com/lands/38/index.php_files/pu.swf
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1953 bytes)
Hash
6d40122b8a5b7fd31b5aef2749f519fd
518d585dd26c947344ddea5403324850d1b2f7cd
1da7814acd0d6913438bf701d8a2d2cf29814174b5eff0e6ff129ee74f68a7cf

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/index.php_files/pu.swf HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: application/x-shockwave-flash
content-length: 1953
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:05 GMT
cache-control: max-age=13258
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842185.dop201.sk1.t,1675842185.cds232.sk1.hn,1675842185.cds212.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:05 GMT
cache-control: max-age=20257
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842185.dop201.sk1.t,1675842185.cds232.sk1.hn,1675842185.cds251.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:05 GMT
cache-control: max-age=1575
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842185.dop201.sk1.t,1675842185.cds232.sk1.hn,1675842185.cds205.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:05 GMT
cache-control: max-age=5482
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842185.dop201.sk1.t,1675842185.cds232.sk1.hn,1675842185.cds003.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css

193.108.118.121

200 OK

6.3 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
6.3 kB (6250 bytes)
Hash
4017230a30fd2de81422baf57cc42ff6
70e0ec756de5ff3e7da696aa5b187f4344793bd0
c4a26437ec996731964beb8292fea2593d775e127586b4ae54e1b974b885a1b4

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-8353"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:05 GMT
cache-control: max-age=12681
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842185.dop201.sk1.t,1675842185.cds232.sk1.hn,1675842185.cds001.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:05 GMT
cache-control: max-age=23822
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842185.dop201.sk1.t,1675842185.cds232.sk1.hn,1675842185.cds219.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1979 bytes)
Hash
613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250 HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1979 bytes)
Hash
613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250 HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1995 bytes)
Hash
1b6ee6a5fdcf3c781a0b768964797646
f0bf83f6368d7c31471ad258ce8cfb4848109192
511ad4ad0f3db18490c9b7876d44c887f60d78dd8d06a585367c0ab4ddbbe92f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250 HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/fon2.jpg

193.108.118.121

200 OK

234 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/fon2.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2014 (Windows), datetime=2016:06:21 11:55:20], baseline, precision 8, 990x513, components 3\012- data
Size
234 kB (234218 bytes)
Hash
60f67e63f85561c6f95fd573252d2311
6fc6d41b27131074786778522b86077f477dbd51
0e80e9257f1dd0149894bf37342cb082ef2410263de490e851111fa9531e15c6

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/fon2.jpg HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: image/jpeg
content-length: 234218
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-392ea"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1979 bytes)
Hash
613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250 HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1995 bytes)
Hash
787dca6a9c809e6dcc3d3018f3f639bb
cf5838982dcd16a1cca3e810716270434413ea80
6fe734b116afdc3782aef601ddee34dfa45e93c69ff372143f3ae187c47627d3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250 HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1995 bytes)
Hash
787dca6a9c809e6dcc3d3018f3f639bb
cf5838982dcd16a1cca3e810716270434413ea80
6fe734b116afdc3782aef601ddee34dfa45e93c69ff372143f3ae187c47627d3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250 HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2

browser.sentry-cdn.com/7.19.0/bundle.es5.min.js

151.101.66.217

200 OK

20 kB

URL HTTP/2
browser.sentry-cdn.com/7.19.0/bundle.es5.min.js
IP
151.101.66.217:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (62031)
Size
20 kB (20174 bytes)
Hash
1c6083f7ae34ed2fa3236569eec9ff56
0c1be1b5468042e65e02c8b886c50d26427c9ce7
2b1d69121eb9dc0629126ff02cf7acef2f1924b32b0bb654792ecd9101e10c44

HTTP Headers

GET /7.19.0/bundle.es5.min.js HTTP/1.1
Host: browser.sentry-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Sat, 11 Nov 2023 17:34:32 GMT
last-modified: Thu, 10 Nov 2022 15:50:35 GMT
etag: "1c6083f7ae34ed2fa3236569eec9ff56"
content-type: application/javascript; charset=utf-8
content-encoding: gzip
accept-ranges: bytes
date: Wed, 08 Feb 2023 07:43:06 GMT
age: 7654113
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 20174
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/favicon.png

193.108.118.121

200 OK

1.2 kB

URL HTTP/2
4.news-civuse.com/lands/38/favicon.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
1.2 kB (1233 bytes)
Hash
e7ffe9c659d8c729e12e20dfe05509be
2c413e09ebd14dd3020209fe9c9183e0335fc250
880c000a3ca23bb89262d9c2ccf9d48bab37dcec09f3b3bf55c8385f58745f50

HTTP Headers

GET /lands/38/favicon.png HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/png
content-length: 1233
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-4d1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/lp.js

193.108.118.121

200 OK

1.4 kB

URL HTTP/2
5.news-civuse.com/lands/38/lp.js
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
Unicode text, UTF-8 text
Size
1.4 kB (1418 bytes)
Hash
8441b469fa0c093bd106a66a4068d944
c3698e755cd1ef7b5d29e233ef615219559a96f3
befe8e9f55c6e3fe10fd398534acb713129764b05d852089ac34bfa535a53902

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/lp.js HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: application/javascript
content-length: 1418
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-58a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/revopush.js?v=4

193.108.118.121

200 OK

10 kB

URL HTTP/2
5.news-civuse.com/revopush.js?v=4
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (9954), with no line terminators
Size
10 kB (9954 bytes)
Hash
fc284a0e5d580856ae4863715ad6733e
eb69f303c80ff8e44abc9601b8616c0cf92faafa
2240a1d10744494668058ba210d0d87203609def9fd69d2ac82092ebc79583c0

HTTP Headers

GET /revopush.js?v=4 HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: application/javascript
content-length: 9954
last-modified: Thu, 15 Dec 2022 09:31:10 GMT
etag: "639ae95e-26e2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css

193.108.118.121

200 OK

4.0 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (4028), with no line terminators
Size
4.0 kB (4028 bytes)
Hash
64f6d7d923f18e5d25a4506b45fcd51d
0e636e489bba7af08cb17f8a72c5dc5685774057
18818b4b5458636324d294a8dee67dbde4808ae542e6cefa18ca6d90c1fc4479

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: text/css
content-length: 4028
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: "61deb724-fbc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css

193.108.118.121

200 OK

6.0 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (5955), with no line terminators
Size
6.0 kB (5955 bytes)
Hash
0fe9d8c60b2c31a97fa966d14be642ef
eb4f94b637c54906ae38eb350b6310d552c75e6d
191ae0d72198f51609589e26c7d837d2978382861f60b360148e0af13c8583e1

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: text/css
content-length: 5955
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1743"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css

193.108.118.121

200 OK

8.3 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (8327), with no line terminators
Size
8.3 kB (8327 bytes)
Hash
8cd6ca47d55ffed774fde852523940e0
49e1e837355b3de08055c650488d0a3382bff9c0
17528d5914a702bb12ac6b36c8e3bbbfbcd3d52b54dd613acbacf8f4bb17ae33

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: text/css
content-length: 8327
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: "61deb724-2087"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css

193.108.118.121

200 OK

1.4 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (1391), with no line terminators
Size
1.4 kB (1391 bytes)
Hash
677a255a4a9dc3411b8013e8afb09c42
ec9f1a722b028da2eceb06cdc8c26fc6490a4e70
cc4494353809adb8bdfbbdea2ad72a1a0fc9c84816dc23c7ee1f9466e620eb5e

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: text/css
content-length: 1391
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-56f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/18.png

193.108.118.121

200 OK

12 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/18.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (12136 bytes)
Hash
833a12d372440b20017502d3c72e0b20
5fb9301142e3c53f65cd16502b35d7d1d5f82b98
1531ac56322b89715a35b1cdb5ca1f79f453614f368455b2cc8ef650a992f8cd

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/18.png HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/png
content-length: 12136
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2f68"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=

193.108.118.121

200 OK

67 kB

URL HTTP/2
4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
67 kB (66593 bytes)
Hash
c64185fd042e027cee70d91b726b4827
449df038ad946b21d376c463cda0da151ee70c0d
4a7fc9125c7eea72707572bf5561804ccac45fc9047b8e5cbcc4ce9ef623b583

HTTP Headers

GET /lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4= HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
pragma: no-cache
set-cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8; expires=Wed, 08-Feb-2023 08:43:05 GMT; Max-Age=3600; path=/
content-encoding: gzip
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css

193.108.118.121

200 OK

60 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
60 kB (60079 bytes)
Hash
32c8104a7e0e416c57b614cc3f00455e
842f99f746ecb1610b1d7a8d10501733cec0a3ba
a160c686a2a97e90b39774f9f182ec9d727ccce2f781eaf4d45d770e645506c5

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-2f3dd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg

193.108.118.121

200 OK

17 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 118x88, components 3\012- data
Size
17 kB (17350 bytes)
Hash
215029a9775d1e9a56c93912ab03f4c6
6a3dbd676e2ea61850d2a20086b9ec84127da0ae
e071c52839ef37679439165349ffdd98cf19aa7e35d0293a1bec69743db70b16

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 17350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-43c6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg

193.108.118.121

200 OK

12 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 118x88, components 3\012- data
Size
12 kB (12525 bytes)
Hash
ea52ae32ae4319fb03da1672b0c20ed3
4efd8189179b260a4b51fd4b28d729b6143ef00a
43a4ca83560d5720ffeccf17478d6a1741f86639f35744fb61fcb139dc3020a6

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 12525
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-30ed"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css

193.108.118.121

200 OK

16 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
16 kB (16512 bytes)
Hash
7d2f4cac627b252599add0115cee197e
d9b9d55fbbc9b2917c40f71a4d6d26aa43d5ea9f
359f6326fd88335977d492fd532c3fddc2cfd2b2c025ea904c384348c98ab2bb

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-6aa0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg

193.108.118.121

200 OK

14 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Size
14 kB (13505 bytes)
Hash
9903db279cf9714141daac34523f39b6
ac412f9ce9b8c50155e9adb9f5095d82519ccd24
f562892c60fef407c954fd73d6908003c42f832c4ae86f8264438a576ce2c1cd

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 13505
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-34c1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg

193.108.118.121

200 OK

13 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 118x88, components 3\012- data
Size
13 kB (13106 bytes)
Hash
99a404d25bcdd47a141dafdbe046d0cf
04de642c5cbc865c29ab3599c1c4fa19f2a6ba8e
fbe779bcef340ba0b148f84b50a8323a2bbb493674e130bf877d87c6d163ed36

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 13106
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-3332"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg

193.108.118.121

200 OK

16 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Size
16 kB (15481 bytes)
Hash
5a34545daf4bc481bcbc3573062aa426
132d09d36ede8f32c3168ecaaa631e5959ce38ef
c044a81b14812c50f3142ad20d0ca862923daba2483eb164b0348ba98d3b7855

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 15481
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-3c79"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg

193.108.118.121

200 OK

18 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Size
18 kB (17978 bytes)
Hash
10e8794e65f20d32932985bf814b8965
0627b8648373340d2ba949fd7fe50611d11b033b
43b9f39f94acb50efb3b6981a6c931dcf25eefcc7b7734a927036255263eee39

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 17978
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-463a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif

193.108.118.121

200 OK

2.4 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
GIF image data, version 89a, 116 x 86\012- data
Size
2.4 kB (2350 bytes)
Hash
ec706a0634f1e5e06ad775b2b2ebdcf2
5a18c424f7b84b40709a6b78b2d632639bb3ff2b
9613f59211bd2194336c666d11a0d2e1daa4dd96d543e661f5835e0a621c2f5d

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/gif
content-length: 2350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-92e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg

193.108.118.121

200 OK

9.0 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xae3bf698", progressive, precision 8, 258x145, components 3\012- data
Size
9.0 kB (9007 bytes)
Hash
58357cada0f0171d2a84540391219649
57123e69e055b4d818faedec09884135c5d4a31e
742c68ecf3dcc1096143a0a5d00f4a15a3edb13fd497ea2931e67e66826addd0

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 9007
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-232f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg

193.108.118.121

200 OK

9.6 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x70755b56", progressive, precision 8, 258x145, components 3\012- data
Size
9.6 kB (9565 bytes)
Hash
8fcd27f0bcc790f75f46d275a19a6300
556d3ca4dec168c77ae4a73c0c6e8291ef1291c0
78410be719ee73e00845d44e100e280d3989fc3d0fa4d3dcfcd888f13ded1843

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 9565
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-255d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg

193.108.118.121

200 OK

15 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x541b39db", progressive, precision 8, 258x145, components 3\012- data
Size
15 kB (14653 bytes)
Hash
bb05342bd1f87ae7624aba323af77dca
4b7c875644d0b6a424abf06cda89ad135bd53d81
828e2c12259274e1eb1c212f3498fb31503462023c4b2642da4f795209b755de

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 14653
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-393d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css

193.108.118.121

200 OK

21 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
21 kB (21065 bytes)
Hash
3138cc1cff02d3f560f4b65dbf1af266
a147c2382f1dfd550aa397a84aaef5a6f9e8e6e1
89ea55f0185574c7bdd4d8248103ef9d8a0431870da53bb792357a6d664e0292

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-1327c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg

193.108.118.121

200 OK

9.0 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 258x145, components 3\012- data
Size
9.0 kB (9032 bytes)
Hash
6c17c634ebd856cc85bedd931ac01680
d1e1b9358749b9fd4ff851bb4cbdce54a6223ce8
c1ced3a91bde391f64c6cef03b164cd89ffd499fa5d75a3f797bc57b1fc3c191

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 9032
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2348"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg

193.108.118.121

200 OK

8.3 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x8c97c7da", progressive, precision 8, 258x145, components 3\012- data
Size
8.3 kB (8266 bytes)
Hash
bc1cdeea817d887b981f26bc84236b93
4528ed7010e2e0c774890d6041a60cbeb3c69c92
d737ffd9379d8f2734c1dc6304e4ff75f1c946de29371a1ec9ddc01f423076dd

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 8266
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-204a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg

193.108.118.121

200 OK

9.3 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x7cd1fc83", progressive, precision 8, 258x145, components 3\012- data
Size
9.3 kB (9338 bytes)
Hash
5ec2461279f77afe0c6fbb935bd0b94a
95c6e9171db79ea69ce718b02484e36816d1a1cd
ac60e5738d3cf6d32004e1ddfcf4368e256f1928ea923f9369869b8e9af665ba

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 9338
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-247a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:06 GMT
cache-control: max-age=13257
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842186.dop201.sk1.t,1675842186.cds232.sk1.hn,1675842186.cds212.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg

193.108.118.121

200 OK

9.9 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x50dba82c", progressive, precision 8, 258x145, components 3\012- data
Size
9.9 kB (9914 bytes)
Hash
eed80bba1e2813e70d57a5f3a6bbdf09
3965668a7340d071731a89abf73cc4b3efe4dac3
9ef4f06c23420fae9b1fd163d0719be1b2b258d74d27f7933c810ad64c93ac93

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 9914
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-26ba"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:06 GMT
cache-control: max-age=20256
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842186.dop201.sk1.t,1675842186.cds232.sk1.hn,1675842186.cds251.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:06 GMT
cache-control: max-age=1574
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842186.dop201.sk1.t,1675842186.cds232.sk1.hn,1675842186.cds205.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg

193.108.118.121

200 OK

8.9 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1f7d625b", progressive, precision 8, 258x145, components 3\012- data
Size
8.9 kB (8885 bytes)
Hash
77df6b7e2677b46a053508a92026cb8a
decad70c5281062495250250fdf985b6073a8a91
6143cd3687b480264dad4e3d3a237c30c26c859ef7fe1c2a7b32472fb65710c0

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 8885
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-22b5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:06 GMT
cache-control: max-age=5481
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842186.dop201.sk1.t,1675842186.cds232.sk1.hn,1675842186.cds003.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:06 GMT
cache-control: max-age=12680
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842186.dop201.sk1.t,1675842186.cds232.sk1.hn,1675842186.cds001.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css

193.108.118.121

200 OK

15 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
15 kB (15198 bytes)
Hash
6132361884c152e15cbd028d356d809e
c8d6fa48f4305ea002b94939384ae37608e6bdb8
b114fe2f4518ad3d566c288c00814ceb29ac62cc930cfa382d59201d79823886

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-3957"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:06 GMT
cache-control: max-age=17418
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842186.dop201.sk1.t,1675842186.cds232.sk1.hn,1675842186.cds247.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/button.png

193.108.118.121

200 OK

20 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/button.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 107 x 93, 8-bit/color RGBA, non-interlaced\012- data
Size
20 kB (19948 bytes)
Hash
e2aadceedde9aef1bf42c176b31c585c
76c14eae7537160a304aa458bf11a985d5a57375
2b1ff8c49202306d33deac4cf49841f59c1a49d15c80a77c1e001369578cef3f

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/button.png HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/png
content-length: 19948
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-4dec"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/load.gif

193.108.118.121

200 OK

15 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/load.gif
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
GIF image data, version 89a, 64 x 64\012- data
Size
15 kB (14574 bytes)
Hash
571dfe045d66b88d2d5c82151a1bf579
8966eb7cd27754263bd2861737b695386273f423
7c7cd7a7155d3d38bb49fc82c83aa14ed24d56f6886623299b13b6a81486a871

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/load.gif HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/gif
content-length: 14574
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-38ee"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/flash.jpg

193.108.118.121

200 OK

3.8 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/flash.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Size
3.8 kB (3829 bytes)
Hash
d660b4b574161fdee86ae57edc8ed0ab
0b947dc39c7ba7415dd78683e06366ff3848b2d5
7483a49fc67a21c7a295b03880aa6c37425f3e96d60dff1ac36eff743ecf6078

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/flash.jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 3829
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-ef5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:06 GMT
cache-control: max-age=23821
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842186.dop201.sk1.t,1675842186.cds232.sk1.hn,1675842186.cds219.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/panel.jpg

193.108.118.121

200 OK

24 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/panel.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2016:05:13 17:11:55], baseline, precision 8, 990x36, components 3\012- data
Size
24 kB (23598 bytes)
Hash
ab6b76c0cc6683324bd7fe5923b24d17
559b8b1e50f80b7a218e25ce443e523401882577
a923ea85ee73e53db73038b2ea8712e7e40b067cde25b05ffa999608b17a304d

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/panel.jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 23598
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-5c2e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg

193.108.118.121

200 OK

887 B

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
887 B (887 bytes)
Hash
7754ce192cf45ea10de0706da442d2ff
b5b7d0fcf5e84b04b34629d5a5a9c0bb69ca5238
0bfd7fc5264b6cede1f78a26a96cee917f96989822aa2aa20ac854e13ad46b2b

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 887
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-377"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg

193.108.118.121

200 OK

1.9 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.9 kB (1889 bytes)
Hash
ddf58dd1f8745a81264b21bcf1f9cc77
73a35df521dc648af06e2e490cac929bc681a06c
a2315bfaefeae19a449f38fe4131531c7603f5c7e75e956c240074da66123134

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 1889
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-761"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg

193.108.118.121

200 OK

1.4 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x2a0818fe", progressive, precision 8, 60x60, components 3\012- data
Size
1.4 kB (1394 bytes)
Hash
609e06417314a6476bc6d0f3c1900e20
0e2b0d425bd9e5cc0ebb386b093adf64d464ac1e
9450244a77e354c177c18a691c0e5f0c2fc5d0ddf921f40178cbb8bfe4a076ac

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 1394
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-572"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg

193.108.118.121

200 OK

2.6 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe705e0c1", progressive, precision 8, 60x60, components 3\012- data
Size
2.6 kB (2646 bytes)
Hash
677577d8c6ffb0107ee5c9fbabaa4af7
0bfcbbafee19eeeae113103080c41cd95b4083e5
3a215afa0d15ae2985cfb88e51e90b727f0ba03fe10f8e0b0980ef55af91bdb0

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 2646
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-a56"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg

193.108.118.121

200 OK

1.2 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.2 kB (1191 bytes)
Hash
1226a24c469c0fba3970548aab13650f
a6d371e4acc2a9181d1d6bf13b5d51f82c49a943
6a1513dacd3fcffe47245068fe9fa6a49cdc9c352b8d9cbf8f72005c4cf5cafc

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 1191
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-4a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

errors.house/api/3/envelope/?sentry_key=f1c7cfc107e94764b41b7a2b50de5ae0&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.15.0

144.76.158.184

429 Too Many Requests

162 B

URL HTTP/1.1
errors.house/api/3/envelope/?sentry_key=f1c7cfc107e94764b41b7a2b50de5ae0&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.15.0
IP
144.76.158.184:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
7f44c7691673d77d8557d4d5699ef23a
f30daebcb81f94af5e6dfd9e70585b8904d72ac1
413d294fad14524bf94e764b33ff0f327682549408545171fcf9240189c154ae

HTTP Headers

POST /api/3/envelope/?sentry_key=f1c7cfc107e94764b41b7a2b50de5ae0&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.15.0 HTTP/1.1
Host: errors.house
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 136
Origin: https://4.news-civuse.com
Connection: keep-alive
Referer: https://4.news-civuse.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 429 Too Many Requests
Server: nginx/1.22.1
Date: Wed, 08 Feb 2023 07:43:06 GMT
Content-Type: text/html
Content-Length: 162
Connection: close

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg

193.108.118.121

200 OK

1.7 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.7 kB (1729 bytes)
Hash
3db490cc8f824e29d6fb07ba75a97a20
84c2c26447f7b49c76999f31c0ed526bde13c6c4
5c13ca439c63d5f3e5d638ba055f399058117d3b554ae3fb751d4a39043a14fd

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 1729
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6c1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg

193.108.118.121

200 OK

1.4 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xb7d2e3cb", progressive, precision 8, 60x60, components 3\012- data
Size
1.4 kB (1441 bytes)
Hash
47e765dc1abef2d79edafb5fce1c64b5
93d3e7f1e11dd2d98ca3ffb3b49a0211ed76f273
185540f06acc82b2dc4bdfa6d2deb4ce7454bb1e28783acdde67f8a9a90597b1

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 1441
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-5a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg

193.108.118.121

200 OK

1.8 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.8 kB (1809 bytes)
Hash
f042aa7a438ca85be0afeba44a3ac116
183c8b20394fdaf6ba757ff76d3f25e33092369e
05b76ed86b70990f4307223391e1c9abfff59ec545d75d94683c0f69713eed79

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 1809
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-711"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg

193.108.118.121

200 OK

1.9 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.9 kB (1902 bytes)
Hash
16b2fab44ddad0b620d0eaec2fc1e425
24fa279de6ceb2c0434ff4e750639e15eb22ed29
58076ed17c6377d23375ec949c6cb2eade75010dcf82ba0e64dbdcbd67583912

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 1902
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-76e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg

193.108.118.121

200 OK

1.1 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x0bb5b909", progressive, precision 8, 60x60, components 3\012- data
Size
1.1 kB (1085 bytes)
Hash
01ed303509acb0c822fa3c55976d4b96
7ed250f181498962ebafd21f1bde4ca15e6953c6
fba198ced4795895d1f6d0bc2247d315eb8cc6dda60ad119c99846d68d0ce445

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 1085
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-43d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg

193.108.118.121

200 OK

2.4 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xd191bb02", progressive, precision 8, 60x60, components 3\012- data
Size
2.4 kB (2350 bytes)
Hash
ec2823c426475d6766008dabf85a4bc2
f0681ce27ba96a1b4f6547a42495ebb5b0ca514a
2316f8554d54e907f9992475ced3bf03fc95412e98b2bc29aa6e5407260bcddd

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 2350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-92e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe0e89376", progressive, precision 8, 60x60, components 3\012- data
Size
2.0 kB (1979 bytes)
Hash
3f809b94b5e5607da5b5c6506a8729c1
26f4376095902a56db86ea2c76689f15ba3cf9c2
7b84461772bad27e431676a53efae81d8584a102f3f6f407ae0a54469a938ff6

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-7bb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg

193.108.118.121

200 OK

3.1 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xd191bb02", progressive, precision 8, 60x60, components 3\012- data
Size
3.1 kB (3063 bytes)
Hash
cbff1c490bcdcad2989c2549f278eae5
56e1b4489cfc0d54f9f72e15777788beba396c95
6d96d3de01207ab505c62b2da624ba787cabe4fee767c181b175186e50c23af4

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 3063
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-bf7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg

193.108.118.121

200 OK

1.8 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.8 kB (1758 bytes)
Hash
52eba434e5411806cd92add275d164ea
0cc9df3c52de111a307dc3d8d22254cf51b0c77f
a4c2a01f64274d0ede23e233e2be19225c68e5e5a6206b338fb8bc6410f7005f

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 1758
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6de"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png

193.108.118.121

200 OK

1.0 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
1.0 kB (1045 bytes)
Hash
c840b43a0575b0a1742c50f186a67c22
d1ac0da47b4394a9dbea90eee26a260b5268c4d9
6a8ef9be89e89c23d6d96c50e2fa62bd25473e9cc7a79e2cd1ef64e2647cb38a

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/png
content-length: 1045
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-415"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg

193.108.118.121

200 OK

1.4 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x2a0818fe", progressive, precision 8, 60x60, components 3\012- data
Size
1.4 kB (1373 bytes)
Hash
a08c2c5266f9701e422f042b4a3809c5
9884cf987f84b282f920634b2ab811077dfef7a3
054df6bf8ee2bcb904269745cd2c0830918d9e1a6ff1f965673af5f2946a3c37

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 1373
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-55d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg

193.108.118.121

200 OK

1.6 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe0e89376", progressive, precision 8, 60x60, components 3\012- data
Size
1.6 kB (1563 bytes)
Hash
bfa11442f9457a03384ecf8128a586a2
a30e6f6a18be085197605b6463f840cb249d0510
941411042624c554a5828ee596c1e3ade4a787ae2fad6e5b6d585ab6a6e1e3c6

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 1563
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-61b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png

193.108.118.121

200 OK

1.0 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
1.0 kB (1046 bytes)
Hash
96f46fad8cda5895b895f6ec3f95cda4
3bd79ef305bfa4b7c1a3f328828c63f89a818878
8e48576faf920cae224c669d61831d0ad5fc23f6220e83955275a3115bb568fc

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/png
content-length: 1046
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-416"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg

193.108.118.121

200 OK

887 B

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
887 B (887 bytes)
Hash
7754ce192cf45ea10de0706da442d2ff
b5b7d0fcf5e84b04b34629d5a5a9c0bb69ca5238
0bfd7fc5264b6cede1f78a26a96cee917f96989822aa2aa20ac854e13ad46b2b

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 887
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-377"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg

193.108.118.121

200 OK

841 B

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
841 B (841 bytes)
Hash
9cf522c306866742c2806e0c14c8bca7
7a3ff28af2c6f7cfd036ec4fc162651eaf634f7e
fa09bef7875241c06a9e2505bc698a189d3b3ce012af29c65817fd476627ec87

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 841
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-349"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg

193.108.118.121

200 OK

2.6 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe705e0c1", progressive, precision 8, 60x60, components 3\012- data
Size
2.6 kB (2553 bytes)
Hash
950ff8ae916df997fea302859ca2ccb4
42232e28878f65aaf4120d9435784ad46c2be71c
c0b01da5a48a7ddd619a2dee26bec77300b68bb1b028716320719f9c1a5f769e

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 2553
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-9f9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg

193.108.118.121

200 OK

4.6 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 150x84, components 3\012- data
Size
4.6 kB (4644 bytes)
Hash
0fa4a903a2adc9da58b52661ebc8d38c
061c6359c2951da7509f6ae4039c2f0bc1ce6b62
79d6da7e0398c3f607c4bbc93562cf6ab96bb800cdab4ef6df82718cf0a0d3e5

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 4644
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1224"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg

193.108.118.121

200 OK

4.4 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x550d5e4d", progressive, precision 8, 150x84, components 3\012- data
Size
4.4 kB (4397 bytes)
Hash
58477c52a9d639b91b16f022d4676bcf
51a85ef703617e996c50cd76b38f2507517a9f25
a0653cc819b252702f55439d6f8763d212fca2f9f604d67224a2a9891e8eadbe

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 4397
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-112d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg

193.108.118.121

200 OK

7.0 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x7ab4f024", progressive, precision 8, 233x131, components 3\012- data
Size
7.0 kB (6972 bytes)
Hash
2a4d527ed65de8e2e0a69dc9d50442d2
8ec4547a38c9e3d37469acfe21ea755531776f09
275876bbb5190da100ae4f9aca976ec15cea0de20d42e167f522a0a50ba8ca02

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 6972
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1b3c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg

193.108.118.121

200 OK

4.3 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x852b408e", progressive, precision 8, 150x84, components 3\012- data
Size
4.3 kB (4315 bytes)
Hash
365e215442256548316a73bc7c79edf1
13078402132cb89939a39edf11181fb88ebe390f
f8c35c02ff055694af23c83b1e3019a8c29965ab57ed7db8173a23a38494ff58

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 4315
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-10db"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg

193.108.118.121

200 OK

4.0 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x541b39db", progressive, precision 8, 150x84, components 3\012- data
Size
4.0 kB (4035 bytes)
Hash
416ec3af020687541765d48acb81fc08
48b80345ffb951535d4d6ca811d19bd9dd726998
75c30d77f900b2f4c91f502f45f00606b57a47bb84e6b700fb18482389d88f3c

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 4035
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-fc3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg

193.108.118.121

200 OK

8.6 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 233x131, components 3\012- data
Size
8.6 kB (8615 bytes)
Hash
55778c73ba99a9477464e5c90cdd7e02
bc49e8058f1dafe10e817441de952ba6aa3b7b58
c362fc3a2aafd1b0d8069fb1fae83b5f0abb06443d3e00b21b37be13aeb75bfa

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 8615
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-21a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg

193.108.118.121

200 OK

5.1 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x852b408e", progressive, precision 8, 150x84, components 3\012- data
Size
5.1 kB (5080 bytes)
Hash
72e270f7041c2fe2f326d11e162fb249
3f918a2023f10a01a2ed74713d292df415d14e05
b17ce663fab4421f728ea0dd218d2a8a6a10a4314759fdf139b9388fa26e37f6

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 5080
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-13d8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg

193.108.118.121

200 OK

4.4 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6359dcbc", progressive, precision 8, 150x84, components 3\012- data
Size
4.4 kB (4417 bytes)
Hash
447470b34b66b570c8fc0dbc11c06609
863180b376242e256189888eb99282e597d894c9
dd57f5a80517b8109279b57d702278f31a9878295045c6766931a0453244d749

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 4417
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1141"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg

193.108.118.121

200 OK

7.9 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 233x131, components 3\012- data
Size
7.9 kB (7904 bytes)
Hash
5df975e7a8c0b2610069610c54c5ce6c
ab6390fbb7be1be9a0f4477b4439e34d5175b6fc
bbfb6830dabc55fd598cc0948049f2367d17c80f286e0821e660ba7f5a6b360c

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 7904
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1ee0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg

193.108.118.121

200 OK

3.8 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x8c97c7da", progressive, precision 8, 150x84, components 3\012- data
Size
3.8 kB (3835 bytes)
Hash
6ed4eca1ed776930746531005fcf22aa
11e8643932e35a8ef65be8ef585afee241c8eddc
28849006b773d85fb8fb2295a86bcee5d2cdabb9a23d854ffebbd8dfd203588c

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 3835
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-efb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg

193.108.118.121

200 OK

4.7 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x550d5e4d", progressive, precision 8, 150x84, components 3\012- data
Size
4.7 kB (4664 bytes)
Hash
12f0c14e5943fd57577ce11155107bdb
a484cb296770fe6cb55d25cba19f831cf1aaf7d1
9eb468f7688a901a3626fdde8d0b07dc490a830718c2938d32f70f0ec122a344

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 4664
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1238"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg

193.108.118.121

200 OK

6.8 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1f7d625b", progressive, precision 8, 233x131, components 3\012- data
Size
6.8 kB (6827 bytes)
Hash
2ad4260dc1204ad8f3c0c29bd919830a
fd2ddfca32f55ba5d180af812a787e61ce136480
acc8f76a570c0833d34835f5694409e082b4af09783366596c2e151e0b0ed128

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 6827
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1aab"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif

193.108.118.121

200 OK

1.9 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
GIF image data, version 89a, 88 x 31\012- data
Size
1.9 kB (1882 bytes)
Hash
2bcf55138cde4a65770426a67ea247fc
13d8c808a4276dc88937817d7df7720182c093f6
348fd1e58aec8d99001aca1dd12b72eafef534c2d11725b2280a173d03b5fa6b

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/gif
content-length: 1882
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-75a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/sw.js

193.108.118.121

200 OK

4.2 kB

URL HTTP/2
5.news-civuse.com/sw.js
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (4168)
Size
4.2 kB (4199 bytes)
Hash
569090f90a522f4c62af3b9e40635957
4e6f57da49920f30777f3fe71f83f6183aeb4f3f
ee8c6af307c8d085753adb810c69c8379d1e8d01211b491409c43e9edc9f6fb5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sw.js HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: application/javascript
content-length: 4199
last-modified: Thu, 01 Dec 2022 08:31:02 GMT
etag: "63886646-1067"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/index.php_files/pu.swf

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
5.news-civuse.com/lands/38/index.php_files/pu.swf
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1953 bytes)
Hash
6d40122b8a5b7fd31b5aef2749f519fd
518d585dd26c947344ddea5403324850d1b2f7cd
1da7814acd0d6913438bf701d8a2d2cf29814174b5eff0e6ff129ee74f68a7cf

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/index.php_files/pu.swf HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: application/x-shockwave-flash
content-length: 1953
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:06 GMT
cache-control: max-age=13257
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842186.dop201.sk1.t,1675842186.cds232.sk1.hn,1675842186.cds212.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:06 GMT
cache-control: max-age=20256
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842186.dop201.sk1.t,1675842186.cds232.sk1.hn,1675842186.cds251.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:06 GMT
cache-control: max-age=1574
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842186.dop201.sk1.t,1675842186.cds232.sk1.hn,1675842186.cds205.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:06 GMT
cache-control: max-age=5481
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842186.dop201.sk1.t,1675842186.cds232.sk1.hn,1675842186.cds003.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:06 GMT
cache-control: max-age=12680
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842186.dop201.sk1.t,1675842186.cds232.sk1.hn,1675842186.cds001.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:06 GMT
cache-control: max-age=17418
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842186.dop201.sk1.t,1675842186.cds232.sk1.hn,1675842186.cds247.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css

193.108.118.121

200 OK

6.3 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
6.3 kB (6250 bytes)
Hash
4017230a30fd2de81422baf57cc42ff6
70e0ec756de5ff3e7da696aa5b187f4344793bd0
c4a26437ec996731964beb8292fea2593d775e127586b4ae54e1b974b885a1b4

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-8353"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1979 bytes)
Hash
613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250 HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1979 bytes)
Hash
613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250 HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1995 bytes)
Hash
1b6ee6a5fdcf3c781a0b768964797646
f0bf83f6368d7c31471ad258ce8cfb4848109192
511ad4ad0f3db18490c9b7876d44c887f60d78dd8d06a585367c0ab4ddbbe92f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250 HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/fon2.jpg

193.108.118.121

200 OK

234 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/fon2.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2014 (Windows), datetime=2016:06:21 11:55:20], baseline, precision 8, 990x513, components 3\012- data
Size
234 kB (234218 bytes)
Hash
60f67e63f85561c6f95fd573252d2311
6fc6d41b27131074786778522b86077f477dbd51
0e80e9257f1dd0149894bf37342cb082ef2410263de490e851111fa9531e15c6

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/fon2.jpg HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/jpeg
content-length: 234218
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-392ea"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1979 bytes)
Hash
613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250 HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1995 bytes)
Hash
787dca6a9c809e6dcc3d3018f3f639bb
cf5838982dcd16a1cca3e810716270434413ea80
6fe734b116afdc3782aef601ddee34dfa45e93c69ff372143f3ae187c47627d3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250 HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1995 bytes)
Hash
787dca6a9c809e6dcc3d3018f3f639bb
cf5838982dcd16a1cca3e810716270434413ea80
6fe734b116afdc3782aef601ddee34dfa45e93c69ff372143f3ae187c47627d3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250 HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/favicon.png

193.108.118.121

200 OK

1.2 kB

URL HTTP/2
5.news-civuse.com/lands/38/favicon.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
1.2 kB (1233 bytes)
Hash
e7ffe9c659d8c729e12e20dfe05509be
2c413e09ebd14dd3020209fe9c9183e0335fc250
880c000a3ca23bb89262d9c2ccf9d48bab37dcec09f3b3bf55c8385f58745f50

HTTP Headers

GET /lands/38/favicon.png HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: image/png
content-length: 1233
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-4d1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

browser.sentry-cdn.com/7.19.0/bundle.es5.min.js

151.101.66.217

200 OK

20 kB

URL HTTP/2
browser.sentry-cdn.com/7.19.0/bundle.es5.min.js
IP
151.101.66.217:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (62031)
Size
20 kB (20174 bytes)
Hash
1c6083f7ae34ed2fa3236569eec9ff56
0c1be1b5468042e65e02c8b886c50d26427c9ce7
2b1d69121eb9dc0629126ff02cf7acef2f1924b32b0bb654792ecd9101e10c44

HTTP Headers

GET /7.19.0/bundle.es5.min.js HTTP/1.1
Host: browser.sentry-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Sat, 11 Nov 2023 17:34:32 GMT
last-modified: Thu, 10 Nov 2022 15:50:35 GMT
etag: "1c6083f7ae34ed2fa3236569eec9ff56"
content-type: application/javascript; charset=utf-8
content-encoding: gzip
accept-ranges: bytes
date: Wed, 08 Feb 2023 07:43:06 GMT
age: 7654114
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 20174
X-Firefox-Spdy: h2

errors.house/api/3/envelope/?sentry_key=f1c7cfc107e94764b41b7a2b50de5ae0&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.15.0

144.76.158.184

429 Too Many Requests

162 B

URL HTTP/1.1
errors.house/api/3/envelope/?sentry_key=f1c7cfc107e94764b41b7a2b50de5ae0&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.15.0
IP
144.76.158.184:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
7f44c7691673d77d8557d4d5699ef23a
f30daebcb81f94af5e6dfd9e70585b8904d72ac1
413d294fad14524bf94e764b33ff0f327682549408545171fcf9240189c154ae

HTTP Headers

POST /api/3/envelope/?sentry_key=f1c7cfc107e94764b41b7a2b50de5ae0&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.15.0 HTTP/1.1
Host: errors.house
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 136
Origin: https://5.news-civuse.com
Connection: keep-alive
Referer: https://5.news-civuse.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 429 Too Many Requests
Server: nginx/1.22.1
Date: Wed, 08 Feb 2023 07:43:07 GMT
Content-Type: text/html
Content-Length: 162
Connection: close

6.news-civuse.com/lands/38/lp.js

193.108.118.121

200 OK

1.4 kB

URL HTTP/2
6.news-civuse.com/lands/38/lp.js
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
Unicode text, UTF-8 text
Size
1.4 kB (1418 bytes)
Hash
8441b469fa0c093bd106a66a4068d944
c3698e755cd1ef7b5d29e233ef615219559a96f3
befe8e9f55c6e3fe10fd398534acb713129764b05d852089ac34bfa535a53902

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/lp.js HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: application/javascript
content-length: 1418
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-58a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/revopush.js?v=4

193.108.118.121

200 OK

10 kB

URL HTTP/2
6.news-civuse.com/revopush.js?v=4
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (9954), with no line terminators
Size
10 kB (9954 bytes)
Hash
fc284a0e5d580856ae4863715ad6733e
eb69f303c80ff8e44abc9601b8616c0cf92faafa
2240a1d10744494668058ba210d0d87203609def9fd69d2ac82092ebc79583c0

HTTP Headers

GET /revopush.js?v=4 HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: application/javascript
content-length: 9954
last-modified: Thu, 15 Dec 2022 09:31:10 GMT
etag: "639ae95e-26e2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css

193.108.118.121

200 OK

4.0 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (4028), with no line terminators
Size
4.0 kB (4028 bytes)
Hash
64f6d7d923f18e5d25a4506b45fcd51d
0e636e489bba7af08cb17f8a72c5dc5685774057
18818b4b5458636324d294a8dee67dbde4808ae542e6cefa18ca6d90c1fc4479

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: text/css
content-length: 4028
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: "61deb724-fbc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css

193.108.118.121

200 OK

6.0 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (5955), with no line terminators
Size
6.0 kB (5955 bytes)
Hash
0fe9d8c60b2c31a97fa966d14be642ef
eb4f94b637c54906ae38eb350b6310d552c75e6d
191ae0d72198f51609589e26c7d837d2978382861f60b360148e0af13c8583e1

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: text/css
content-length: 5955
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1743"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css

193.108.118.121

200 OK

8.3 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (8327), with no line terminators
Size
8.3 kB (8327 bytes)
Hash
8cd6ca47d55ffed774fde852523940e0
49e1e837355b3de08055c650488d0a3382bff9c0
17528d5914a702bb12ac6b36c8e3bbbfbcd3d52b54dd613acbacf8f4bb17ae33

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: text/css
content-length: 8327
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: "61deb724-2087"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css

193.108.118.121

200 OK

1.4 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (1391), with no line terminators
Size
1.4 kB (1391 bytes)
Hash
677a255a4a9dc3411b8013e8afb09c42
ec9f1a722b028da2eceb06cdc8c26fc6490a4e70
cc4494353809adb8bdfbbdea2ad72a1a0fc9c84816dc23c7ee1f9466e620eb5e

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: text/css
content-length: 1391
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-56f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css

193.108.118.121

200 OK

44 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
44 kB (44315 bytes)
Hash
d50bf3d8c50f1a241b063cb47fba6e9d
a007edfbdad344a9b5a0abe8ea11d0bf5c8a9ba0
864ac06ee263fddc1ba10a5b353b0f4c268894c81ef9a1897045797063e4c8ce

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-2f3dd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png

193.108.118.121

200 OK

22 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 150 x 40, 8-bit/color RGBA, non-interlaced\012- data
Size
22 kB (21724 bytes)
Hash
19b197d779dd9ee78737a456dbd5c1a6
a3f0b1d0659e5a76bdfaa52bb8f68096d1ab1359
806a8a4abe09c02f4e4b3ed4d6514bfcf1a93a941e838aadf56afaef858d8e37

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/png
content-length: 21724
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-54dc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/104.jpg

193.108.118.121

200 OK

28 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/104.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2014 (Windows), datetime=2016:03:16 09:26:15], baseline, precision 8, 118x88, components 3\012- data
Size
28 kB (27900 bytes)
Hash
c1a5819d50b9125f0c46ded86fd5b4b6
3926c15be79cb7522cefdbf5066d39623e36a283
374f0cede3c1f91ad174b97554017b74cbd29424d7467d039beab541f6deb873

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/104.jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 27900
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6cfc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg

193.108.118.121

200 OK

17 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 118x88, components 3\012- data
Size
17 kB (17350 bytes)
Hash
215029a9775d1e9a56c93912ab03f4c6
6a3dbd676e2ea61850d2a20086b9ec84127da0ae
e071c52839ef37679439165349ffdd98cf19aa7e35d0293a1bec69743db70b16

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 17350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-43c6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg

193.108.118.121

200 OK

12 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 118x88, components 3\012- data
Size
12 kB (12525 bytes)
Hash
ea52ae32ae4319fb03da1672b0c20ed3
4efd8189179b260a4b51fd4b28d729b6143ef00a
43a4ca83560d5720ffeccf17478d6a1741f86639f35744fb61fcb139dc3020a6

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 12525
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-30ed"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:07 GMT
cache-control: max-age=13256
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842187.dop201.sk1.t,1675842187.cds232.sk1.hn,1675842187.cds212.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/jquery-3.2.1.min.js

193.108.118.121

200 OK

41 kB

URL HTTP/2
5.news-civuse.com/lands/38/jquery-3.2.1.min.js
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
41 kB (41416 bytes)
Hash
b383d8d2d834243b6608f9e319bc827b
7566f4226ca85a11da318fee862c2fa574df8592
f1905749666498478245f03878ab672a668bd4d230076305fd725d1b7ea77b54

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/jquery-3.2.1.min.js HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: application/javascript
last-modified: Thu, 12 Sep 2019 09:33:06 GMT
etag: W/"5d7a10d2-15283"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:07 GMT
cache-control: max-age=20255
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842187.dop201.sk1.t,1675842187.cds232.sk1.hn,1675842187.cds251.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:07 GMT
cache-control: max-age=1573
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842187.dop201.sk1.t,1675842187.cds232.sk1.hn,1675842187.cds205.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg

193.108.118.121

200 OK

14 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Size
14 kB (13505 bytes)
Hash
9903db279cf9714141daac34523f39b6
ac412f9ce9b8c50155e9adb9f5095d82519ccd24
f562892c60fef407c954fd73d6908003c42f832c4ae86f8264438a576ce2c1cd

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 13505
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-34c1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:07 GMT
cache-control: max-age=5480
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842187.dop201.sk1.t,1675842187.cds232.sk1.hn,1675842187.cds003.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css

193.108.118.121

200 OK

24 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
24 kB (23819 bytes)
Hash
35ad7142cfd8ada78724e9f9a06da410
ee980db6bce929b6ef9ddd7a69c550a4b939f24b
bdee9356af1e213888b40d1b4afa2e014edf7ed98575dd8d6b6efe97ba357c26

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-1327c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:07 GMT
cache-control: max-age=17417
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842187.dop201.sk1.t,1675842187.cds232.sk1.hn,1675842187.cds247.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

4.news-civuse.com/traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38

193.108.118.121

200 OK

25 kB

URL HTTP/2
4.news-civuse.com/traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
25 kB (24746 bytes)
Hash
8b795c2b91a6b43ad572e74520f6e107
e405eb0b864f5ebc9bbefe43bf8cb9e39d1e5258
5f7db99273d3d30979c6612befaea09147ef1395cd185e709ef6570a8c35f20c

HTTP Headers

GET /traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38 HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Connection: keep-alive
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/jquery-3.2.1.min.js

193.108.118.121

200 OK

45 kB

URL HTTP/2
4.news-civuse.com/lands/38/jquery-3.2.1.min.js
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
45 kB (45364 bytes)
Hash
d3d70b4e5e650c184bc241b51c878759
1a2a11eeaa65028f331b74c62e31f786d77dbb90
12ec3a96d554277a2196a80d1837a592b519e83f417ec0f8a6676cd0e9b92ac1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/jquery-3.2.1.min.js HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: application/javascript
last-modified: Thu, 12 Sep 2019 09:33:06 GMT
etag: W/"5d7a10d2-15283"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg

193.108.118.121

200 OK

18 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Size
18 kB (17978 bytes)
Hash
10e8794e65f20d32932985bf814b8965
0627b8648373340d2ba949fd7fe50611d11b033b
43b9f39f94acb50efb3b6981a6c931dcf25eefcc7b7734a927036255263eee39

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 17978
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-463a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:07 GMT
cache-control: max-age=23820
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842187.dop201.sk1.t,1675842187.cds232.sk1.hn,1675842187.cds219.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif

193.108.118.121

200 OK

2.4 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
GIF image data, version 89a, 116 x 86\012- data
Size
2.4 kB (2350 bytes)
Hash
ec706a0634f1e5e06ad775b2b2ebdcf2
5a18c424f7b84b40709a6b78b2d632639bb3ff2b
9613f59211bd2194336c666d11a0d2e1daa4dd96d543e661f5835e0a621c2f5d

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/gif
content-length: 2350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-92e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg

193.108.118.121

200 OK

9.0 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xae3bf698", progressive, precision 8, 258x145, components 3\012- data
Size
9.0 kB (9007 bytes)
Hash
58357cada0f0171d2a84540391219649
57123e69e055b4d818faedec09884135c5d4a31e
742c68ecf3dcc1096143a0a5d00f4a15a3edb13fd497ea2931e67e66826addd0

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 9007
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-232f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg

193.108.118.121

200 OK

9.6 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x70755b56", progressive, precision 8, 258x145, components 3\012- data
Size
9.6 kB (9565 bytes)
Hash
8fcd27f0bcc790f75f46d275a19a6300
556d3ca4dec168c77ae4a73c0c6e8291ef1291c0
78410be719ee73e00845d44e100e280d3989fc3d0fa4d3dcfcd888f13ded1843

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 9565
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-255d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg

193.108.118.121

200 OK

15 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x541b39db", progressive, precision 8, 258x145, components 3\012- data
Size
15 kB (14653 bytes)
Hash
bb05342bd1f87ae7624aba323af77dca
4b7c875644d0b6a424abf06cda89ad135bd53d81
828e2c12259274e1eb1c212f3498fb31503462023c4b2642da4f795209b755de

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 14653
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-393d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg

193.108.118.121

200 OK

10 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1d6d8e5e", progressive, precision 8, 258x145, components 3\012- data
Size
10 kB (10352 bytes)
Hash
1541881a313c963dc754657aefd89ef0
fb41198c81ac17da4f9a34e4b4bf21c8c7fe6001
75e1629d9fad2e22b9d9983c65874a19a3f639db43c11db713a7f972b8f72117

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 10352
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2870"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg

193.108.118.121

200 OK

9.0 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 258x145, components 3\012- data
Size
9.0 kB (9032 bytes)
Hash
6c17c634ebd856cc85bedd931ac01680
d1e1b9358749b9fd4ff851bb4cbdce54a6223ce8
c1ced3a91bde391f64c6cef03b164cd89ffd499fa5d75a3f797bc57b1fc3c191

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 9032
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2348"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg

193.108.118.121

200 OK

8.3 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x8c97c7da", progressive, precision 8, 258x145, components 3\012- data
Size
8.3 kB (8266 bytes)
Hash
bc1cdeea817d887b981f26bc84236b93
4528ed7010e2e0c774890d6041a60cbeb3c69c92
d737ffd9379d8f2734c1dc6304e4ff75f1c946de29371a1ec9ddc01f423076dd

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 8266
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-204a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg

193.108.118.121

200 OK

9.3 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x7cd1fc83", progressive, precision 8, 258x145, components 3\012- data
Size
9.3 kB (9338 bytes)
Hash
5ec2461279f77afe0c6fbb935bd0b94a
95c6e9171db79ea69ce718b02484e36816d1a1cd
ac60e5738d3cf6d32004e1ddfcf4368e256f1928ea923f9369869b8e9af665ba

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 9338
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-247a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg

193.108.118.121

200 OK

9.9 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x50dba82c", progressive, precision 8, 258x145, components 3\012- data
Size
9.9 kB (9914 bytes)
Hash
eed80bba1e2813e70d57a5f3a6bbdf09
3965668a7340d071731a89abf73cc4b3efe4dac3
9ef4f06c23420fae9b1fd163d0719be1b2b258d74d27f7933c810ad64c93ac93

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 9914
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-26ba"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg

193.108.118.121

200 OK

8.9 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1f7d625b", progressive, precision 8, 258x145, components 3\012- data
Size
8.9 kB (8885 bytes)
Hash
77df6b7e2677b46a053508a92026cb8a
decad70c5281062495250250fdf985b6073a8a91
6143cd3687b480264dad4e3d3a237c30c26c859ef7fe1c2a7b32472fb65710c0

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 8885
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-22b5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg

193.108.118.121

200 OK

12 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 258x145, components 3\012- data
Size
12 kB (12127 bytes)
Hash
081a01df58865529d3edcbc765c4dcb5
a7fe3ca35fe5e244926a80addda994218806f613
edebf400c8f60c306491e7b2f8a695b7dde10cf49eed66125423571a1cd60d05

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 12127
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2f5f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/button.png

193.108.118.121

200 OK

20 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/button.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 107 x 93, 8-bit/color RGBA, non-interlaced\012- data
Size
20 kB (19948 bytes)
Hash
e2aadceedde9aef1bf42c176b31c585c
76c14eae7537160a304aa458bf11a985d5a57375
2b1ff8c49202306d33deac4cf49841f59c1a49d15c80a77c1e001369578cef3f

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/button.png HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/png
content-length: 19948
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-4dec"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/load.gif

193.108.118.121

200 OK

15 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/load.gif
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
GIF image data, version 89a, 64 x 64\012- data
Size
15 kB (14574 bytes)
Hash
571dfe045d66b88d2d5c82151a1bf579
8966eb7cd27754263bd2861737b695386273f423
7c7cd7a7155d3d38bb49fc82c83aa14ed24d56f6886623299b13b6a81486a871

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/load.gif HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/gif
content-length: 14574
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-38ee"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/flash.jpg

193.108.118.121

200 OK

3.8 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/flash.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Size
3.8 kB (3829 bytes)
Hash
d660b4b574161fdee86ae57edc8ed0ab
0b947dc39c7ba7415dd78683e06366ff3848b2d5
7483a49fc67a21c7a295b03880aa6c37425f3e96d60dff1ac36eff743ecf6078

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/flash.jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 3829
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-ef5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/panel.jpg

193.108.118.121

200 OK

24 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/panel.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2016:05:13 17:11:55], baseline, precision 8, 990x36, components 3\012- data
Size
24 kB (23598 bytes)
Hash
ab6b76c0cc6683324bd7fe5923b24d17
559b8b1e50f80b7a218e25ce443e523401882577
a923ea85ee73e53db73038b2ea8712e7e40b067cde25b05ffa999608b17a304d

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/panel.jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 23598
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-5c2e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css

193.108.118.121

200 OK

4.0 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
4.0 kB (3958 bytes)
Hash
58f45cb856dfa07dda99194fc06a97a0
0fbd28090d0a450a91ef994a68d2de8c083cbc4b
7dfa83341ace1c46f9de4515aa024521e33b5401fc9d254658d200d7f6d9870f

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-3957"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg

193.108.118.121

200 OK

1.9 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.9 kB (1889 bytes)
Hash
ddf58dd1f8745a81264b21bcf1f9cc77
73a35df521dc648af06e2e490cac929bc681a06c
a2315bfaefeae19a449f38fe4131531c7603f5c7e75e956c240074da66123134

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 1889
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-761"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg

193.108.118.121

200 OK

1.4 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x2a0818fe", progressive, precision 8, 60x60, components 3\012- data
Size
1.4 kB (1394 bytes)
Hash
609e06417314a6476bc6d0f3c1900e20
0e2b0d425bd9e5cc0ebb386b093adf64d464ac1e
9450244a77e354c177c18a691c0e5f0c2fc5d0ddf921f40178cbb8bfe4a076ac

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 1394
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-572"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg

193.108.118.121

200 OK

2.6 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe705e0c1", progressive, precision 8, 60x60, components 3\012- data
Size
2.6 kB (2646 bytes)
Hash
677577d8c6ffb0107ee5c9fbabaa4af7
0bfcbbafee19eeeae113103080c41cd95b4083e5
3a215afa0d15ae2985cfb88e51e90b727f0ba03fe10f8e0b0980ef55af91bdb0

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 2646
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-a56"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg

193.108.118.121

200 OK

1.2 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.2 kB (1191 bytes)
Hash
1226a24c469c0fba3970548aab13650f
a6d371e4acc2a9181d1d6bf13b5d51f82c49a943
6a1513dacd3fcffe47245068fe9fa6a49cdc9c352b8d9cbf8f72005c4cf5cafc

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 1191
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-4a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg

193.108.118.121

200 OK

1.7 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.7 kB (1729 bytes)
Hash
3db490cc8f824e29d6fb07ba75a97a20
84c2c26447f7b49c76999f31c0ed526bde13c6c4
5c13ca439c63d5f3e5d638ba055f399058117d3b554ae3fb751d4a39043a14fd

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 1729
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6c1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg

193.108.118.121

200 OK

1.4 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xb7d2e3cb", progressive, precision 8, 60x60, components 3\012- data
Size
1.4 kB (1441 bytes)
Hash
47e765dc1abef2d79edafb5fce1c64b5
93d3e7f1e11dd2d98ca3ffb3b49a0211ed76f273
185540f06acc82b2dc4bdfa6d2deb4ce7454bb1e28783acdde67f8a9a90597b1

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 1441
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-5a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg

193.108.118.121

200 OK

1.8 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.8 kB (1809 bytes)
Hash
f042aa7a438ca85be0afeba44a3ac116
183c8b20394fdaf6ba757ff76d3f25e33092369e
05b76ed86b70990f4307223391e1c9abfff59ec545d75d94683c0f69713eed79

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 1809
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-711"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg

193.108.118.121

200 OK

1.9 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.9 kB (1902 bytes)
Hash
16b2fab44ddad0b620d0eaec2fc1e425
24fa279de6ceb2c0434ff4e750639e15eb22ed29
58076ed17c6377d23375ec949c6cb2eade75010dcf82ba0e64dbdcbd67583912

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 1902
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-76e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg

193.108.118.121

200 OK

1.1 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x0bb5b909", progressive, precision 8, 60x60, components 3\012- data
Size
1.1 kB (1085 bytes)
Hash
01ed303509acb0c822fa3c55976d4b96
7ed250f181498962ebafd21f1bde4ca15e6953c6
fba198ced4795895d1f6d0bc2247d315eb8cc6dda60ad119c99846d68d0ce445

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 1085
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-43d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js

193.108.118.121

200 OK

18 kB

URL HTTP/2
4.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
18 kB (17527 bytes)
Hash
716c8dbe856fe8c17a861b03dd55ca3c
0a4644945e82115e5acfdcd0f3d15be32baedf60
7f96a991d6eda92522c7899a3a168098075e49677df59d7e2ce5b39c06ec8cb1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js HTTP/1.1
Host: 4.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:05 GMT
content-type: application/javascript
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: W/"5d7a0ef0-f889"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe0e89376", progressive, precision 8, 60x60, components 3\012- data
Size
2.0 kB (1979 bytes)
Hash
3f809b94b5e5607da5b5c6506a8729c1
26f4376095902a56db86ea2c76689f15ba3cf9c2
7b84461772bad27e431676a53efae81d8584a102f3f6f407ae0a54469a938ff6

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-7bb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg

193.108.118.121

200 OK

3.1 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xd191bb02", progressive, precision 8, 60x60, components 3\012- data
Size
3.1 kB (3063 bytes)
Hash
cbff1c490bcdcad2989c2549f278eae5
56e1b4489cfc0d54f9f72e15777788beba396c95
6d96d3de01207ab505c62b2da624ba787cabe4fee767c181b175186e50c23af4

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 3063
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-bf7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg

193.108.118.121

200 OK

1.8 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.8 kB (1758 bytes)
Hash
52eba434e5411806cd92add275d164ea
0cc9df3c52de111a307dc3d8d22254cf51b0c77f
a4c2a01f64274d0ede23e233e2be19225c68e5e5a6206b338fb8bc6410f7005f

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 1758
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6de"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png

193.108.118.121

200 OK

1.0 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
1.0 kB (1045 bytes)
Hash
c840b43a0575b0a1742c50f186a67c22
d1ac0da47b4394a9dbea90eee26a260b5268c4d9
6a8ef9be89e89c23d6d96c50e2fa62bd25473e9cc7a79e2cd1ef64e2647cb38a

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/png
content-length: 1045
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-415"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg

193.108.118.121

200 OK

1.4 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x2a0818fe", progressive, precision 8, 60x60, components 3\012- data
Size
1.4 kB (1373 bytes)
Hash
a08c2c5266f9701e422f042b4a3809c5
9884cf987f84b282f920634b2ab811077dfef7a3
054df6bf8ee2bcb904269745cd2c0830918d9e1a6ff1f965673af5f2946a3c37

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 1373
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-55d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg

193.108.118.121

200 OK

1.6 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe0e89376", progressive, precision 8, 60x60, components 3\012- data
Size
1.6 kB (1563 bytes)
Hash
bfa11442f9457a03384ecf8128a586a2
a30e6f6a18be085197605b6463f840cb249d0510
941411042624c554a5828ee596c1e3ade4a787ae2fad6e5b6d585ab6a6e1e3c6

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 1563
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-61b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png

193.108.118.121

200 OK

1.0 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
1.0 kB (1046 bytes)
Hash
96f46fad8cda5895b895f6ec3f95cda4
3bd79ef305bfa4b7c1a3f328828c63f89a818878
8e48576faf920cae224c669d61831d0ad5fc23f6220e83955275a3115bb568fc

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/png
content-length: 1046
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-416"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg

193.108.118.121

200 OK

887 B

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
887 B (887 bytes)
Hash
7754ce192cf45ea10de0706da442d2ff
b5b7d0fcf5e84b04b34629d5a5a9c0bb69ca5238
0bfd7fc5264b6cede1f78a26a96cee917f96989822aa2aa20ac854e13ad46b2b

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 887
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-377"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg

193.108.118.121

200 OK

841 B

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
841 B (841 bytes)
Hash
9cf522c306866742c2806e0c14c8bca7
7a3ff28af2c6f7cfd036ec4fc162651eaf634f7e
fa09bef7875241c06a9e2505bc698a189d3b3ce012af29c65817fd476627ec87

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 841
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-349"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg

193.108.118.121

200 OK

2.6 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe705e0c1", progressive, precision 8, 60x60, components 3\012- data
Size
2.6 kB (2553 bytes)
Hash
950ff8ae916df997fea302859ca2ccb4
42232e28878f65aaf4120d9435784ad46c2be71c
c0b01da5a48a7ddd619a2dee26bec77300b68bb1b028716320719f9c1a5f769e

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 2553
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-9f9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg

193.108.118.121

200 OK

4.6 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 150x84, components 3\012- data
Size
4.6 kB (4644 bytes)
Hash
0fa4a903a2adc9da58b52661ebc8d38c
061c6359c2951da7509f6ae4039c2f0bc1ce6b62
79d6da7e0398c3f607c4bbc93562cf6ab96bb800cdab4ef6df82718cf0a0d3e5

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 4644
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1224"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg

193.108.118.121

200 OK

4.4 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x550d5e4d", progressive, precision 8, 150x84, components 3\012- data
Size
4.4 kB (4397 bytes)
Hash
58477c52a9d639b91b16f022d4676bcf
51a85ef703617e996c50cd76b38f2507517a9f25
a0653cc819b252702f55439d6f8763d212fca2f9f604d67224a2a9891e8eadbe

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 4397
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-112d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg

193.108.118.121

200 OK

7.0 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x7ab4f024", progressive, precision 8, 233x131, components 3\012- data
Size
7.0 kB (6972 bytes)
Hash
2a4d527ed65de8e2e0a69dc9d50442d2
8ec4547a38c9e3d37469acfe21ea755531776f09
275876bbb5190da100ae4f9aca976ec15cea0de20d42e167f522a0a50ba8ca02

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 6972
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1b3c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg

193.108.118.121

200 OK

4.3 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x852b408e", progressive, precision 8, 150x84, components 3\012- data
Size
4.3 kB (4315 bytes)
Hash
365e215442256548316a73bc7c79edf1
13078402132cb89939a39edf11181fb88ebe390f
f8c35c02ff055694af23c83b1e3019a8c29965ab57ed7db8173a23a38494ff58

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 4315
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-10db"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg

193.108.118.121

200 OK

4.0 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x541b39db", progressive, precision 8, 150x84, components 3\012- data
Size
4.0 kB (4035 bytes)
Hash
416ec3af020687541765d48acb81fc08
48b80345ffb951535d4d6ca811d19bd9dd726998
75c30d77f900b2f4c91f502f45f00606b57a47bb84e6b700fb18482389d88f3c

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 4035
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-fc3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg

193.108.118.121

200 OK

8.6 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 233x131, components 3\012- data
Size
8.6 kB (8615 bytes)
Hash
55778c73ba99a9477464e5c90cdd7e02
bc49e8058f1dafe10e817441de952ba6aa3b7b58
c362fc3a2aafd1b0d8069fb1fae83b5f0abb06443d3e00b21b37be13aeb75bfa

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 8615
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-21a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg

193.108.118.121

200 OK

5.1 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x852b408e", progressive, precision 8, 150x84, components 3\012- data
Size
5.1 kB (5080 bytes)
Hash
72e270f7041c2fe2f326d11e162fb249
3f918a2023f10a01a2ed74713d292df415d14e05
b17ce663fab4421f728ea0dd218d2a8a6a10a4314759fdf139b9388fa26e37f6

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 5080
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-13d8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg

193.108.118.121

200 OK

4.4 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6359dcbc", progressive, precision 8, 150x84, components 3\012- data
Size
4.4 kB (4417 bytes)
Hash
447470b34b66b570c8fc0dbc11c06609
863180b376242e256189888eb99282e597d894c9
dd57f5a80517b8109279b57d702278f31a9878295045c6766931a0453244d749

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 4417
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1141"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg

193.108.118.121

200 OK

7.9 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 233x131, components 3\012- data
Size
7.9 kB (7904 bytes)
Hash
5df975e7a8c0b2610069610c54c5ce6c
ab6390fbb7be1be9a0f4477b4439e34d5175b6fc
bbfb6830dabc55fd598cc0948049f2367d17c80f286e0821e660ba7f5a6b360c

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 7904
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1ee0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg

193.108.118.121

200 OK

3.8 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x8c97c7da", progressive, precision 8, 150x84, components 3\012- data
Size
3.8 kB (3835 bytes)
Hash
6ed4eca1ed776930746531005fcf22aa
11e8643932e35a8ef65be8ef585afee241c8eddc
28849006b773d85fb8fb2295a86bcee5d2cdabb9a23d854ffebbd8dfd203588c

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 3835
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-efb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg

193.108.118.121

200 OK

4.7 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x550d5e4d", progressive, precision 8, 150x84, components 3\012- data
Size
4.7 kB (4664 bytes)
Hash
12f0c14e5943fd57577ce11155107bdb
a484cb296770fe6cb55d25cba19f831cf1aaf7d1
9eb468f7688a901a3626fdde8d0b07dc490a830718c2938d32f70f0ec122a344

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 4664
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1238"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg

193.108.118.121

200 OK

6.8 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1f7d625b", progressive, precision 8, 233x131, components 3\012- data
Size
6.8 kB (6827 bytes)
Hash
2ad4260dc1204ad8f3c0c29bd919830a
fd2ddfca32f55ba5d180af812a787e61ce136480
acc8f76a570c0833d34835f5694409e082b4af09783366596c2e151e0b0ed128

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 6827
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1aab"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif

193.108.118.121

200 OK

1.9 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
GIF image data, version 89a, 88 x 31\012- data
Size
1.9 kB (1882 bytes)
Hash
2bcf55138cde4a65770426a67ea247fc
13d8c808a4276dc88937817d7df7720182c093f6
348fd1e58aec8d99001aca1dd12b72eafef534c2d11725b2280a173d03b5fa6b

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/gif
content-length: 1882
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-75a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css

193.108.118.121

200 OK

13 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
13 kB (13368 bytes)
Hash
cbf24afd88ae740f7af2d1fc54951d5a
92549eac63c65aa59e87592ee546158249ab3e82
ede287d5f255c962af499a77f1a2a6d6f37c0600f59190fe52b816b922a1ef64

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-10b2b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/index.php_files/pu.swf

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
6.news-civuse.com/lands/38/index.php_files/pu.swf
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1953 bytes)
Hash
6d40122b8a5b7fd31b5aef2749f519fd
518d585dd26c947344ddea5403324850d1b2f7cd
1da7814acd0d6913438bf701d8a2d2cf29814174b5eff0e6ff129ee74f68a7cf

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/index.php_files/pu.swf HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: application/x-shockwave-flash
content-length: 1953
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:07 GMT
cache-control: max-age=13256
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842187.dop201.sk1.t,1675842187.cds232.sk1.hn,1675842187.cds212.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css

193.108.118.121

200 OK

11 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
11 kB (10722 bytes)
Hash
a0bd8fc4369589e155458ef80626040b
1bca34e4cf03de587d454580868a132b0957b873
160cca693a3e0a0a865b6c811a4a2e49983b06f3454d50bcb883e5dcc7137b48

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-1327c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:07 GMT
cache-control: max-age=1573
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842187.dop201.sk1.t,1675842187.cds232.sk1.hn,1675842187.cds205.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:07 GMT
cache-control: max-age=5480
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842187.dop201.sk1.t,1675842187.cds232.sk1.hn,1675842187.cds003.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:07 GMT
cache-control: max-age=12679
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842187.dop201.sk1.t,1675842187.cds232.sk1.hn,1675842187.cds001.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:07 GMT
cache-control: max-age=17417
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842187.dop201.sk1.t,1675842187.cds232.sk1.hn,1675842187.cds247.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:07 GMT
cache-control: max-age=23820
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842187.dop201.sk1.t,1675842187.cds232.sk1.hn,1675842187.cds219.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

errors.house/api/3/envelope/?sentry_key=f1c7cfc107e94764b41b7a2b50de5ae0&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.15.0

144.76.158.184

429 Too Many Requests

162 B

URL HTTP/1.1
errors.house/api/3/envelope/?sentry_key=f1c7cfc107e94764b41b7a2b50de5ae0&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.15.0
IP
144.76.158.184:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
7f44c7691673d77d8557d4d5699ef23a
f30daebcb81f94af5e6dfd9e70585b8904d72ac1
413d294fad14524bf94e764b33ff0f327682549408545171fcf9240189c154ae

HTTP Headers

POST /api/3/envelope/?sentry_key=f1c7cfc107e94764b41b7a2b50de5ae0&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.15.0 HTTP/1.1
Host: errors.house
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://6.news-civuse.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://6.news-civuse.com
Content-Length: 1252
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 429 Too Many Requests
Server: nginx/1.22.1
Date: Wed, 08 Feb 2023 07:43:07 GMT
Content-Type: text/html
Content-Length: 162
Connection: close

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1979 bytes)
Hash
613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250 HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1979 bytes)
Hash
613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250 HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1995 bytes)
Hash
1b6ee6a5fdcf3c781a0b768964797646
f0bf83f6368d7c31471ad258ce8cfb4848109192
511ad4ad0f3db18490c9b7876d44c887f60d78dd8d06a585367c0ab4ddbbe92f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250 HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css

193.108.118.121

200 OK

237 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
237 kB (237289 bytes)
Hash
a6c2df9c449d6f6a426720cb3a436bc1
a63dc54df9b7fa583f9ef17a9c42996f6936ad63
64bc4d3c53048b1ba04eb93ebd1463749c72da342842422401ebb5106500c139

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-3957"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1979 bytes)
Hash
613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250 HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1995 bytes)
Hash
787dca6a9c809e6dcc3d3018f3f639bb
cf5838982dcd16a1cca3e810716270434413ea80
6fe734b116afdc3782aef601ddee34dfa45e93c69ff372143f3ae187c47627d3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250 HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1995 bytes)
Hash
787dca6a9c809e6dcc3d3018f3f639bb
cf5838982dcd16a1cca3e810716270434413ea80
6fe734b116afdc3782aef601ddee34dfa45e93c69ff372143f3ae187c47627d3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250 HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2

browser.sentry-cdn.com/7.19.0/bundle.es5.min.js

151.101.66.217

200 OK

20 kB

URL HTTP/2
browser.sentry-cdn.com/7.19.0/bundle.es5.min.js
IP
151.101.66.217:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (62031)
Size
20 kB (20174 bytes)
Hash
1c6083f7ae34ed2fa3236569eec9ff56
0c1be1b5468042e65e02c8b886c50d26427c9ce7
2b1d69121eb9dc0629126ff02cf7acef2f1924b32b0bb654792ecd9101e10c44

HTTP Headers

GET /7.19.0/bundle.es5.min.js HTTP/1.1
Host: browser.sentry-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Sat, 11 Nov 2023 17:34:32 GMT
last-modified: Thu, 10 Nov 2022 15:50:35 GMT
etag: "1c6083f7ae34ed2fa3236569eec9ff56"
content-type: application/javascript; charset=utf-8
content-encoding: gzip
accept-ranges: bytes
date: Wed, 08 Feb 2023 07:43:07 GMT
age: 7654115
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 20174
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/favicon.png

193.108.118.121

200 OK

1.2 kB

URL HTTP/2
6.news-civuse.com/lands/38/favicon.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
1.2 kB (1233 bytes)
Hash
e7ffe9c659d8c729e12e20dfe05509be
2c413e09ebd14dd3020209fe9c9183e0335fc250
880c000a3ca23bb89262d9c2ccf9d48bab37dcec09f3b3bf55c8385f58745f50

HTTP Headers

GET /lands/38/favicon.png HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/png
content-length: 1233
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-4d1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/lp.js

193.108.118.121

200 OK

1.4 kB

URL HTTP/2
7.news-civuse.com/lands/38/lp.js
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
Unicode text, UTF-8 text
Size
1.4 kB (1418 bytes)
Hash
8441b469fa0c093bd106a66a4068d944
c3698e755cd1ef7b5d29e233ef615219559a96f3
befe8e9f55c6e3fe10fd398534acb713129764b05d852089ac34bfa535a53902

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/lp.js HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: application/javascript
content-length: 1418
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-58a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

6.news-civuse.com/traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38

193.108.118.121

200 OK

10 kB

URL HTTP/2
6.news-civuse.com/traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
10 kB (10050 bytes)
Hash
390e05b44103335be7b86fc447441434
55f274f6ced76532174b02cbc8cd90647688ee94
d60a76f7e87eead3f7278f31db81f98c1e3fa08518de9850b6e1e26749abdddc

HTTP Headers

GET /traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38 HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Connection: keep-alive
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

errors.house/api/3/envelope/?sentry_key=f1c7cfc107e94764b41b7a2b50de5ae0&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.15.0

144.76.158.184

429 Too Many Requests

162 B

URL HTTP/1.1
errors.house/api/3/envelope/?sentry_key=f1c7cfc107e94764b41b7a2b50de5ae0&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.15.0
IP
144.76.158.184:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
7f44c7691673d77d8557d4d5699ef23a
f30daebcb81f94af5e6dfd9e70585b8904d72ac1
413d294fad14524bf94e764b33ff0f327682549408545171fcf9240189c154ae

HTTP Headers

POST /api/3/envelope/?sentry_key=f1c7cfc107e94764b41b7a2b50de5ae0&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.15.0 HTTP/1.1
Host: errors.house
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 136
Origin: https://6.news-civuse.com
Connection: keep-alive
Referer: https://6.news-civuse.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 429 Too Many Requests
Server: nginx/1.22.1
Date: Wed, 08 Feb 2023 07:43:07 GMT
Content-Type: text/html
Content-Length: 162
Connection: close

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css

193.108.118.121

200 OK

4.0 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (4028), with no line terminators
Size
4.0 kB (4028 bytes)
Hash
64f6d7d923f18e5d25a4506b45fcd51d
0e636e489bba7af08cb17f8a72c5dc5685774057
18818b4b5458636324d294a8dee67dbde4808ae542e6cefa18ca6d90c1fc4479

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: text/css
content-length: 4028
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: "61deb724-fbc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css

193.108.118.121

200 OK

6.0 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (5955), with no line terminators
Size
6.0 kB (5955 bytes)
Hash
0fe9d8c60b2c31a97fa966d14be642ef
eb4f94b637c54906ae38eb350b6310d552c75e6d
191ae0d72198f51609589e26c7d837d2978382861f60b360148e0af13c8583e1

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: text/css
content-length: 5955
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1743"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css

193.108.118.121

200 OK

8.3 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (8327), with no line terminators
Size
8.3 kB (8327 bytes)
Hash
8cd6ca47d55ffed774fde852523940e0
49e1e837355b3de08055c650488d0a3382bff9c0
17528d5914a702bb12ac6b36c8e3bbbfbcd3d52b54dd613acbacf8f4bb17ae33

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: text/css
content-length: 8327
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: "61deb724-2087"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css

193.108.118.121

200 OK

1.4 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (1391), with no line terminators
Size
1.4 kB (1391 bytes)
Hash
677a255a4a9dc3411b8013e8afb09c42
ec9f1a722b028da2eceb06cdc8c26fc6490a4e70
cc4494353809adb8bdfbbdea2ad72a1a0fc9c84816dc23c7ee1f9466e620eb5e

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: text/css
content-length: 1391
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-56f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/18.png

193.108.118.121

200 OK

12 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/18.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (12136 bytes)
Hash
833a12d372440b20017502d3c72e0b20
5fb9301142e3c53f65cd16502b35d7d1d5f82b98
1531ac56322b89715a35b1cdb5ca1f79f453614f368455b2cc8ef650a992f8cd

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/18.png HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/png
content-length: 12136
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2f68"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png

193.108.118.121

200 OK

22 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 150 x 40, 8-bit/color RGBA, non-interlaced\012- data
Size
22 kB (21724 bytes)
Hash
19b197d779dd9ee78737a456dbd5c1a6
a3f0b1d0659e5a76bdfaa52bb8f68096d1ab1359
806a8a4abe09c02f4e4b3ed4d6514bfcf1a93a941e838aadf56afaef858d8e37

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/png
content-length: 21724
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-54dc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css

193.108.118.121

200 OK

48 kB

URL HTTP/2
5.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
48 kB (48351 bytes)
Hash
b72dcd3af41dd86f0e6441a480e2807d
c365c9cd33e5879e1f428d384c3ca04f69290eea
cfa148562f652050db46abe78bfc537965772427fcf8e801c37f2838c765c45f

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-6aa0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg

193.108.118.121

200 OK

17 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 118x88, components 3\012- data
Size
17 kB (17350 bytes)
Hash
215029a9775d1e9a56c93912ab03f4c6
6a3dbd676e2ea61850d2a20086b9ec84127da0ae
e071c52839ef37679439165349ffdd98cf19aa7e35d0293a1bec69743db70b16

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 17350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-43c6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg

193.108.118.121

200 OK

12 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 118x88, components 3\012- data
Size
12 kB (12525 bytes)
Hash
ea52ae32ae4319fb03da1672b0c20ed3
4efd8189179b260a4b51fd4b28d729b6143ef00a
43a4ca83560d5720ffeccf17478d6a1741f86639f35744fb61fcb139dc3020a6

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 12525
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-30ed"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg

193.108.118.121

200 OK

11 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Size
11 kB (11238 bytes)
Hash
2f03fbd61721fdf46883333595050c77
8361f15c906a9457340fc21febd22b5ede56ac61
9f6c76cf695bc0785f4e4f8bb3abe93255af3ea1597307d567dc0fc93fa70560

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 11238
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2be6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg

193.108.118.121

200 OK

14 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Size
14 kB (13505 bytes)
Hash
9903db279cf9714141daac34523f39b6
ac412f9ce9b8c50155e9adb9f5095d82519ccd24
f562892c60fef407c954fd73d6908003c42f832c4ae86f8264438a576ce2c1cd

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 13505
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-34c1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:08 GMT
cache-control: max-age=13255
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842188.dop201.sk1.t,1675842188.cds232.sk1.hn,1675842188.cds212.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg

193.108.118.121

200 OK

13 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 118x88, components 3\012- data
Size
13 kB (13106 bytes)
Hash
99a404d25bcdd47a141dafdbe046d0cf
04de642c5cbc865c29ab3599c1c4fa19f2a6ba8e
fbe779bcef340ba0b148f84b50a8323a2bbb493674e130bf877d87c6d163ed36

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 13106
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-3332"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:08 GMT
cache-control: max-age=20254
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842188.dop201.sk1.t,1675842188.cds232.sk1.hn,1675842188.cds251.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg

193.108.118.121

200 OK

16 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Size
16 kB (15481 bytes)
Hash
5a34545daf4bc481bcbc3573062aa426
132d09d36ede8f32c3168ecaaa631e5959ce38ef
c044a81b14812c50f3142ad20d0ca862923daba2483eb164b0348ba98d3b7855

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 15481
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-3c79"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg

193.108.118.121

200 OK

18 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Size
18 kB (17978 bytes)
Hash
10e8794e65f20d32932985bf814b8965
0627b8648373340d2ba949fd7fe50611d11b033b
43b9f39f94acb50efb3b6981a6c931dcf25eefcc7b7734a927036255263eee39

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 17978
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-463a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif

193.108.118.121

200 OK

2.4 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
GIF image data, version 89a, 116 x 86\012- data
Size
2.4 kB (2350 bytes)
Hash
ec706a0634f1e5e06ad775b2b2ebdcf2
5a18c424f7b84b40709a6b78b2d632639bb3ff2b
9613f59211bd2194336c666d11a0d2e1daa4dd96d543e661f5835e0a621c2f5d

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/gif
content-length: 2350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-92e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg

193.108.118.121

200 OK

9.0 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xae3bf698", progressive, precision 8, 258x145, components 3\012- data
Size
9.0 kB (9007 bytes)
Hash
58357cada0f0171d2a84540391219649
57123e69e055b4d818faedec09884135c5d4a31e
742c68ecf3dcc1096143a0a5d00f4a15a3edb13fd497ea2931e67e66826addd0

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 9007
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-232f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:08 GMT
cache-control: max-age=1572
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842188.dop201.sk1.t,1675842188.cds232.sk1.hn,1675842188.cds205.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg

193.108.118.121

200 OK

9.6 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x70755b56", progressive, precision 8, 258x145, components 3\012- data
Size
9.6 kB (9565 bytes)
Hash
8fcd27f0bcc790f75f46d275a19a6300
556d3ca4dec168c77ae4a73c0c6e8291ef1291c0
78410be719ee73e00845d44e100e280d3989fc3d0fa4d3dcfcd888f13ded1843

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 9565
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-255d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:08 GMT
cache-control: max-age=5479
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842188.dop201.sk1.t,1675842188.cds232.sk1.hn,1675842188.cds003.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg

193.108.118.121

200 OK

15 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x541b39db", progressive, precision 8, 258x145, components 3\012- data
Size
15 kB (14653 bytes)
Hash
bb05342bd1f87ae7624aba323af77dca
4b7c875644d0b6a424abf06cda89ad135bd53d81
828e2c12259274e1eb1c212f3498fb31503462023c4b2642da4f795209b755de

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 14653
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-393d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:08 GMT
cache-control: max-age=12678
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842188.dop201.sk1.t,1675842188.cds232.sk1.hn,1675842188.cds001.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg

193.108.118.121

200 OK

10 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1d6d8e5e", progressive, precision 8, 258x145, components 3\012- data
Size
10 kB (10352 bytes)
Hash
1541881a313c963dc754657aefd89ef0
fb41198c81ac17da4f9a34e4b4bf21c8c7fe6001
75e1629d9fad2e22b9d9983c65874a19a3f639db43c11db713a7f972b8f72117

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 10352
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2870"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg

193.108.118.121

200 OK

9.0 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 258x145, components 3\012- data
Size
9.0 kB (9032 bytes)
Hash
6c17c634ebd856cc85bedd931ac01680
d1e1b9358749b9fd4ff851bb4cbdce54a6223ce8
c1ced3a91bde391f64c6cef03b164cd89ffd499fa5d75a3f797bc57b1fc3c191

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 9032
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2348"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg

193.108.118.121

200 OK

8.3 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x8c97c7da", progressive, precision 8, 258x145, components 3\012- data
Size
8.3 kB (8266 bytes)
Hash
bc1cdeea817d887b981f26bc84236b93
4528ed7010e2e0c774890d6041a60cbeb3c69c92
d737ffd9379d8f2734c1dc6304e4ff75f1c946de29371a1ec9ddc01f423076dd

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: image/jpeg
content-length: 8266
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-204a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg

193.108.118.121

200 OK

9.3 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x7cd1fc83", progressive, precision 8, 258x145, components 3\012- data
Size
9.3 kB (9338 bytes)
Hash
5ec2461279f77afe0c6fbb935bd0b94a
95c6e9171db79ea69ce718b02484e36816d1a1cd
ac60e5738d3cf6d32004e1ddfcf4368e256f1928ea923f9369869b8e9af665ba

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 9338
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-247a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg

193.108.118.121

200 OK

9.9 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x50dba82c", progressive, precision 8, 258x145, components 3\012- data
Size
9.9 kB (9914 bytes)
Hash
eed80bba1e2813e70d57a5f3a6bbdf09
3965668a7340d071731a89abf73cc4b3efe4dac3
9ef4f06c23420fae9b1fd163d0719be1b2b258d74d27f7933c810ad64c93ac93

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 9914
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-26ba"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:08 GMT
cache-control: max-age=17416
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842188.dop201.sk1.t,1675842188.cds232.sk1.hn,1675842188.cds247.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg

193.108.118.121

200 OK

8.9 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1f7d625b", progressive, precision 8, 258x145, components 3\012- data
Size
8.9 kB (8885 bytes)
Hash
77df6b7e2677b46a053508a92026cb8a
decad70c5281062495250250fdf985b6073a8a91
6143cd3687b480264dad4e3d3a237c30c26c859ef7fe1c2a7b32472fb65710c0

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 8885
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-22b5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:08 GMT
cache-control: max-age=23819
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842188.dop201.sk1.t,1675842188.cds232.sk1.hn,1675842188.cds219.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg

193.108.118.121

200 OK

12 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 258x145, components 3\012- data
Size
12 kB (12127 bytes)
Hash
081a01df58865529d3edcbc765c4dcb5
a7fe3ca35fe5e244926a80addda994218806f613
edebf400c8f60c306491e7b2f8a695b7dde10cf49eed66125423571a1cd60d05

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 12127
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2f5f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/button.png

193.108.118.121

200 OK

20 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/button.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 107 x 93, 8-bit/color RGBA, non-interlaced\012- data
Size
20 kB (19948 bytes)
Hash
e2aadceedde9aef1bf42c176b31c585c
76c14eae7537160a304aa458bf11a985d5a57375
2b1ff8c49202306d33deac4cf49841f59c1a49d15c80a77c1e001369578cef3f

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/button.png HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/png
content-length: 19948
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-4dec"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/load.gif

193.108.118.121

200 OK

15 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/load.gif
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
GIF image data, version 89a, 64 x 64\012- data
Size
15 kB (14574 bytes)
Hash
571dfe045d66b88d2d5c82151a1bf579
8966eb7cd27754263bd2861737b695386273f423
7c7cd7a7155d3d38bb49fc82c83aa14ed24d56f6886623299b13b6a81486a871

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/load.gif HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/gif
content-length: 14574
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-38ee"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=

193.108.118.121

200 OK

40 kB

URL HTTP/2
7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
40 kB (39529 bytes)
Hash
d2bf6e29d8f14d63aa33369201d9e48b
407f4415eb51f3989224744631e6735081368d97
8b102403c794d0daaa2e33f521b5d9431264915e12cd741f040cb0888a3cea85

HTTP Headers

GET /lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4= HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
pragma: no-cache
set-cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8; expires=Wed, 08-Feb-2023 08:43:07 GMT; Max-Age=3600; path=/
content-encoding: gzip
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/panel.jpg

193.108.118.121

200 OK

24 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/panel.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2016:05:13 17:11:55], baseline, precision 8, 990x36, components 3\012- data
Size
24 kB (23598 bytes)
Hash
ab6b76c0cc6683324bd7fe5923b24d17
559b8b1e50f80b7a218e25ce443e523401882577
a923ea85ee73e53db73038b2ea8712e7e40b067cde25b05ffa999608b17a304d

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/panel.jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 23598
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-5c2e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg

193.108.118.121

200 OK

887 B

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
887 B (887 bytes)
Hash
7754ce192cf45ea10de0706da442d2ff
b5b7d0fcf5e84b04b34629d5a5a9c0bb69ca5238
0bfd7fc5264b6cede1f78a26a96cee917f96989822aa2aa20ac854e13ad46b2b

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 887
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-377"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg

193.108.118.121

200 OK

1.9 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.9 kB (1889 bytes)
Hash
ddf58dd1f8745a81264b21bcf1f9cc77
73a35df521dc648af06e2e490cac929bc681a06c
a2315bfaefeae19a449f38fe4131531c7603f5c7e75e956c240074da66123134

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 1889
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-761"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg

193.108.118.121

200 OK

2.6 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe705e0c1", progressive, precision 8, 60x60, components 3\012- data
Size
2.6 kB (2646 bytes)
Hash
677577d8c6ffb0107ee5c9fbabaa4af7
0bfcbbafee19eeeae113103080c41cd95b4083e5
3a215afa0d15ae2985cfb88e51e90b727f0ba03fe10f8e0b0980ef55af91bdb0

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 2646
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-a56"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg

193.108.118.121

200 OK

1.2 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.2 kB (1191 bytes)
Hash
1226a24c469c0fba3970548aab13650f
a6d371e4acc2a9181d1d6bf13b5d51f82c49a943
6a1513dacd3fcffe47245068fe9fa6a49cdc9c352b8d9cbf8f72005c4cf5cafc

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 1191
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-4a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg

193.108.118.121

200 OK

1.7 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.7 kB (1729 bytes)
Hash
3db490cc8f824e29d6fb07ba75a97a20
84c2c26447f7b49c76999f31c0ed526bde13c6c4
5c13ca439c63d5f3e5d638ba055f399058117d3b554ae3fb751d4a39043a14fd

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 1729
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6c1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg

193.108.118.121

200 OK

1.4 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xb7d2e3cb", progressive, precision 8, 60x60, components 3\012- data
Size
1.4 kB (1441 bytes)
Hash
47e765dc1abef2d79edafb5fce1c64b5
93d3e7f1e11dd2d98ca3ffb3b49a0211ed76f273
185540f06acc82b2dc4bdfa6d2deb4ce7454bb1e28783acdde67f8a9a90597b1

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 1441
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-5a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg

193.108.118.121

200 OK

1.8 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.8 kB (1809 bytes)
Hash
f042aa7a438ca85be0afeba44a3ac116
183c8b20394fdaf6ba757ff76d3f25e33092369e
05b76ed86b70990f4307223391e1c9abfff59ec545d75d94683c0f69713eed79

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 1809
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-711"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg

193.108.118.121

200 OK

1.9 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.9 kB (1902 bytes)
Hash
16b2fab44ddad0b620d0eaec2fc1e425
24fa279de6ceb2c0434ff4e750639e15eb22ed29
58076ed17c6377d23375ec949c6cb2eade75010dcf82ba0e64dbdcbd67583912

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 1902
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-76e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg

193.108.118.121

200 OK

1.1 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x0bb5b909", progressive, precision 8, 60x60, components 3\012- data
Size
1.1 kB (1085 bytes)
Hash
01ed303509acb0c822fa3c55976d4b96
7ed250f181498962ebafd21f1bde4ca15e6953c6
fba198ced4795895d1f6d0bc2247d315eb8cc6dda60ad119c99846d68d0ce445

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 1085
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-43d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg

193.108.118.121

200 OK

2.4 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xd191bb02", progressive, precision 8, 60x60, components 3\012- data
Size
2.4 kB (2350 bytes)
Hash
ec2823c426475d6766008dabf85a4bc2
f0681ce27ba96a1b4f6547a42495ebb5b0ca514a
2316f8554d54e907f9992475ced3bf03fc95412e98b2bc29aa6e5407260bcddd

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 2350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-92e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe0e89376", progressive, precision 8, 60x60, components 3\012- data
Size
2.0 kB (1979 bytes)
Hash
3f809b94b5e5607da5b5c6506a8729c1
26f4376095902a56db86ea2c76689f15ba3cf9c2
7b84461772bad27e431676a53efae81d8584a102f3f6f407ae0a54469a938ff6

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-7bb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg

193.108.118.121

200 OK

3.1 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xd191bb02", progressive, precision 8, 60x60, components 3\012- data
Size
3.1 kB (3063 bytes)
Hash
cbff1c490bcdcad2989c2549f278eae5
56e1b4489cfc0d54f9f72e15777788beba396c95
6d96d3de01207ab505c62b2da624ba787cabe4fee767c181b175186e50c23af4

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 3063
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-bf7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg

193.108.118.121

200 OK

1.8 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.8 kB (1758 bytes)
Hash
52eba434e5411806cd92add275d164ea
0cc9df3c52de111a307dc3d8d22254cf51b0c77f
a4c2a01f64274d0ede23e233e2be19225c68e5e5a6206b338fb8bc6410f7005f

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 1758
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6de"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png

193.108.118.121

200 OK

1.0 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
1.0 kB (1045 bytes)
Hash
c840b43a0575b0a1742c50f186a67c22
d1ac0da47b4394a9dbea90eee26a260b5268c4d9
6a8ef9be89e89c23d6d96c50e2fa62bd25473e9cc7a79e2cd1ef64e2647cb38a

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/png
content-length: 1045
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-415"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg

193.108.118.121

200 OK

1.4 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x2a0818fe", progressive, precision 8, 60x60, components 3\012- data
Size
1.4 kB (1373 bytes)
Hash
a08c2c5266f9701e422f042b4a3809c5
9884cf987f84b282f920634b2ab811077dfef7a3
054df6bf8ee2bcb904269745cd2c0830918d9e1a6ff1f965673af5f2946a3c37

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 1373
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-55d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg

193.108.118.121

200 OK

1.6 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe0e89376", progressive, precision 8, 60x60, components 3\012- data
Size
1.6 kB (1563 bytes)
Hash
bfa11442f9457a03384ecf8128a586a2
a30e6f6a18be085197605b6463f840cb249d0510
941411042624c554a5828ee596c1e3ade4a787ae2fad6e5b6d585ab6a6e1e3c6

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 1563
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-61b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png

193.108.118.121

200 OK

1.0 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
1.0 kB (1046 bytes)
Hash
96f46fad8cda5895b895f6ec3f95cda4
3bd79ef305bfa4b7c1a3f328828c63f89a818878
8e48576faf920cae224c669d61831d0ad5fc23f6220e83955275a3115bb568fc

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/png
content-length: 1046
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-416"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg

193.108.118.121

200 OK

887 B

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
887 B (887 bytes)
Hash
7754ce192cf45ea10de0706da442d2ff
b5b7d0fcf5e84b04b34629d5a5a9c0bb69ca5238
0bfd7fc5264b6cede1f78a26a96cee917f96989822aa2aa20ac854e13ad46b2b

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 887
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-377"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg

193.108.118.121

200 OK

841 B

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
841 B (841 bytes)
Hash
9cf522c306866742c2806e0c14c8bca7
7a3ff28af2c6f7cfd036ec4fc162651eaf634f7e
fa09bef7875241c06a9e2505bc698a189d3b3ce012af29c65817fd476627ec87

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 841
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-349"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg

193.108.118.121

200 OK

2.6 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe705e0c1", progressive, precision 8, 60x60, components 3\012- data
Size
2.6 kB (2553 bytes)
Hash
950ff8ae916df997fea302859ca2ccb4
42232e28878f65aaf4120d9435784ad46c2be71c
c0b01da5a48a7ddd619a2dee26bec77300b68bb1b028716320719f9c1a5f769e

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 2553
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-9f9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg

193.108.118.121

200 OK

4.6 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 150x84, components 3\012- data
Size
4.6 kB (4644 bytes)
Hash
0fa4a903a2adc9da58b52661ebc8d38c
061c6359c2951da7509f6ae4039c2f0bc1ce6b62
79d6da7e0398c3f607c4bbc93562cf6ab96bb800cdab4ef6df82718cf0a0d3e5

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 4644
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1224"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg

193.108.118.121

200 OK

4.4 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x550d5e4d", progressive, precision 8, 150x84, components 3\012- data
Size
4.4 kB (4397 bytes)
Hash
58477c52a9d639b91b16f022d4676bcf
51a85ef703617e996c50cd76b38f2507517a9f25
a0653cc819b252702f55439d6f8763d212fca2f9f604d67224a2a9891e8eadbe

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 4397
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-112d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg

193.108.118.121

200 OK

7.0 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x7ab4f024", progressive, precision 8, 233x131, components 3\012- data
Size
7.0 kB (6972 bytes)
Hash
2a4d527ed65de8e2e0a69dc9d50442d2
8ec4547a38c9e3d37469acfe21ea755531776f09
275876bbb5190da100ae4f9aca976ec15cea0de20d42e167f522a0a50ba8ca02

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 6972
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1b3c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg

193.108.118.121

200 OK

4.3 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x852b408e", progressive, precision 8, 150x84, components 3\012- data
Size
4.3 kB (4315 bytes)
Hash
365e215442256548316a73bc7c79edf1
13078402132cb89939a39edf11181fb88ebe390f
f8c35c02ff055694af23c83b1e3019a8c29965ab57ed7db8173a23a38494ff58

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 4315
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-10db"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg

193.108.118.121

200 OK

4.0 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x541b39db", progressive, precision 8, 150x84, components 3\012- data
Size
4.0 kB (4035 bytes)
Hash
416ec3af020687541765d48acb81fc08
48b80345ffb951535d4d6ca811d19bd9dd726998
75c30d77f900b2f4c91f502f45f00606b57a47bb84e6b700fb18482389d88f3c

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 4035
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-fc3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg

193.108.118.121

200 OK

8.6 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 233x131, components 3\012- data
Size
8.6 kB (8615 bytes)
Hash
55778c73ba99a9477464e5c90cdd7e02
bc49e8058f1dafe10e817441de952ba6aa3b7b58
c362fc3a2aafd1b0d8069fb1fae83b5f0abb06443d3e00b21b37be13aeb75bfa

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 8615
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-21a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg

193.108.118.121

200 OK

5.1 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x852b408e", progressive, precision 8, 150x84, components 3\012- data
Size
5.1 kB (5080 bytes)
Hash
72e270f7041c2fe2f326d11e162fb249
3f918a2023f10a01a2ed74713d292df415d14e05
b17ce663fab4421f728ea0dd218d2a8a6a10a4314759fdf139b9388fa26e37f6

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 5080
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-13d8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg

193.108.118.121

200 OK

4.4 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6359dcbc", progressive, precision 8, 150x84, components 3\012- data
Size
4.4 kB (4417 bytes)
Hash
447470b34b66b570c8fc0dbc11c06609
863180b376242e256189888eb99282e597d894c9
dd57f5a80517b8109279b57d702278f31a9878295045c6766931a0453244d749

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 4417
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1141"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg

193.108.118.121

200 OK

7.9 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 233x131, components 3\012- data
Size
7.9 kB (7904 bytes)
Hash
5df975e7a8c0b2610069610c54c5ce6c
ab6390fbb7be1be9a0f4477b4439e34d5175b6fc
bbfb6830dabc55fd598cc0948049f2367d17c80f286e0821e660ba7f5a6b360c

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 7904
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1ee0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg

193.108.118.121

200 OK

3.8 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x8c97c7da", progressive, precision 8, 150x84, components 3\012- data
Size
3.8 kB (3835 bytes)
Hash
6ed4eca1ed776930746531005fcf22aa
11e8643932e35a8ef65be8ef585afee241c8eddc
28849006b773d85fb8fb2295a86bcee5d2cdabb9a23d854ffebbd8dfd203588c

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 3835
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-efb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg

193.108.118.121

200 OK

4.7 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x550d5e4d", progressive, precision 8, 150x84, components 3\012- data
Size
4.7 kB (4664 bytes)
Hash
12f0c14e5943fd57577ce11155107bdb
a484cb296770fe6cb55d25cba19f831cf1aaf7d1
9eb468f7688a901a3626fdde8d0b07dc490a830718c2938d32f70f0ec122a344

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 4664
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1238"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg

193.108.118.121

200 OK

6.8 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1f7d625b", progressive, precision 8, 233x131, components 3\012- data
Size
6.8 kB (6827 bytes)
Hash
2ad4260dc1204ad8f3c0c29bd919830a
fd2ddfca32f55ba5d180af812a787e61ce136480
acc8f76a570c0833d34835f5694409e082b4af09783366596c2e151e0b0ed128

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 6827
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1aab"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif

193.108.118.121

200 OK

1.9 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
GIF image data, version 89a, 88 x 31\012- data
Size
1.9 kB (1882 bytes)
Hash
2bcf55138cde4a65770426a67ea247fc
13d8c808a4276dc88937817d7df7720182c093f6
348fd1e58aec8d99001aca1dd12b72eafef534c2d11725b2280a173d03b5fa6b

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/gif
content-length: 1882
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-75a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/sw.js

193.108.118.121

200 OK

4.2 kB

URL HTTP/2
7.news-civuse.com/sw.js
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (4168)
Size
4.2 kB (4199 bytes)
Hash
569090f90a522f4c62af3b9e40635957
4e6f57da49920f30777f3fe71f83f6183aeb4f3f
ee8c6af307c8d085753adb810c69c8379d1e8d01211b491409c43e9edc9f6fb5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sw.js HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: application/javascript
content-length: 4199
last-modified: Thu, 01 Dec 2022 08:31:02 GMT
etag: "63886646-1067"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css

193.108.118.121

200 OK

32 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
32 kB (32188 bytes)
Hash
e775e9d6fb489e8292ab592b55bb8e57
4a968dae9ef6c025b655ce8fa9c2f51a5058098c
435e00d163ce0c23d1ca047cc9854375d3775339d28345b366d49b1905b178f5

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-2f3dd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css

193.108.118.121

200 OK

5.3 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
5.3 kB (5283 bytes)
Hash
a5804562fb31668fa149b7b9c0620034
89494d5e286d7246d643fd1b10007e4112a2de8b
46e7b1862cfc231947c65b59a32333f08851d2469b7eca150a00833486de9410

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-6aa0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/index.php_files/pu.swf

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
7.news-civuse.com/lands/38/index.php_files/pu.swf
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1953 bytes)
Hash
6d40122b8a5b7fd31b5aef2749f519fd
518d585dd26c947344ddea5403324850d1b2f7cd
1da7814acd0d6913438bf701d8a2d2cf29814174b5eff0e6ff129ee74f68a7cf

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/index.php_files/pu.swf HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: application/x-shockwave-flash
content-length: 1953
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:08 GMT
cache-control: max-age=1572
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842188.dop201.sk1.t,1675842188.cds232.sk1.hn,1675842188.cds205.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:08 GMT
cache-control: max-age=5479
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842188.dop201.sk1.t,1675842188.cds232.sk1.hn,1675842188.cds003.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css

193.108.118.121

200 OK

11 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
11 kB (10722 bytes)
Hash
a0bd8fc4369589e155458ef80626040b
1bca34e4cf03de587d454580868a132b0957b873
160cca693a3e0a0a865b6c811a4a2e49983b06f3454d50bcb883e5dcc7137b48

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-1327c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:08 GMT
cache-control: max-age=17416
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842188.dop201.sk1.t,1675842188.cds232.sk1.hn,1675842188.cds247.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css

193.108.118.121

200 OK

6.3 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
6.3 kB (6250 bytes)
Hash
4017230a30fd2de81422baf57cc42ff6
70e0ec756de5ff3e7da696aa5b187f4344793bd0
c4a26437ec996731964beb8292fea2593d775e127586b4ae54e1b974b885a1b4

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-8353"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1979 bytes)
Hash
613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250 HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1979 bytes)
Hash
613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250 HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1995 bytes)
Hash
1b6ee6a5fdcf3c781a0b768964797646
f0bf83f6368d7c31471ad258ce8cfb4848109192
511ad4ad0f3db18490c9b7876d44c887f60d78dd8d06a585367c0ab4ddbbe92f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250 HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/fon2.jpg

193.108.118.121

200 OK

234 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/fon2.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2014 (Windows), datetime=2016:06:21 11:55:20], baseline, precision 8, 990x513, components 3\012- data
Size
234 kB (234218 bytes)
Hash
60f67e63f85561c6f95fd573252d2311
6fc6d41b27131074786778522b86077f477dbd51
0e80e9257f1dd0149894bf37342cb082ef2410263de490e851111fa9531e15c6

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/fon2.jpg HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 234218
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-392ea"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1979 bytes)
Hash
613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250 HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1995 bytes)
Hash
787dca6a9c809e6dcc3d3018f3f639bb
cf5838982dcd16a1cca3e810716270434413ea80
6fe734b116afdc3782aef601ddee34dfa45e93c69ff372143f3ae187c47627d3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250 HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1995 bytes)
Hash
787dca6a9c809e6dcc3d3018f3f639bb
cf5838982dcd16a1cca3e810716270434413ea80
6fe734b116afdc3782aef601ddee34dfa45e93c69ff372143f3ae187c47627d3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250 HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/favicon.png

193.108.118.121

200 OK

1.2 kB

URL HTTP/2
7.news-civuse.com/lands/38/favicon.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
1.2 kB (1233 bytes)
Hash
e7ffe9c659d8c729e12e20dfe05509be
2c413e09ebd14dd3020209fe9c9183e0335fc250
880c000a3ca23bb89262d9c2ccf9d48bab37dcec09f3b3bf55c8385f58745f50

HTTP Headers

GET /lands/38/favicon.png HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/png
content-length: 1233
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-4d1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

browser.sentry-cdn.com/7.19.0/bundle.es5.min.js

151.101.66.217

200 OK

20 kB

URL HTTP/2
browser.sentry-cdn.com/7.19.0/bundle.es5.min.js
IP
151.101.66.217:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (62031)
Size
20 kB (20174 bytes)
Hash
1c6083f7ae34ed2fa3236569eec9ff56
0c1be1b5468042e65e02c8b886c50d26427c9ce7
2b1d69121eb9dc0629126ff02cf7acef2f1924b32b0bb654792ecd9101e10c44

HTTP Headers

GET /7.19.0/bundle.es5.min.js HTTP/1.1
Host: browser.sentry-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Sat, 11 Nov 2023 17:34:32 GMT
last-modified: Thu, 10 Nov 2022 15:50:35 GMT
etag: "1c6083f7ae34ed2fa3236569eec9ff56"
content-type: application/javascript; charset=utf-8
content-encoding: gzip
accept-ranges: bytes
date: Wed, 08 Feb 2023 07:43:08 GMT
age: 7654115
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 20174
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/lp.js

193.108.118.121

200 OK

1.4 kB

URL HTTP/2
8.news-civuse.com/lands/38/lp.js
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
Unicode text, UTF-8 text
Size
1.4 kB (1418 bytes)
Hash
8441b469fa0c093bd106a66a4068d944
c3698e755cd1ef7b5d29e233ef615219559a96f3
befe8e9f55c6e3fe10fd398534acb713129764b05d852089ac34bfa535a53902

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/lp.js HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: application/javascript
content-length: 1418
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-58a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/revopush.js?v=4

193.108.118.121

200 OK

10 kB

URL HTTP/2
8.news-civuse.com/revopush.js?v=4
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (9954), with no line terminators
Size
10 kB (9954 bytes)
Hash
fc284a0e5d580856ae4863715ad6733e
eb69f303c80ff8e44abc9601b8616c0cf92faafa
2240a1d10744494668058ba210d0d87203609def9fd69d2ac82092ebc79583c0

HTTP Headers

GET /revopush.js?v=4 HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: application/javascript
content-length: 9954
last-modified: Thu, 15 Dec 2022 09:31:10 GMT
etag: "639ae95e-26e2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css

193.108.118.121

200 OK

4.0 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (4028), with no line terminators
Size
4.0 kB (4028 bytes)
Hash
64f6d7d923f18e5d25a4506b45fcd51d
0e636e489bba7af08cb17f8a72c5dc5685774057
18818b4b5458636324d294a8dee67dbde4808ae542e6cefa18ca6d90c1fc4479

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: text/css
content-length: 4028
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: "61deb724-fbc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css

193.108.118.121

200 OK

6.0 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (5955), with no line terminators
Size
6.0 kB (5955 bytes)
Hash
0fe9d8c60b2c31a97fa966d14be642ef
eb4f94b637c54906ae38eb350b6310d552c75e6d
191ae0d72198f51609589e26c7d837d2978382861f60b360148e0af13c8583e1

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: text/css
content-length: 5955
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1743"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css

193.108.118.121

200 OK

8.3 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (8327), with no line terminators
Size
8.3 kB (8327 bytes)
Hash
8cd6ca47d55ffed774fde852523940e0
49e1e837355b3de08055c650488d0a3382bff9c0
17528d5914a702bb12ac6b36c8e3bbbfbcd3d52b54dd613acbacf8f4bb17ae33

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: text/css
content-length: 8327
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: "61deb724-2087"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css

193.108.118.121

200 OK

1.4 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (1391), with no line terminators
Size
1.4 kB (1391 bytes)
Hash
677a255a4a9dc3411b8013e8afb09c42
ec9f1a722b028da2eceb06cdc8c26fc6490a4e70
cc4494353809adb8bdfbbdea2ad72a1a0fc9c84816dc23c7ee1f9466e620eb5e

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: text/css
content-length: 1391
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-56f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css

193.108.118.121

200 OK

15 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
15 kB (15207 bytes)
Hash
21a0278f39a11a367beafc68a555e4b9
10ef4336dd44e9cf36078e2de6c6f2e48b524953
0ed9c68f2f0e31defe7e526b6430c20f31d34c307a07c3e1dec83889914a276a

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-3957"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png

193.108.118.121

200 OK

22 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 150 x 40, 8-bit/color RGBA, non-interlaced\012- data
Size
22 kB (21724 bytes)
Hash
19b197d779dd9ee78737a456dbd5c1a6
a3f0b1d0659e5a76bdfaa52bb8f68096d1ab1359
806a8a4abe09c02f4e4b3ed4d6514bfcf1a93a941e838aadf56afaef858d8e37

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/png
content-length: 21724
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-54dc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/104.jpg

193.108.118.121

200 OK

28 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/104.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2014 (Windows), datetime=2016:03:16 09:26:15], baseline, precision 8, 118x88, components 3\012- data
Size
28 kB (27900 bytes)
Hash
c1a5819d50b9125f0c46ded86fd5b4b6
3926c15be79cb7522cefdbf5066d39623e36a283
374f0cede3c1f91ad174b97554017b74cbd29424d7467d039beab541f6deb873

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/104.jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 27900
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6cfc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg

193.108.118.121

200 OK

17 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 118x88, components 3\012- data
Size
17 kB (17350 bytes)
Hash
215029a9775d1e9a56c93912ab03f4c6
6a3dbd676e2ea61850d2a20086b9ec84127da0ae
e071c52839ef37679439165349ffdd98cf19aa7e35d0293a1bec69743db70b16

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 17350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-43c6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:08 GMT
cache-control: max-age=13255
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842188.dop201.sk1.t,1675842188.cds232.sk1.hn,1675842188.cds212.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg

193.108.118.121

200 OK

12 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 118x88, components 3\012- data
Size
12 kB (12525 bytes)
Hash
ea52ae32ae4319fb03da1672b0c20ed3
4efd8189179b260a4b51fd4b28d729b6143ef00a
43a4ca83560d5720ffeccf17478d6a1741f86639f35744fb61fcb139dc3020a6

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 12525
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-30ed"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg

193.108.118.121

200 OK

11 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Size
11 kB (11238 bytes)
Hash
2f03fbd61721fdf46883333595050c77
8361f15c906a9457340fc21febd22b5ede56ac61
9f6c76cf695bc0785f4e4f8bb3abe93255af3ea1597307d567dc0fc93fa70560

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 11238
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2be6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg

193.108.118.121

200 OK

14 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Size
14 kB (13505 bytes)
Hash
9903db279cf9714141daac34523f39b6
ac412f9ce9b8c50155e9adb9f5095d82519ccd24
f562892c60fef407c954fd73d6908003c42f832c4ae86f8264438a576ce2c1cd

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 13505
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-34c1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg

193.108.118.121

200 OK

13 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 118x88, components 3\012- data
Size
13 kB (13106 bytes)
Hash
99a404d25bcdd47a141dafdbe046d0cf
04de642c5cbc865c29ab3599c1c4fa19f2a6ba8e
fbe779bcef340ba0b148f84b50a8323a2bbb493674e130bf877d87c6d163ed36

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 13106
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-3332"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg

193.108.118.121

200 OK

16 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Size
16 kB (15481 bytes)
Hash
5a34545daf4bc481bcbc3573062aa426
132d09d36ede8f32c3168ecaaa631e5959ce38ef
c044a81b14812c50f3142ad20d0ca862923daba2483eb164b0348ba98d3b7855

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 15481
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-3c79"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg

193.108.118.121

200 OK

18 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Size
18 kB (17978 bytes)
Hash
10e8794e65f20d32932985bf814b8965
0627b8648373340d2ba949fd7fe50611d11b033b
43b9f39f94acb50efb3b6981a6c931dcf25eefcc7b7734a927036255263eee39

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 17978
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-463a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif

193.108.118.121

200 OK

2.4 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
GIF image data, version 89a, 116 x 86\012- data
Size
2.4 kB (2350 bytes)
Hash
ec706a0634f1e5e06ad775b2b2ebdcf2
5a18c424f7b84b40709a6b78b2d632639bb3ff2b
9613f59211bd2194336c666d11a0d2e1daa4dd96d543e661f5835e0a621c2f5d

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/gif
content-length: 2350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-92e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg

193.108.118.121

200 OK

9.0 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xae3bf698", progressive, precision 8, 258x145, components 3\012- data
Size
9.0 kB (9007 bytes)
Hash
58357cada0f0171d2a84540391219649
57123e69e055b4d818faedec09884135c5d4a31e
742c68ecf3dcc1096143a0a5d00f4a15a3edb13fd497ea2931e67e66826addd0

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 9007
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-232f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg

193.108.118.121

200 OK

9.6 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x70755b56", progressive, precision 8, 258x145, components 3\012- data
Size
9.6 kB (9565 bytes)
Hash
8fcd27f0bcc790f75f46d275a19a6300
556d3ca4dec168c77ae4a73c0c6e8291ef1291c0
78410be719ee73e00845d44e100e280d3989fc3d0fa4d3dcfcd888f13ded1843

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 9565
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-255d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg

193.108.118.121

200 OK

15 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x541b39db", progressive, precision 8, 258x145, components 3\012- data
Size
15 kB (14653 bytes)
Hash
bb05342bd1f87ae7624aba323af77dca
4b7c875644d0b6a424abf06cda89ad135bd53d81
828e2c12259274e1eb1c212f3498fb31503462023c4b2642da4f795209b755de

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 14653
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-393d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:08 GMT
cache-control: max-age=20254
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842188.dop201.sk1.t,1675842188.cds232.sk1.hn,1675842188.cds251.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg

193.108.118.121

200 OK

10 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1d6d8e5e", progressive, precision 8, 258x145, components 3\012- data
Size
10 kB (10352 bytes)
Hash
1541881a313c963dc754657aefd89ef0
fb41198c81ac17da4f9a34e4b4bf21c8c7fe6001
75e1629d9fad2e22b9d9983c65874a19a3f639db43c11db713a7f972b8f72117

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 10352
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2870"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg

193.108.118.121

200 OK

9.0 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 258x145, components 3\012- data
Size
9.0 kB (9032 bytes)
Hash
6c17c634ebd856cc85bedd931ac01680
d1e1b9358749b9fd4ff851bb4cbdce54a6223ce8
c1ced3a91bde391f64c6cef03b164cd89ffd499fa5d75a3f797bc57b1fc3c191

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 9032
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2348"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg

193.108.118.121

200 OK

8.3 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x8c97c7da", progressive, precision 8, 258x145, components 3\012- data
Size
8.3 kB (8266 bytes)
Hash
bc1cdeea817d887b981f26bc84236b93
4528ed7010e2e0c774890d6041a60cbeb3c69c92
d737ffd9379d8f2734c1dc6304e4ff75f1c946de29371a1ec9ddc01f423076dd

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 8266
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-204a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg

193.108.118.121

200 OK

9.3 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x7cd1fc83", progressive, precision 8, 258x145, components 3\012- data
Size
9.3 kB (9338 bytes)
Hash
5ec2461279f77afe0c6fbb935bd0b94a
95c6e9171db79ea69ce718b02484e36816d1a1cd
ac60e5738d3cf6d32004e1ddfcf4368e256f1928ea923f9369869b8e9af665ba

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 9338
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-247a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg

193.108.118.121

200 OK

9.9 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x50dba82c", progressive, precision 8, 258x145, components 3\012- data
Size
9.9 kB (9914 bytes)
Hash
eed80bba1e2813e70d57a5f3a6bbdf09
3965668a7340d071731a89abf73cc4b3efe4dac3
9ef4f06c23420fae9b1fd163d0719be1b2b258d74d27f7933c810ad64c93ac93

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 9914
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-26ba"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg

193.108.118.121

200 OK

8.9 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1f7d625b", progressive, precision 8, 258x145, components 3\012- data
Size
8.9 kB (8885 bytes)
Hash
77df6b7e2677b46a053508a92026cb8a
decad70c5281062495250250fdf985b6073a8a91
6143cd3687b480264dad4e3d3a237c30c26c859ef7fe1c2a7b32472fb65710c0

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 8885
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-22b5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg

193.108.118.121

200 OK

12 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 258x145, components 3\012- data
Size
12 kB (12127 bytes)
Hash
081a01df58865529d3edcbc765c4dcb5
a7fe3ca35fe5e244926a80addda994218806f613
edebf400c8f60c306491e7b2f8a695b7dde10cf49eed66125423571a1cd60d05

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 12127
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2f5f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/button.png

193.108.118.121

200 OK

20 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/button.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 107 x 93, 8-bit/color RGBA, non-interlaced\012- data
Size
20 kB (19948 bytes)
Hash
e2aadceedde9aef1bf42c176b31c585c
76c14eae7537160a304aa458bf11a985d5a57375
2b1ff8c49202306d33deac4cf49841f59c1a49d15c80a77c1e001369578cef3f

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/button.png HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/png
content-length: 19948
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-4dec"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:08 GMT
cache-control: max-age=1572
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842188.dop201.sk1.t,1675842188.cds232.sk1.hn,1675842188.cds205.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/load.gif

193.108.118.121

200 OK

15 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/load.gif
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
GIF image data, version 89a, 64 x 64\012- data
Size
15 kB (14574 bytes)
Hash
571dfe045d66b88d2d5c82151a1bf579
8966eb7cd27754263bd2861737b695386273f423
7c7cd7a7155d3d38bb49fc82c83aa14ed24d56f6886623299b13b6a81486a871

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/load.gif HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/gif
content-length: 14574
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-38ee"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:08 GMT
cache-control: max-age=5479
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842188.dop201.sk1.t,1675842188.cds232.sk1.hn,1675842188.cds003.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

7.news-civuse.com/traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38

193.108.118.121

200 OK

258 B

URL HTTP/2
7.news-civuse.com/traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
258 B (258 bytes)
Hash
a6295261dc9977964e063671b7db44d4
f2d4b1b03df0886c43e50c6fc7bcb9fb81d0d9ea
03e25b1e7da06c28dc3a7e095f3f3d97300ec3f8d3e5b7946b9d495cea96611c

HTTP Headers

GET /traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38 HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Connection: keep-alive
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:08 GMT
cache-control: max-age=17416
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842188.dop201.sk1.t,1675842188.cds232.sk1.hn,1675842188.cds247.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:08 GMT
cache-control: max-age=12678
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842188.dop201.sk1.t,1675842188.cds232.sk1.hn,1675842188.cds001.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/flash.jpg

193.108.118.121

200 OK

3.8 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/flash.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Size
3.8 kB (3829 bytes)
Hash
d660b4b574161fdee86ae57edc8ed0ab
0b947dc39c7ba7415dd78683e06366ff3848b2d5
7483a49fc67a21c7a295b03880aa6c37425f3e96d60dff1ac36eff743ecf6078

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/flash.jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 3829
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-ef5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/panel.jpg

193.108.118.121

200 OK

24 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/panel.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2016:05:13 17:11:55], baseline, precision 8, 990x36, components 3\012- data
Size
24 kB (23598 bytes)
Hash
ab6b76c0cc6683324bd7fe5923b24d17
559b8b1e50f80b7a218e25ce443e523401882577
a923ea85ee73e53db73038b2ea8712e7e40b067cde25b05ffa999608b17a304d

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/panel.jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 23598
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-5c2e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js

193.108.118.121

200 OK

16 kB

URL HTTP/2
3.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
16 kB (16064 bytes)
Hash
97e3f69c698a2621b8fd1ad063e2699c
c2b6a0b171c786701ba60ce9fb580eeead6185db
33eb36f55e6073d91995fdbebbe5f43b7dd4784fcbefb9dc7e28411cb7a5ce46

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js HTTP/1.1
Host: 3.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:04 GMT
content-type: application/javascript
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: W/"5d7a0ef0-f889"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg

193.108.118.121

200 OK

1.9 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.9 kB (1889 bytes)
Hash
ddf58dd1f8745a81264b21bcf1f9cc77
73a35df521dc648af06e2e490cac929bc681a06c
a2315bfaefeae19a449f38fe4131531c7603f5c7e75e956c240074da66123134

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 1889
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-761"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg

193.108.118.121

200 OK

1.4 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x2a0818fe", progressive, precision 8, 60x60, components 3\012- data
Size
1.4 kB (1394 bytes)
Hash
609e06417314a6476bc6d0f3c1900e20
0e2b0d425bd9e5cc0ebb386b093adf64d464ac1e
9450244a77e354c177c18a691c0e5f0c2fc5d0ddf921f40178cbb8bfe4a076ac

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 1394
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-572"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg

193.108.118.121

200 OK

2.6 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe705e0c1", progressive, precision 8, 60x60, components 3\012- data
Size
2.6 kB (2646 bytes)
Hash
677577d8c6ffb0107ee5c9fbabaa4af7
0bfcbbafee19eeeae113103080c41cd95b4083e5
3a215afa0d15ae2985cfb88e51e90b727f0ba03fe10f8e0b0980ef55af91bdb0

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 2646
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-a56"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg

193.108.118.121

200 OK

1.2 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.2 kB (1191 bytes)
Hash
1226a24c469c0fba3970548aab13650f
a6d371e4acc2a9181d1d6bf13b5d51f82c49a943
6a1513dacd3fcffe47245068fe9fa6a49cdc9c352b8d9cbf8f72005c4cf5cafc

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 1191
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-4a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg

193.108.118.121

200 OK

1.7 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.7 kB (1729 bytes)
Hash
3db490cc8f824e29d6fb07ba75a97a20
84c2c26447f7b49c76999f31c0ed526bde13c6c4
5c13ca439c63d5f3e5d638ba055f399058117d3b554ae3fb751d4a39043a14fd

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 1729
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6c1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg

193.108.118.121

200 OK

1.4 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xb7d2e3cb", progressive, precision 8, 60x60, components 3\012- data
Size
1.4 kB (1441 bytes)
Hash
47e765dc1abef2d79edafb5fce1c64b5
93d3e7f1e11dd2d98ca3ffb3b49a0211ed76f273
185540f06acc82b2dc4bdfa6d2deb4ce7454bb1e28783acdde67f8a9a90597b1

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 1441
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-5a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:08 GMT
cache-control: max-age=23819
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842188.dop201.sk1.t,1675842188.cds232.sk1.hn,1675842188.cds219.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg

193.108.118.121

200 OK

1.8 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.8 kB (1809 bytes)
Hash
f042aa7a438ca85be0afeba44a3ac116
183c8b20394fdaf6ba757ff76d3f25e33092369e
05b76ed86b70990f4307223391e1c9abfff59ec545d75d94683c0f69713eed79

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 1809
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-711"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg

193.108.118.121

200 OK

1.9 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.9 kB (1902 bytes)
Hash
16b2fab44ddad0b620d0eaec2fc1e425
24fa279de6ceb2c0434ff4e750639e15eb22ed29
58076ed17c6377d23375ec949c6cb2eade75010dcf82ba0e64dbdcbd67583912

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 1902
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-76e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg

193.108.118.121

200 OK

1.1 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x0bb5b909", progressive, precision 8, 60x60, components 3\012- data
Size
1.1 kB (1085 bytes)
Hash
01ed303509acb0c822fa3c55976d4b96
7ed250f181498962ebafd21f1bde4ca15e6953c6
fba198ced4795895d1f6d0bc2247d315eb8cc6dda60ad119c99846d68d0ce445

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 1085
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-43d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg

193.108.118.121

200 OK

2.4 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xd191bb02", progressive, precision 8, 60x60, components 3\012- data
Size
2.4 kB (2350 bytes)
Hash
ec2823c426475d6766008dabf85a4bc2
f0681ce27ba96a1b4f6547a42495ebb5b0ca514a
2316f8554d54e907f9992475ced3bf03fc95412e98b2bc29aa6e5407260bcddd

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 2350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-92e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe0e89376", progressive, precision 8, 60x60, components 3\012- data
Size
2.0 kB (1979 bytes)
Hash
3f809b94b5e5607da5b5c6506a8729c1
26f4376095902a56db86ea2c76689f15ba3cf9c2
7b84461772bad27e431676a53efae81d8584a102f3f6f407ae0a54469a938ff6

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-7bb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg

193.108.118.121

200 OK

3.1 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xd191bb02", progressive, precision 8, 60x60, components 3\012- data
Size
3.1 kB (3063 bytes)
Hash
cbff1c490bcdcad2989c2549f278eae5
56e1b4489cfc0d54f9f72e15777788beba396c95
6d96d3de01207ab505c62b2da624ba787cabe4fee767c181b175186e50c23af4

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 3063
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-bf7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg

193.108.118.121

200 OK

1.8 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.8 kB (1758 bytes)
Hash
52eba434e5411806cd92add275d164ea
0cc9df3c52de111a307dc3d8d22254cf51b0c77f
a4c2a01f64274d0ede23e233e2be19225c68e5e5a6206b338fb8bc6410f7005f

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 1758
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6de"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png

193.108.118.121

200 OK

1.0 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
1.0 kB (1045 bytes)
Hash
c840b43a0575b0a1742c50f186a67c22
d1ac0da47b4394a9dbea90eee26a260b5268c4d9
6a8ef9be89e89c23d6d96c50e2fa62bd25473e9cc7a79e2cd1ef64e2647cb38a

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/png
content-length: 1045
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-415"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg

193.108.118.121

200 OK

1.4 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x2a0818fe", progressive, precision 8, 60x60, components 3\012- data
Size
1.4 kB (1373 bytes)
Hash
a08c2c5266f9701e422f042b4a3809c5
9884cf987f84b282f920634b2ab811077dfef7a3
054df6bf8ee2bcb904269745cd2c0830918d9e1a6ff1f965673af5f2946a3c37

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 1373
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-55d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg

193.108.118.121

200 OK

1.6 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe0e89376", progressive, precision 8, 60x60, components 3\012- data
Size
1.6 kB (1563 bytes)
Hash
bfa11442f9457a03384ecf8128a586a2
a30e6f6a18be085197605b6463f840cb249d0510
941411042624c554a5828ee596c1e3ade4a787ae2fad6e5b6d585ab6a6e1e3c6

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 1563
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-61b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png

193.108.118.121

200 OK

1.0 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
1.0 kB (1046 bytes)
Hash
96f46fad8cda5895b895f6ec3f95cda4
3bd79ef305bfa4b7c1a3f328828c63f89a818878
8e48576faf920cae224c669d61831d0ad5fc23f6220e83955275a3115bb568fc

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/png
content-length: 1046
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-416"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg

193.108.118.121

200 OK

887 B

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
887 B (887 bytes)
Hash
7754ce192cf45ea10de0706da442d2ff
b5b7d0fcf5e84b04b34629d5a5a9c0bb69ca5238
0bfd7fc5264b6cede1f78a26a96cee917f96989822aa2aa20ac854e13ad46b2b

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 887
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-377"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg

193.108.118.121

200 OK

841 B

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
841 B (841 bytes)
Hash
9cf522c306866742c2806e0c14c8bca7
7a3ff28af2c6f7cfd036ec4fc162651eaf634f7e
fa09bef7875241c06a9e2505bc698a189d3b3ce012af29c65817fd476627ec87

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 841
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-349"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg

193.108.118.121

200 OK

2.6 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe705e0c1", progressive, precision 8, 60x60, components 3\012- data
Size
2.6 kB (2553 bytes)
Hash
950ff8ae916df997fea302859ca2ccb4
42232e28878f65aaf4120d9435784ad46c2be71c
c0b01da5a48a7ddd619a2dee26bec77300b68bb1b028716320719f9c1a5f769e

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 2553
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-9f9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg

193.108.118.121

200 OK

4.6 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 150x84, components 3\012- data
Size
4.6 kB (4644 bytes)
Hash
0fa4a903a2adc9da58b52661ebc8d38c
061c6359c2951da7509f6ae4039c2f0bc1ce6b62
79d6da7e0398c3f607c4bbc93562cf6ab96bb800cdab4ef6df82718cf0a0d3e5

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 4644
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1224"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg

193.108.118.121

200 OK

4.4 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x550d5e4d", progressive, precision 8, 150x84, components 3\012- data
Size
4.4 kB (4397 bytes)
Hash
58477c52a9d639b91b16f022d4676bcf
51a85ef703617e996c50cd76b38f2507517a9f25
a0653cc819b252702f55439d6f8763d212fca2f9f604d67224a2a9891e8eadbe

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 4397
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-112d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg

193.108.118.121

200 OK

7.0 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x7ab4f024", progressive, precision 8, 233x131, components 3\012- data
Size
7.0 kB (6972 bytes)
Hash
2a4d527ed65de8e2e0a69dc9d50442d2
8ec4547a38c9e3d37469acfe21ea755531776f09
275876bbb5190da100ae4f9aca976ec15cea0de20d42e167f522a0a50ba8ca02

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 6972
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1b3c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg

193.108.118.121

200 OK

4.3 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x852b408e", progressive, precision 8, 150x84, components 3\012- data
Size
4.3 kB (4315 bytes)
Hash
365e215442256548316a73bc7c79edf1
13078402132cb89939a39edf11181fb88ebe390f
f8c35c02ff055694af23c83b1e3019a8c29965ab57ed7db8173a23a38494ff58

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 4315
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-10db"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg

193.108.118.121

200 OK

4.0 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x541b39db", progressive, precision 8, 150x84, components 3\012- data
Size
4.0 kB (4035 bytes)
Hash
416ec3af020687541765d48acb81fc08
48b80345ffb951535d4d6ca811d19bd9dd726998
75c30d77f900b2f4c91f502f45f00606b57a47bb84e6b700fb18482389d88f3c

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 4035
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-fc3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg

193.108.118.121

200 OK

8.6 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 233x131, components 3\012- data
Size
8.6 kB (8615 bytes)
Hash
55778c73ba99a9477464e5c90cdd7e02
bc49e8058f1dafe10e817441de952ba6aa3b7b58
c362fc3a2aafd1b0d8069fb1fae83b5f0abb06443d3e00b21b37be13aeb75bfa

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 8615
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-21a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg

193.108.118.121

200 OK

5.1 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x852b408e", progressive, precision 8, 150x84, components 3\012- data
Size
5.1 kB (5080 bytes)
Hash
72e270f7041c2fe2f326d11e162fb249
3f918a2023f10a01a2ed74713d292df415d14e05
b17ce663fab4421f728ea0dd218d2a8a6a10a4314759fdf139b9388fa26e37f6

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 5080
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-13d8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg

193.108.118.121

200 OK

4.4 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6359dcbc", progressive, precision 8, 150x84, components 3\012- data
Size
4.4 kB (4417 bytes)
Hash
447470b34b66b570c8fc0dbc11c06609
863180b376242e256189888eb99282e597d894c9
dd57f5a80517b8109279b57d702278f31a9878295045c6766931a0453244d749

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 4417
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1141"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg

193.108.118.121

200 OK

7.9 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 233x131, components 3\012- data
Size
7.9 kB (7904 bytes)
Hash
5df975e7a8c0b2610069610c54c5ce6c
ab6390fbb7be1be9a0f4477b4439e34d5175b6fc
bbfb6830dabc55fd598cc0948049f2367d17c80f286e0821e660ba7f5a6b360c

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 7904
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1ee0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg

193.108.118.121

200 OK

3.8 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x8c97c7da", progressive, precision 8, 150x84, components 3\012- data
Size
3.8 kB (3835 bytes)
Hash
6ed4eca1ed776930746531005fcf22aa
11e8643932e35a8ef65be8ef585afee241c8eddc
28849006b773d85fb8fb2295a86bcee5d2cdabb9a23d854ffebbd8dfd203588c

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 3835
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-efb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg

193.108.118.121

200 OK

4.7 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x550d5e4d", progressive, precision 8, 150x84, components 3\012- data
Size
4.7 kB (4664 bytes)
Hash
12f0c14e5943fd57577ce11155107bdb
a484cb296770fe6cb55d25cba19f831cf1aaf7d1
9eb468f7688a901a3626fdde8d0b07dc490a830718c2938d32f70f0ec122a344

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 4664
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1238"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg

193.108.118.121

200 OK

6.8 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1f7d625b", progressive, precision 8, 233x131, components 3\012- data
Size
6.8 kB (6827 bytes)
Hash
2ad4260dc1204ad8f3c0c29bd919830a
fd2ddfca32f55ba5d180af812a787e61ce136480
acc8f76a570c0833d34835f5694409e082b4af09783366596c2e151e0b0ed128

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/jpeg
content-length: 6827
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1aab"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif

193.108.118.121

200 OK

1.9 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
GIF image data, version 89a, 88 x 31\012- data
Size
1.9 kB (1882 bytes)
Hash
2bcf55138cde4a65770426a67ea247fc
13d8c808a4276dc88937817d7df7720182c093f6
348fd1e58aec8d99001aca1dd12b72eafef534c2d11725b2280a173d03b5fa6b

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: image/gif
content-length: 1882
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-75a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css

193.108.118.121

200 OK

13 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
13 kB (13368 bytes)
Hash
cbf24afd88ae740f7af2d1fc54951d5a
92549eac63c65aa59e87592ee546158249ab3e82
ede287d5f255c962af499a77f1a2a6d6f37c0600f59190fe52b816b922a1ef64

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-10b2b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css

193.108.118.121

200 OK

34 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
34 kB (34132 bytes)
Hash
dc210e8ff9fbe14f7c12066e2070a896
71c6193625e64429d227e24914a0de43e0844f18
71e31e8461c1247ae841a4fbcdbe8679c8a460bbb2e565d39fed8764a39aaa51

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-2f3dd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:09 GMT
cache-control: max-age=13254
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842189.dop201.sk1.t,1675842189.cds232.sk1.hn,1675842189.cds212.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css

193.108.118.121

200 OK

11 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
11 kB (10722 bytes)
Hash
a0bd8fc4369589e155458ef80626040b
1bca34e4cf03de587d454580868a132b0957b873
160cca693a3e0a0a865b6c811a4a2e49983b06f3454d50bcb883e5dcc7137b48

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-1327c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:09 GMT
cache-control: max-age=1571
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842189.dop201.sk1.t,1675842189.cds232.sk1.hn,1675842189.cds205.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css

193.108.118.121

200 OK

9.3 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
9.3 kB (9321 bytes)
Hash
beb5e259cd401279b30df2a10854795e
af40735affa5d2e3ef823a96c2c8a739df83e2ca
2786723a35d418ebe071068c71c7a85c10d47ea7157a95e6a2de41ecb02127d7

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-3957"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:09 GMT
cache-control: max-age=12677
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842189.dop201.sk1.t,1675842189.cds232.sk1.hn,1675842189.cds001.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css

193.108.118.121

200 OK

5.3 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
5.3 kB (5283 bytes)
Hash
a5804562fb31668fa149b7b9c0620034
89494d5e286d7246d643fd1b10007e4112a2de8b
46e7b1862cfc231947c65b59a32333f08851d2469b7eca150a00833486de9410

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-6aa0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js

193.108.118.121

200 OK

15 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
15 kB (15186 bytes)
Hash
47018d77ac880c943294621a3afbc8cb
80782444b7072461ad62a80c42b9359b84f740d0
74875aac38e0edf501ee44c6bb21ac09b6f552a5d9e70c605a8199e9cd30d4b9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: application/javascript
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: W/"5d7a0ef0-f889"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1979 bytes)
Hash
613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250 HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1979 bytes)
Hash
613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250 HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1995 bytes)
Hash
1b6ee6a5fdcf3c781a0b768964797646
f0bf83f6368d7c31471ad258ce8cfb4848109192
511ad4ad0f3db18490c9b7876d44c887f60d78dd8d06a585367c0ab4ddbbe92f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250 HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/fon2.jpg

193.108.118.121

200 OK

234 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/fon2.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2014 (Windows), datetime=2016:06:21 11:55:20], baseline, precision 8, 990x513, components 3\012- data
Size
234 kB (234218 bytes)
Hash
60f67e63f85561c6f95fd573252d2311
6fc6d41b27131074786778522b86077f477dbd51
0e80e9257f1dd0149894bf37342cb082ef2410263de490e851111fa9531e15c6

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/fon2.jpg HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 234218
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-392ea"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1979 bytes)
Hash
613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250 HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1995 bytes)
Hash
787dca6a9c809e6dcc3d3018f3f639bb
cf5838982dcd16a1cca3e810716270434413ea80
6fe734b116afdc3782aef601ddee34dfa45e93c69ff372143f3ae187c47627d3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250 HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1995 bytes)
Hash
787dca6a9c809e6dcc3d3018f3f639bb
cf5838982dcd16a1cca3e810716270434413ea80
6fe734b116afdc3782aef601ddee34dfa45e93c69ff372143f3ae187c47627d3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250 HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/favicon.png

193.108.118.121

200 OK

1.2 kB

URL HTTP/2
8.news-civuse.com/lands/38/favicon.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
1.2 kB (1233 bytes)
Hash
e7ffe9c659d8c729e12e20dfe05509be
2c413e09ebd14dd3020209fe9c9183e0335fc250
880c000a3ca23bb89262d9c2ccf9d48bab37dcec09f3b3bf55c8385f58745f50

HTTP Headers

GET /lands/38/favicon.png HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/png
content-length: 1233
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-4d1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

browser.sentry-cdn.com/7.19.0/bundle.es5.min.js

151.101.66.217

200 OK

20 kB

URL HTTP/2
browser.sentry-cdn.com/7.19.0/bundle.es5.min.js
IP
151.101.66.217:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (62031)
Size
20 kB (20174 bytes)
Hash
1c6083f7ae34ed2fa3236569eec9ff56
0c1be1b5468042e65e02c8b886c50d26427c9ce7
2b1d69121eb9dc0629126ff02cf7acef2f1924b32b0bb654792ecd9101e10c44

HTTP Headers

GET /7.19.0/bundle.es5.min.js HTTP/1.1
Host: browser.sentry-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Sat, 11 Nov 2023 17:34:32 GMT
last-modified: Thu, 10 Nov 2022 15:50:35 GMT
etag: "1c6083f7ae34ed2fa3236569eec9ff56"
content-type: application/javascript; charset=utf-8
content-encoding: gzip
accept-ranges: bytes
date: Wed, 08 Feb 2023 07:43:09 GMT
age: 7654116
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 20174
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/lp.js

193.108.118.121

200 OK

1.4 kB

URL HTTP/2
9.news-civuse.com/lands/38/lp.js
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
Unicode text, UTF-8 text
Size
1.4 kB (1418 bytes)
Hash
8441b469fa0c093bd106a66a4068d944
c3698e755cd1ef7b5d29e233ef615219559a96f3
befe8e9f55c6e3fe10fd398534acb713129764b05d852089ac34bfa535a53902

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/lp.js HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: application/javascript
content-length: 1418
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-58a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/revopush.js?v=4

193.108.118.121

200 OK

10 kB

URL HTTP/2
9.news-civuse.com/revopush.js?v=4
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (9954), with no line terminators
Size
10 kB (9954 bytes)
Hash
fc284a0e5d580856ae4863715ad6733e
eb69f303c80ff8e44abc9601b8616c0cf92faafa
2240a1d10744494668058ba210d0d87203609def9fd69d2ac82092ebc79583c0

HTTP Headers

GET /revopush.js?v=4 HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: application/javascript
content-length: 9954
last-modified: Thu, 15 Dec 2022 09:31:10 GMT
etag: "639ae95e-26e2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css

193.108.118.121

200 OK

4.0 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (4028), with no line terminators
Size
4.0 kB (4028 bytes)
Hash
64f6d7d923f18e5d25a4506b45fcd51d
0e636e489bba7af08cb17f8a72c5dc5685774057
18818b4b5458636324d294a8dee67dbde4808ae542e6cefa18ca6d90c1fc4479

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: text/css
content-length: 4028
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: "61deb724-fbc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

8.news-civuse.com/traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38

193.108.118.121

200 OK

36 kB

URL HTTP/2
8.news-civuse.com/traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
36 kB (35957 bytes)
Hash
1389e18ee7010f86f009837b2d777e09
3a028d6570d234bc89f5780ea63b69ebff315cd9
9f0c0c668623b25996b951a4a15ed8f400fb748b5785c53dc89719f30af30928

HTTP Headers

GET /traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38 HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Connection: keep-alive
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css

193.108.118.121

200 OK

6.0 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (5955), with no line terminators
Size
6.0 kB (5955 bytes)
Hash
0fe9d8c60b2c31a97fa966d14be642ef
eb4f94b637c54906ae38eb350b6310d552c75e6d
191ae0d72198f51609589e26c7d837d2978382861f60b360148e0af13c8583e1

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: text/css
content-length: 5955
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1743"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css

193.108.118.121

200 OK

8.3 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (8327), with no line terminators
Size
8.3 kB (8327 bytes)
Hash
8cd6ca47d55ffed774fde852523940e0
49e1e837355b3de08055c650488d0a3382bff9c0
17528d5914a702bb12ac6b36c8e3bbbfbcd3d52b54dd613acbacf8f4bb17ae33

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: text/css
content-length: 8327
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: "61deb724-2087"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css

193.108.118.121

200 OK

1.4 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (1391), with no line terminators
Size
1.4 kB (1391 bytes)
Hash
677a255a4a9dc3411b8013e8afb09c42
ec9f1a722b028da2eceb06cdc8c26fc6490a4e70
cc4494353809adb8bdfbbdea2ad72a1a0fc9c84816dc23c7ee1f9466e620eb5e

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: text/css
content-length: 1391
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-56f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/18.png

193.108.118.121

200 OK

12 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/18.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (12136 bytes)
Hash
833a12d372440b20017502d3c72e0b20
5fb9301142e3c53f65cd16502b35d7d1d5f82b98
1531ac56322b89715a35b1cdb5ca1f79f453614f368455b2cc8ef650a992f8cd

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/18.png HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/png
content-length: 12136
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2f68"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png

193.108.118.121

200 OK

22 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 150 x 40, 8-bit/color RGBA, non-interlaced\012- data
Size
22 kB (21724 bytes)
Hash
19b197d779dd9ee78737a456dbd5c1a6
a3f0b1d0659e5a76bdfaa52bb8f68096d1ab1359
806a8a4abe09c02f4e4b3ed4d6514bfcf1a93a941e838aadf56afaef858d8e37

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/png
content-length: 21724
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-54dc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/104.jpg

193.108.118.121

200 OK

28 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/104.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2014 (Windows), datetime=2016:03:16 09:26:15], baseline, precision 8, 118x88, components 3\012- data
Size
28 kB (27900 bytes)
Hash
c1a5819d50b9125f0c46ded86fd5b4b6
3926c15be79cb7522cefdbf5066d39623e36a283
374f0cede3c1f91ad174b97554017b74cbd29424d7467d039beab541f6deb873

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/104.jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 27900
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6cfc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg

193.108.118.121

200 OK

17 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 118x88, components 3\012- data
Size
17 kB (17350 bytes)
Hash
215029a9775d1e9a56c93912ab03f4c6
6a3dbd676e2ea61850d2a20086b9ec84127da0ae
e071c52839ef37679439165349ffdd98cf19aa7e35d0293a1bec69743db70b16

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 17350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-43c6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg

193.108.118.121

200 OK

12 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 118x88, components 3\012- data
Size
12 kB (12525 bytes)
Hash
ea52ae32ae4319fb03da1672b0c20ed3
4efd8189179b260a4b51fd4b28d729b6143ef00a
43a4ca83560d5720ffeccf17478d6a1741f86639f35744fb61fcb139dc3020a6

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 12525
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-30ed"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg

193.108.118.121

200 OK

11 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Size
11 kB (11238 bytes)
Hash
2f03fbd61721fdf46883333595050c77
8361f15c906a9457340fc21febd22b5ede56ac61
9f6c76cf695bc0785f4e4f8bb3abe93255af3ea1597307d567dc0fc93fa70560

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 11238
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2be6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg

193.108.118.121

200 OK

14 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Size
14 kB (13505 bytes)
Hash
9903db279cf9714141daac34523f39b6
ac412f9ce9b8c50155e9adb9f5095d82519ccd24
f562892c60fef407c954fd73d6908003c42f832c4ae86f8264438a576ce2c1cd

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 13505
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-34c1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg

193.108.118.121

200 OK

13 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 118x88, components 3\012- data
Size
13 kB (13106 bytes)
Hash
99a404d25bcdd47a141dafdbe046d0cf
04de642c5cbc865c29ab3599c1c4fa19f2a6ba8e
fbe779bcef340ba0b148f84b50a8323a2bbb493674e130bf877d87c6d163ed36

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 13106
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-3332"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg

193.108.118.121

200 OK

16 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Size
16 kB (15481 bytes)
Hash
5a34545daf4bc481bcbc3573062aa426
132d09d36ede8f32c3168ecaaa631e5959ce38ef
c044a81b14812c50f3142ad20d0ca862923daba2483eb164b0348ba98d3b7855

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 15481
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-3c79"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg

193.108.118.121

200 OK

18 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Size
18 kB (17978 bytes)
Hash
10e8794e65f20d32932985bf814b8965
0627b8648373340d2ba949fd7fe50611d11b033b
43b9f39f94acb50efb3b6981a6c931dcf25eefcc7b7734a927036255263eee39

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 17978
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-463a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif

193.108.118.121

200 OK

2.4 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
GIF image data, version 89a, 116 x 86\012- data
Size
2.4 kB (2350 bytes)
Hash
ec706a0634f1e5e06ad775b2b2ebdcf2
5a18c424f7b84b40709a6b78b2d632639bb3ff2b
9613f59211bd2194336c666d11a0d2e1daa4dd96d543e661f5835e0a621c2f5d

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/gif
content-length: 2350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-92e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg

193.108.118.121

200 OK

9.0 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xae3bf698", progressive, precision 8, 258x145, components 3\012- data
Size
9.0 kB (9007 bytes)
Hash
58357cada0f0171d2a84540391219649
57123e69e055b4d818faedec09884135c5d4a31e
742c68ecf3dcc1096143a0a5d00f4a15a3edb13fd497ea2931e67e66826addd0

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 9007
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-232f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg

193.108.118.121

200 OK

9.6 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x70755b56", progressive, precision 8, 258x145, components 3\012- data
Size
9.6 kB (9565 bytes)
Hash
8fcd27f0bcc790f75f46d275a19a6300
556d3ca4dec168c77ae4a73c0c6e8291ef1291c0
78410be719ee73e00845d44e100e280d3989fc3d0fa4d3dcfcd888f13ded1843

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 9565
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-255d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg

193.108.118.121

200 OK

15 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x541b39db", progressive, precision 8, 258x145, components 3\012- data
Size
15 kB (14653 bytes)
Hash
bb05342bd1f87ae7624aba323af77dca
4b7c875644d0b6a424abf06cda89ad135bd53d81
828e2c12259274e1eb1c212f3498fb31503462023c4b2642da4f795209b755de

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 14653
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-393d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg

193.108.118.121

200 OK

10 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1d6d8e5e", progressive, precision 8, 258x145, components 3\012- data
Size
10 kB (10352 bytes)
Hash
1541881a313c963dc754657aefd89ef0
fb41198c81ac17da4f9a34e4b4bf21c8c7fe6001
75e1629d9fad2e22b9d9983c65874a19a3f639db43c11db713a7f972b8f72117

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 10352
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2870"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg

193.108.118.121

200 OK

9.0 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 258x145, components 3\012- data
Size
9.0 kB (9032 bytes)
Hash
6c17c634ebd856cc85bedd931ac01680
d1e1b9358749b9fd4ff851bb4cbdce54a6223ce8
c1ced3a91bde391f64c6cef03b164cd89ffd499fa5d75a3f797bc57b1fc3c191

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 9032
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2348"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:09 GMT
cache-control: max-age=13254
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842189.dop201.sk1.t,1675842189.cds232.sk1.hn,1675842189.cds212.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg

193.108.118.121

200 OK

8.3 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x8c97c7da", progressive, precision 8, 258x145, components 3\012- data
Size
8.3 kB (8266 bytes)
Hash
bc1cdeea817d887b981f26bc84236b93
4528ed7010e2e0c774890d6041a60cbeb3c69c92
d737ffd9379d8f2734c1dc6304e4ff75f1c946de29371a1ec9ddc01f423076dd

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 8266
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-204a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg

193.108.118.121

200 OK

9.3 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x7cd1fc83", progressive, precision 8, 258x145, components 3\012- data
Size
9.3 kB (9338 bytes)
Hash
5ec2461279f77afe0c6fbb935bd0b94a
95c6e9171db79ea69ce718b02484e36816d1a1cd
ac60e5738d3cf6d32004e1ddfcf4368e256f1928ea923f9369869b8e9af665ba

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 9338
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-247a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg

193.108.118.121

200 OK

9.9 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x50dba82c", progressive, precision 8, 258x145, components 3\012- data
Size
9.9 kB (9914 bytes)
Hash
eed80bba1e2813e70d57a5f3a6bbdf09
3965668a7340d071731a89abf73cc4b3efe4dac3
9ef4f06c23420fae9b1fd163d0719be1b2b258d74d27f7933c810ad64c93ac93

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 9914
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-26ba"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:09 GMT
cache-control: max-age=20253
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842189.dop201.sk1.t,1675842189.cds232.sk1.hn,1675842189.cds251.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg

193.108.118.121

200 OK

8.9 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1f7d625b", progressive, precision 8, 258x145, components 3\012- data
Size
8.9 kB (8885 bytes)
Hash
77df6b7e2677b46a053508a92026cb8a
decad70c5281062495250250fdf985b6073a8a91
6143cd3687b480264dad4e3d3a237c30c26c859ef7fe1c2a7b32472fb65710c0

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 8885
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-22b5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:09 GMT
cache-control: max-age=1571
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842189.dop201.sk1.t,1675842189.cds232.sk1.hn,1675842189.cds205.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/button.png

193.108.118.121

200 OK

20 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/button.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 107 x 93, 8-bit/color RGBA, non-interlaced\012- data
Size
20 kB (19948 bytes)
Hash
e2aadceedde9aef1bf42c176b31c585c
76c14eae7537160a304aa458bf11a985d5a57375
2b1ff8c49202306d33deac4cf49841f59c1a49d15c80a77c1e001369578cef3f

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/button.png HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/png
content-length: 19948
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-4dec"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/load.gif

193.108.118.121

200 OK

15 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/load.gif
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
GIF image data, version 89a, 64 x 64\012- data
Size
15 kB (14574 bytes)
Hash
571dfe045d66b88d2d5c82151a1bf579
8966eb7cd27754263bd2861737b695386273f423
7c7cd7a7155d3d38bb49fc82c83aa14ed24d56f6886623299b13b6a81486a871

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/load.gif HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/gif
content-length: 14574
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-38ee"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/flash.jpg

193.108.118.121

200 OK

3.8 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/flash.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Size
3.8 kB (3829 bytes)
Hash
d660b4b574161fdee86ae57edc8ed0ab
0b947dc39c7ba7415dd78683e06366ff3848b2d5
7483a49fc67a21c7a295b03880aa6c37425f3e96d60dff1ac36eff743ecf6078

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/flash.jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 3829
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-ef5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:09 GMT
cache-control: max-age=5478
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842189.dop201.sk1.t,1675842189.cds232.sk1.hn,1675842189.cds003.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/panel.jpg

193.108.118.121

200 OK

24 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/panel.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2016:05:13 17:11:55], baseline, precision 8, 990x36, components 3\012- data
Size
24 kB (23598 bytes)
Hash
ab6b76c0cc6683324bd7fe5923b24d17
559b8b1e50f80b7a218e25ce443e523401882577
a923ea85ee73e53db73038b2ea8712e7e40b067cde25b05ffa999608b17a304d

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/panel.jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 23598
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-5c2e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:09 GMT
cache-control: max-age=12677
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842189.dop201.sk1.t,1675842189.cds232.sk1.hn,1675842189.cds001.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg

193.108.118.121

200 OK

887 B

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
887 B (887 bytes)
Hash
7754ce192cf45ea10de0706da442d2ff
b5b7d0fcf5e84b04b34629d5a5a9c0bb69ca5238
0bfd7fc5264b6cede1f78a26a96cee917f96989822aa2aa20ac854e13ad46b2b

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 887
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-377"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:09 GMT
cache-control: max-age=17415
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842189.dop201.sk1.t,1675842189.cds232.sk1.hn,1675842189.cds247.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg

193.108.118.121

200 OK

1.9 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.9 kB (1889 bytes)
Hash
ddf58dd1f8745a81264b21bcf1f9cc77
73a35df521dc648af06e2e490cac929bc681a06c
a2315bfaefeae19a449f38fe4131531c7603f5c7e75e956c240074da66123134

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 1889
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-761"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg

193.108.118.121

200 OK

1.4 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x2a0818fe", progressive, precision 8, 60x60, components 3\012- data
Size
1.4 kB (1394 bytes)
Hash
609e06417314a6476bc6d0f3c1900e20
0e2b0d425bd9e5cc0ebb386b093adf64d464ac1e
9450244a77e354c177c18a691c0e5f0c2fc5d0ddf921f40178cbb8bfe4a076ac

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 1394
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-572"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:09 GMT
cache-control: max-age=23818
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842189.dop201.sk1.t,1675842189.cds232.sk1.hn,1675842189.cds219.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg

193.108.118.121

200 OK

2.6 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe705e0c1", progressive, precision 8, 60x60, components 3\012- data
Size
2.6 kB (2646 bytes)
Hash
677577d8c6ffb0107ee5c9fbabaa4af7
0bfcbbafee19eeeae113103080c41cd95b4083e5
3a215afa0d15ae2985cfb88e51e90b727f0ba03fe10f8e0b0980ef55af91bdb0

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 2646
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-a56"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg

193.108.118.121

200 OK

1.2 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.2 kB (1191 bytes)
Hash
1226a24c469c0fba3970548aab13650f
a6d371e4acc2a9181d1d6bf13b5d51f82c49a943
6a1513dacd3fcffe47245068fe9fa6a49cdc9c352b8d9cbf8f72005c4cf5cafc

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 1191
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-4a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg

193.108.118.121

200 OK

1.7 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.7 kB (1729 bytes)
Hash
3db490cc8f824e29d6fb07ba75a97a20
84c2c26447f7b49c76999f31c0ed526bde13c6c4
5c13ca439c63d5f3e5d638ba055f399058117d3b554ae3fb751d4a39043a14fd

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 1729
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6c1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg

193.108.118.121

200 OK

1.4 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xb7d2e3cb", progressive, precision 8, 60x60, components 3\012- data
Size
1.4 kB (1441 bytes)
Hash
47e765dc1abef2d79edafb5fce1c64b5
93d3e7f1e11dd2d98ca3ffb3b49a0211ed76f273
185540f06acc82b2dc4bdfa6d2deb4ce7454bb1e28783acdde67f8a9a90597b1

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 1441
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-5a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg

193.108.118.121

200 OK

1.8 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.8 kB (1809 bytes)
Hash
f042aa7a438ca85be0afeba44a3ac116
183c8b20394fdaf6ba757ff76d3f25e33092369e
05b76ed86b70990f4307223391e1c9abfff59ec545d75d94683c0f69713eed79

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 1809
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-711"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg

193.108.118.121

200 OK

1.9 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.9 kB (1902 bytes)
Hash
16b2fab44ddad0b620d0eaec2fc1e425
24fa279de6ceb2c0434ff4e750639e15eb22ed29
58076ed17c6377d23375ec949c6cb2eade75010dcf82ba0e64dbdcbd67583912

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 1902
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-76e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg

193.108.118.121

200 OK

1.1 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x0bb5b909", progressive, precision 8, 60x60, components 3\012- data
Size
1.1 kB (1085 bytes)
Hash
01ed303509acb0c822fa3c55976d4b96
7ed250f181498962ebafd21f1bde4ca15e6953c6
fba198ced4795895d1f6d0bc2247d315eb8cc6dda60ad119c99846d68d0ce445

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 1085
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-43d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg

193.108.118.121

200 OK

2.4 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xd191bb02", progressive, precision 8, 60x60, components 3\012- data
Size
2.4 kB (2350 bytes)
Hash
ec2823c426475d6766008dabf85a4bc2
f0681ce27ba96a1b4f6547a42495ebb5b0ca514a
2316f8554d54e907f9992475ced3bf03fc95412e98b2bc29aa6e5407260bcddd

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 2350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-92e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe0e89376", progressive, precision 8, 60x60, components 3\012- data
Size
2.0 kB (1979 bytes)
Hash
3f809b94b5e5607da5b5c6506a8729c1
26f4376095902a56db86ea2c76689f15ba3cf9c2
7b84461772bad27e431676a53efae81d8584a102f3f6f407ae0a54469a938ff6

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-7bb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg

193.108.118.121

200 OK

3.1 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xd191bb02", progressive, precision 8, 60x60, components 3\012- data
Size
3.1 kB (3063 bytes)
Hash
cbff1c490bcdcad2989c2549f278eae5
56e1b4489cfc0d54f9f72e15777788beba396c95
6d96d3de01207ab505c62b2da624ba787cabe4fee767c181b175186e50c23af4

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 3063
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-bf7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg

193.108.118.121

200 OK

1.8 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.8 kB (1758 bytes)
Hash
52eba434e5411806cd92add275d164ea
0cc9df3c52de111a307dc3d8d22254cf51b0c77f
a4c2a01f64274d0ede23e233e2be19225c68e5e5a6206b338fb8bc6410f7005f

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 1758
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6de"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png

193.108.118.121

200 OK

1.0 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
1.0 kB (1045 bytes)
Hash
c840b43a0575b0a1742c50f186a67c22
d1ac0da47b4394a9dbea90eee26a260b5268c4d9
6a8ef9be89e89c23d6d96c50e2fa62bd25473e9cc7a79e2cd1ef64e2647cb38a

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/png
content-length: 1045
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-415"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg

193.108.118.121

200 OK

1.4 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x2a0818fe", progressive, precision 8, 60x60, components 3\012- data
Size
1.4 kB (1373 bytes)
Hash
a08c2c5266f9701e422f042b4a3809c5
9884cf987f84b282f920634b2ab811077dfef7a3
054df6bf8ee2bcb904269745cd2c0830918d9e1a6ff1f965673af5f2946a3c37

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 1373
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-55d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg

193.108.118.121

200 OK

1.6 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe0e89376", progressive, precision 8, 60x60, components 3\012- data
Size
1.6 kB (1563 bytes)
Hash
bfa11442f9457a03384ecf8128a586a2
a30e6f6a18be085197605b6463f840cb249d0510
941411042624c554a5828ee596c1e3ade4a787ae2fad6e5b6d585ab6a6e1e3c6

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 1563
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-61b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png

193.108.118.121

200 OK

1.0 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
1.0 kB (1046 bytes)
Hash
96f46fad8cda5895b895f6ec3f95cda4
3bd79ef305bfa4b7c1a3f328828c63f89a818878
8e48576faf920cae224c669d61831d0ad5fc23f6220e83955275a3115bb568fc

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/png
content-length: 1046
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-416"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/jquery-3.2.1.min.js

193.108.118.121

200 OK

31 kB

URL HTTP/2
9.news-civuse.com/lands/38/jquery-3.2.1.min.js
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
31 kB (31065 bytes)
Hash
ae2c9d3ebdf6b1276f99509ceb9f1758
e4de1c6f990c9d623f3b92b90a1c48325b9d696e
c0662248ec8560947f68f82b9f0c9b816c6478bdffedcce24c7432998d049351

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/jquery-3.2.1.min.js HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: application/javascript
last-modified: Thu, 12 Sep 2019 09:33:06 GMT
etag: W/"5d7a10d2-15283"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg

193.108.118.121

200 OK

841 B

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
841 B (841 bytes)
Hash
9cf522c306866742c2806e0c14c8bca7
7a3ff28af2c6f7cfd036ec4fc162651eaf634f7e
fa09bef7875241c06a9e2505bc698a189d3b3ce012af29c65817fd476627ec87

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 841
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-349"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css

193.108.118.121

200 OK

12 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
12 kB (11722 bytes)
Hash
d999d1918e992b4e70345e061799eeb2
5b13608fc724d4941a9a534ba3b0e50a3e63f4f9
4b7bf3891bd33ef6e0b6b80074e52b103eb41301e3d6d804b2c3955191eeb53f

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-10b2b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg

193.108.118.121

200 OK

4.6 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 150x84, components 3\012- data
Size
4.6 kB (4644 bytes)
Hash
0fa4a903a2adc9da58b52661ebc8d38c
061c6359c2951da7509f6ae4039c2f0bc1ce6b62
79d6da7e0398c3f607c4bbc93562cf6ab96bb800cdab4ef6df82718cf0a0d3e5

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 4644
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1224"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg

193.108.118.121

200 OK

4.4 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x550d5e4d", progressive, precision 8, 150x84, components 3\012- data
Size
4.4 kB (4397 bytes)
Hash
58477c52a9d639b91b16f022d4676bcf
51a85ef703617e996c50cd76b38f2507517a9f25
a0653cc819b252702f55439d6f8763d212fca2f9f604d67224a2a9891e8eadbe

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 4397
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-112d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg

193.108.118.121

200 OK

7.0 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x7ab4f024", progressive, precision 8, 233x131, components 3\012- data
Size
7.0 kB (6972 bytes)
Hash
2a4d527ed65de8e2e0a69dc9d50442d2
8ec4547a38c9e3d37469acfe21ea755531776f09
275876bbb5190da100ae4f9aca976ec15cea0de20d42e167f522a0a50ba8ca02

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 6972
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1b3c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg

193.108.118.121

200 OK

4.3 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x852b408e", progressive, precision 8, 150x84, components 3\012- data
Size
4.3 kB (4315 bytes)
Hash
365e215442256548316a73bc7c79edf1
13078402132cb89939a39edf11181fb88ebe390f
f8c35c02ff055694af23c83b1e3019a8c29965ab57ed7db8173a23a38494ff58

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 4315
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-10db"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css

193.108.118.121

200 OK

36 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
36 kB (36214 bytes)
Hash
67e100b50e9cef8f1bf97101c45da758
416e3f3920a660d1ec6ca544b230dc58e1a44baf
4e49c9d2dc35c9cec36e24f574a5d8922d47a23cd02d91664edfd24c8dbf621b

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-2f3dd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg

193.108.118.121

200 OK

8.6 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 233x131, components 3\012- data
Size
8.6 kB (8615 bytes)
Hash
55778c73ba99a9477464e5c90cdd7e02
bc49e8058f1dafe10e817441de952ba6aa3b7b58
c362fc3a2aafd1b0d8069fb1fae83b5f0abb06443d3e00b21b37be13aeb75bfa

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 8615
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-21a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css

193.108.118.121

200 OK

10 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
10 kB (10354 bytes)
Hash
fdbb28babe20c643a6ace02b061f1a41
f1003601b4d333a116f2c588ed5ed9ab6c27d4dc
974ea8d2604861658fae0c360a3906a282698afef1ffcc66ae36aee8a9f129e8

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-6aa0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg

193.108.118.121

200 OK

4.4 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6359dcbc", progressive, precision 8, 150x84, components 3\012- data
Size
4.4 kB (4417 bytes)
Hash
447470b34b66b570c8fc0dbc11c06609
863180b376242e256189888eb99282e597d894c9
dd57f5a80517b8109279b57d702278f31a9878295045c6766931a0453244d749

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 4417
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1141"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg

193.108.118.121

200 OK

7.9 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 233x131, components 3\012- data
Size
7.9 kB (7904 bytes)
Hash
5df975e7a8c0b2610069610c54c5ce6c
ab6390fbb7be1be9a0f4477b4439e34d5175b6fc
bbfb6830dabc55fd598cc0948049f2367d17c80f286e0821e660ba7f5a6b360c

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 7904
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1ee0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg

193.108.118.121

200 OK

3.8 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x8c97c7da", progressive, precision 8, 150x84, components 3\012- data
Size
3.8 kB (3835 bytes)
Hash
6ed4eca1ed776930746531005fcf22aa
11e8643932e35a8ef65be8ef585afee241c8eddc
28849006b773d85fb8fb2295a86bcee5d2cdabb9a23d854ffebbd8dfd203588c

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 3835
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-efb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg

193.108.118.121

200 OK

4.7 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x550d5e4d", progressive, precision 8, 150x84, components 3\012- data
Size
4.7 kB (4664 bytes)
Hash
12f0c14e5943fd57577ce11155107bdb
a484cb296770fe6cb55d25cba19f831cf1aaf7d1
9eb468f7688a901a3626fdde8d0b07dc490a830718c2938d32f70f0ec122a344

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 4664
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1238"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg

193.108.118.121

200 OK

6.8 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1f7d625b", progressive, precision 8, 233x131, components 3\012- data
Size
6.8 kB (6827 bytes)
Hash
2ad4260dc1204ad8f3c0c29bd919830a
fd2ddfca32f55ba5d180af812a787e61ce136480
acc8f76a570c0833d34835f5694409e082b4af09783366596c2e151e0b0ed128

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 6827
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1aab"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css

193.108.118.121

200 OK

13 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
13 kB (12595 bytes)
Hash
7efcc3076a615ca5632f9ec7715afee0
85ecf3ced5acfff9ec04f2ea650284bf1aab91c4
a4512568479f5afd9723fe25b1795ee1b17ec8274e9b3bd4d076d0f4353fdf0f

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-1327c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

9.news-civuse.com/sw.js

193.108.118.121

200 OK

4.2 kB

URL HTTP/2
9.news-civuse.com/sw.js
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (4168)
Size
4.2 kB (4199 bytes)
Hash
569090f90a522f4c62af3b9e40635957
4e6f57da49920f30777f3fe71f83f6183aeb4f3f
ee8c6af307c8d085753adb810c69c8379d1e8d01211b491409c43e9edc9f6fb5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sw.js HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: application/javascript
content-length: 4199
last-modified: Thu, 01 Dec 2022 08:31:02 GMT
etag: "63886646-1067"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/index.php_files/pu.swf

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
9.news-civuse.com/lands/38/index.php_files/pu.swf
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1953 bytes)
Hash
6d40122b8a5b7fd31b5aef2749f519fd
518d585dd26c947344ddea5403324850d1b2f7cd
1da7814acd0d6913438bf701d8a2d2cf29814174b5eff0e6ff129ee74f68a7cf

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/index.php_files/pu.swf HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: application/x-shockwave-flash
content-length: 1953
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:10 GMT
cache-control: max-age=13253
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842190.dop201.sk1.t,1675842190.cds232.sk1.hn,1675842190.cds212.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:10 GMT
cache-control: max-age=20252
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842190.dop201.sk1.t,1675842190.cds232.sk1.hn,1675842190.cds251.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js

193.108.118.121

200 OK

15 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
15 kB (15186 bytes)
Hash
47018d77ac880c943294621a3afbc8cb
80782444b7072461ad62a80c42b9359b84f740d0
74875aac38e0edf501ee44c6bb21ac09b6f552a5d9e70c605a8199e9cd30d4b9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: application/javascript
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: W/"5d7a0ef0-f889"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:10 GMT
cache-control: max-age=12676
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842190.dop201.sk1.t,1675842190.cds232.sk1.hn,1675842190.cds001.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:10 GMT
cache-control: max-age=5477
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842190.dop201.sk1.t,1675842190.cds232.sk1.hn,1675842190.cds003.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:10 GMT
cache-control: max-age=17414
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842190.dop201.sk1.t,1675842190.cds232.sk1.hn,1675842190.cds247.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:10 GMT
cache-control: max-age=23817
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842190.dop201.sk1.t,1675842190.cds232.sk1.hn,1675842190.cds219.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css

193.108.118.121

200 OK

8.2 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
8.2 kB (8220 bytes)
Hash
09a3857817c56da56ca915546555bb33
4eef039030de077e7e63d2894f7d0951b1e137c8
44b605c2a3dcc7994d49fb945c6731ed8f03fc7154ab70f7c805c5b6e810e07f

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-8353"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1979 bytes)
Hash
613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250 HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1995 bytes)
Hash
1b6ee6a5fdcf3c781a0b768964797646
f0bf83f6368d7c31471ad258ce8cfb4848109192
511ad4ad0f3db18490c9b7876d44c887f60d78dd8d06a585367c0ab4ddbbe92f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250 HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/fon2.jpg

193.108.118.121

200 OK

234 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/fon2.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2014 (Windows), datetime=2016:06:21 11:55:20], baseline, precision 8, 990x513, components 3\012- data
Size
234 kB (234218 bytes)
Hash
60f67e63f85561c6f95fd573252d2311
6fc6d41b27131074786778522b86077f477dbd51
0e80e9257f1dd0149894bf37342cb082ef2410263de490e851111fa9531e15c6

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/fon2.jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 234218
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-392ea"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1979 bytes)
Hash
613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250 HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1995 bytes)
Hash
787dca6a9c809e6dcc3d3018f3f639bb
cf5838982dcd16a1cca3e810716270434413ea80
6fe734b116afdc3782aef601ddee34dfa45e93c69ff372143f3ae187c47627d3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250 HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.0 kB (1995 bytes)
Hash
787dca6a9c809e6dcc3d3018f3f639bb
cf5838982dcd16a1cca3e810716270434413ea80
6fe734b116afdc3782aef601ddee34dfa45e93c69ff372143f3ae187c47627d3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250 HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2

browser.sentry-cdn.com/7.19.0/bundle.es5.min.js

151.101.66.217

200 OK

20 kB

URL HTTP/2
browser.sentry-cdn.com/7.19.0/bundle.es5.min.js
IP
151.101.66.217:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (62031)
Size
20 kB (20174 bytes)
Hash
1c6083f7ae34ed2fa3236569eec9ff56
0c1be1b5468042e65e02c8b886c50d26427c9ce7
2b1d69121eb9dc0629126ff02cf7acef2f1924b32b0bb654792ecd9101e10c44

HTTP Headers

GET /7.19.0/bundle.es5.min.js HTTP/1.1
Host: browser.sentry-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Sat, 11 Nov 2023 17:34:32 GMT
last-modified: Thu, 10 Nov 2022 15:50:35 GMT
etag: "1c6083f7ae34ed2fa3236569eec9ff56"
content-type: application/javascript; charset=utf-8
content-encoding: gzip
accept-ranges: bytes
date: Wed, 08 Feb 2023 07:43:10 GMT
age: 7654117
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 20174
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/favicon.png

193.108.118.121

200 OK

1.2 kB

URL HTTP/2
9.news-civuse.com/lands/38/favicon.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
1.2 kB (1233 bytes)
Hash
e7ffe9c659d8c729e12e20dfe05509be
2c413e09ebd14dd3020209fe9c9183e0335fc250
880c000a3ca23bb89262d9c2ccf9d48bab37dcec09f3b3bf55c8385f58745f50

HTTP Headers

GET /lands/38/favicon.png HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/png
content-length: 1233
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-4d1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

errors.house/api/3/envelope/?sentry_key=f1c7cfc107e94764b41b7a2b50de5ae0&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.15.0

144.76.158.184

429 Too Many Requests

162 B

URL HTTP/1.1
errors.house/api/3/envelope/?sentry_key=f1c7cfc107e94764b41b7a2b50de5ae0&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.15.0
IP
144.76.158.184:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
7f44c7691673d77d8557d4d5699ef23a
f30daebcb81f94af5e6dfd9e70585b8904d72ac1
413d294fad14524bf94e764b33ff0f327682549408545171fcf9240189c154ae

HTTP Headers

POST /api/3/envelope/?sentry_key=f1c7cfc107e94764b41b7a2b50de5ae0&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.15.0 HTTP/1.1
Host: errors.house
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://9.news-civuse.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://9.news-civuse.com
Content-Length: 1018
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 429 Too Many Requests
Server: nginx/1.22.1
Date: Wed, 08 Feb 2023 07:43:10 GMT
Content-Type: text/html
Content-Length: 162
Connection: close

9.news-civuse.com/traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38

193.108.118.121

200 OK

37 kB

URL HTTP/2
9.news-civuse.com/traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
37 kB (37214 bytes)
Hash
73ead9d15baab4d54bba1af0d48c486f
2e1005f32d12772d9a315ee7b5fa1b67244da31a
dec378f894f858ef2305bfa2b06028f6fb3b722df02b4e4e9e94a01bd4075bfc

HTTP Headers

GET /traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38 HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Connection: keep-alive
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

5.news-civuse.com/traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38

193.108.118.121

200 OK

12 kB

URL HTTP/2
5.news-civuse.com/traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
12 kB (11773 bytes)
Hash
53d1a841eca70093cb11ee7c5821d5c1
9c0cb5aa359a8dbce7952a5db2d232b8f588a5d9
89233c76cf4f27e8b569986fb540aa4f06dadf7df20c7f78364f0b79e416caf3

HTTP Headers

GET /traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38 HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Connection: keep-alive
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

10.news-civuse.com/revopush.js?v=4

193.108.118.121

200 OK

10 kB

URL HTTP/2
10.news-civuse.com/revopush.js?v=4
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (9954), with no line terminators
Size
10 kB (9954 bytes)
Hash
fc284a0e5d580856ae4863715ad6733e
eb69f303c80ff8e44abc9601b8616c0cf92faafa
2240a1d10744494668058ba210d0d87203609def9fd69d2ac82092ebc79583c0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /revopush.js?v=4 HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: application/javascript
content-length: 9954
last-modified: Thu, 15 Dec 2022 09:31:10 GMT
etag: "639ae95e-26e2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css

193.108.118.121

200 OK

4.0 kB

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (4028), with no line terminators
Size
4.0 kB (4028 bytes)
Hash
64f6d7d923f18e5d25a4506b45fcd51d
0e636e489bba7af08cb17f8a72c5dc5685774057
18818b4b5458636324d294a8dee67dbde4808ae542e6cefa18ca6d90c1fc4479

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: text/css
content-length: 4028
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: "61deb724-fbc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css

193.108.118.121

200 OK

6.0 kB

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (5955), with no line terminators
Size
6.0 kB (5955 bytes)
Hash
0fe9d8c60b2c31a97fa966d14be642ef
eb4f94b637c54906ae38eb350b6310d552c75e6d
191ae0d72198f51609589e26c7d837d2978382861f60b360148e0af13c8583e1

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: text/css
content-length: 5955
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1743"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css

193.108.118.121

200 OK

8.3 kB

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (8327), with no line terminators
Size
8.3 kB (8327 bytes)
Hash
8cd6ca47d55ffed774fde852523940e0
49e1e837355b3de08055c650488d0a3382bff9c0
17528d5914a702bb12ac6b36c8e3bbbfbcd3d52b54dd613acbacf8f4bb17ae33

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: text/css
content-length: 8327
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: "61deb724-2087"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css

193.108.118.121

200 OK

1.4 kB

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (1391), with no line terminators
Size
1.4 kB (1391 bytes)
Hash
677a255a4a9dc3411b8013e8afb09c42
ec9f1a722b028da2eceb06cdc8c26fc6490a4e70
cc4494353809adb8bdfbbdea2ad72a1a0fc9c84816dc23c7ee1f9466e620eb5e

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: text/css
content-length: 1391
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-56f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/18.png

193.108.118.121

200 OK

12 kB

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/18.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (12136 bytes)
Hash
833a12d372440b20017502d3c72e0b20
5fb9301142e3c53f65cd16502b35d7d1d5f82b98
1531ac56322b89715a35b1cdb5ca1f79f453614f368455b2cc8ef650a992f8cd

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/18.png HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/png
content-length: 12136
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2f68"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png

193.108.118.121

200 OK

22 kB

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 150 x 40, 8-bit/color RGBA, non-interlaced\012- data
Size
22 kB (21724 bytes)
Hash
19b197d779dd9ee78737a456dbd5c1a6
a3f0b1d0659e5a76bdfaa52bb8f68096d1ab1359
806a8a4abe09c02f4e4b3ed4d6514bfcf1a93a941e838aadf56afaef858d8e37

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/png
content-length: 21724
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-54dc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css

193.108.118.121

200 OK

31 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
31 kB (30971 bytes)
Hash
ea5dd7abd54160387899eba1a303d94f
01aa6d38df0061fce4e1625dcebda6afd05f0bd2
cf226a054555062f872db026ee807893a359583b4d968d3f8a8ea27163039e84

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-3957"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg

193.108.118.121

200 OK

17 kB

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 118x88, components 3\012- data
Size
17 kB (17350 bytes)
Hash
215029a9775d1e9a56c93912ab03f4c6
6a3dbd676e2ea61850d2a20086b9ec84127da0ae
e071c52839ef37679439165349ffdd98cf19aa7e35d0293a1bec69743db70b16

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 17350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-43c6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg

193.108.118.121

200 OK

12 kB

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 118x88, components 3\012- data
Size
12 kB (12525 bytes)
Hash
ea52ae32ae4319fb03da1672b0c20ed3
4efd8189179b260a4b51fd4b28d729b6143ef00a
43a4ca83560d5720ffeccf17478d6a1741f86639f35744fb61fcb139dc3020a6

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 12525
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-30ed"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg

193.108.118.121

200 OK

11 kB

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Size
11 kB (11238 bytes)
Hash
2f03fbd61721fdf46883333595050c77
8361f15c906a9457340fc21febd22b5ede56ac61
9f6c76cf695bc0785f4e4f8bb3abe93255af3ea1597307d567dc0fc93fa70560

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 11238
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2be6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg

193.108.118.121

200 OK

14 kB

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Size
14 kB (13505 bytes)
Hash
9903db279cf9714141daac34523f39b6
ac412f9ce9b8c50155e9adb9f5095d82519ccd24
f562892c60fef407c954fd73d6908003c42f832c4ae86f8264438a576ce2c1cd

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 13505
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-34c1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:10 GMT
cache-control: max-age=13253
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842190.dop201.sk1.t,1675842190.cds232.sk1.hn,1675842190.cds212.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg

193.108.118.121

200 OK

13 kB

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 118x88, components 3\012- data
Size
13 kB (13106 bytes)
Hash
99a404d25bcdd47a141dafdbe046d0cf
04de642c5cbc865c29ab3599c1c4fa19f2a6ba8e
fbe779bcef340ba0b148f84b50a8323a2bbb493674e130bf877d87c6d163ed36

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 13106
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-3332"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:10 GMT
cache-control: max-age=20252
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842190.dop201.sk1.t,1675842190.cds232.sk1.hn,1675842190.cds251.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg

193.108.118.121

200 OK

16 kB

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Size
16 kB (15481 bytes)
Hash
5a34545daf4bc481bcbc3573062aa426
132d09d36ede8f32c3168ecaaa631e5959ce38ef
c044a81b14812c50f3142ad20d0ca862923daba2483eb164b0348ba98d3b7855

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 15481
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-3c79"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg

193.108.118.121

200 OK

18 kB

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Size
18 kB (17978 bytes)
Hash
10e8794e65f20d32932985bf814b8965
0627b8648373340d2ba949fd7fe50611d11b033b
43b9f39f94acb50efb3b6981a6c931dcf25eefcc7b7734a927036255263eee39

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 17978
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-463a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif

193.108.118.121

200 OK

2.4 kB

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
GIF image data, version 89a, 116 x 86\012- data
Size
2.4 kB (2350 bytes)
Hash
ec706a0634f1e5e06ad775b2b2ebdcf2
5a18c424f7b84b40709a6b78b2d632639bb3ff2b
9613f59211bd2194336c666d11a0d2e1daa4dd96d543e661f5835e0a621c2f5d

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/gif
content-length: 2350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-92e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg

193.108.118.121

200 OK

9.0 kB

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xae3bf698", progressive, precision 8, 258x145, components 3\012- data
Size
9.0 kB (9007 bytes)
Hash
58357cada0f0171d2a84540391219649
57123e69e055b4d818faedec09884135c5d4a31e
742c68ecf3dcc1096143a0a5d00f4a15a3edb13fd497ea2931e67e66826addd0

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 9007
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-232f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg

193.108.118.121

200 OK

9.6 kB

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x70755b56", progressive, precision 8, 258x145, components 3\012- data
Size
9.6 kB (9565 bytes)
Hash
8fcd27f0bcc790f75f46d275a19a6300
556d3ca4dec168c77ae4a73c0c6e8291ef1291c0
78410be719ee73e00845d44e100e280d3989fc3d0fa4d3dcfcd888f13ded1843

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 9565
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-255d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:10 GMT
cache-control: max-age=1570
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842190.dop201.sk1.t,1675842190.cds232.sk1.hn,1675842190.cds205.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg

193.108.118.121

200 OK

15 kB

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x541b39db", progressive, precision 8, 258x145, components 3\012- data
Size
15 kB (14653 bytes)
Hash
bb05342bd1f87ae7624aba323af77dca
4b7c875644d0b6a424abf06cda89ad135bd53d81
828e2c12259274e1eb1c212f3498fb31503462023c4b2642da4f795209b755de

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 14653
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-393d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:10 GMT
cache-control: max-age=5477
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842190.dop201.sk1.t,1675842190.cds232.sk1.hn,1675842190.cds003.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg

193.108.118.121

200 OK

10 kB

URL HTTP/2
9.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1d6d8e5e", progressive, precision 8, 258x145, components 3\012- data
Size
10 kB (10352 bytes)
Hash
1541881a313c963dc754657aefd89ef0
fb41198c81ac17da4f9a34e4b4bf21c8c7fe6001
75e1629d9fad2e22b9d9983c65874a19a3f639db43c11db713a7f972b8f72117

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg HTTP/1.1
Host: 9.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:09 GMT
content-type: image/jpeg
content-length: 12127
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2f5f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:10 GMT
cache-control: max-age=12676
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842190.dop201.sk1.t,1675842190.cds232.sk1.hn,1675842190.cds001.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg

193.108.118.121

200 OK

9.0 kB

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 258x145, components 3\012- data
Size
9.0 kB (9032 bytes)
Hash
6c17c634ebd856cc85bedd931ac01680
d1e1b9358749b9fd4ff851bb4cbdce54a6223ce8
c1ced3a91bde391f64c6cef03b164cd89ffd499fa5d75a3f797bc57b1fc3c191

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 9032
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2348"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg

193.108.118.121

200 OK

8.3 kB

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x8c97c7da", progressive, precision 8, 258x145, components 3\012- data
Size
8.3 kB (8266 bytes)
Hash
bc1cdeea817d887b981f26bc84236b93
4528ed7010e2e0c774890d6041a60cbeb3c69c92
d737ffd9379d8f2734c1dc6304e4ff75f1c946de29371a1ec9ddc01f423076dd

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 8266
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-204a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg

193.108.118.121

200 OK

9.3 kB

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x7cd1fc83", progressive, precision 8, 258x145, components 3\012- data
Size
9.3 kB (9338 bytes)
Hash
5ec2461279f77afe0c6fbb935bd0b94a
95c6e9171db79ea69ce718b02484e36816d1a1cd
ac60e5738d3cf6d32004e1ddfcf4368e256f1928ea923f9369869b8e9af665ba

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 9338
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-247a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg

193.108.118.121

200 OK

9.9 kB

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x50dba82c", progressive, precision 8, 258x145, components 3\012- data
Size
9.9 kB (9914 bytes)
Hash
eed80bba1e2813e70d57a5f3a6bbdf09
3965668a7340d071731a89abf73cc4b3efe4dac3
9ef4f06c23420fae9b1fd163d0719be1b2b258d74d27f7933c810ad64c93ac93

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 9914
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-26ba"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:10 GMT
cache-control: max-age=17414
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842190.dop201.sk1.t,1675842190.cds232.sk1.hn,1675842190.cds247.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg

193.108.118.121

200 OK

8.9 kB

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1f7d625b", progressive, precision 8, 258x145, components 3\012- data
Size
8.9 kB (8885 bytes)
Hash
77df6b7e2677b46a053508a92026cb8a
decad70c5281062495250250fdf985b6073a8a91
6143cd3687b480264dad4e3d3a237c30c26c859ef7fe1c2a7b32472fb65710c0

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 8885
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-22b5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg

205.185.208.60

403 Forbidden

9 B

URL HTTP/2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
IP
205.185.208.60:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 08 Feb 2023 07:43:10 GMT
cache-control: max-age=23817
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1675842190.dop201.sk1.t,1675842190.cds232.sk1.hn,1675842190.cds219.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg

193.108.118.121

200 OK

12 kB

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 258x145, components 3\012- data
Size
12 kB (12127 bytes)
Hash
081a01df58865529d3edcbc765c4dcb5
a7fe3ca35fe5e244926a80addda994218806f613
edebf400c8f60c306491e7b2f8a695b7dde10cf49eed66125423571a1cd60d05

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 12127
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2f5f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/button.png

193.108.118.121

200 OK

20 kB

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/button.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 107 x 93, 8-bit/color RGBA, non-interlaced\012- data
Size
20 kB (19948 bytes)
Hash
e2aadceedde9aef1bf42c176b31c585c
76c14eae7537160a304aa458bf11a985d5a57375
2b1ff8c49202306d33deac4cf49841f59c1a49d15c80a77c1e001369578cef3f

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/button.png HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/png
content-length: 19948
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-4dec"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/load.gif

193.108.118.121

200 OK

15 kB

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/load.gif
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
GIF image data, version 89a, 64 x 64\012- data
Size
15 kB (14574 bytes)
Hash
571dfe045d66b88d2d5c82151a1bf579
8966eb7cd27754263bd2861737b695386273f423
7c7cd7a7155d3d38bb49fc82c83aa14ed24d56f6886623299b13b6a81486a871

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/load.gif HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/gif
content-length: 14574
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-38ee"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/flash.jpg

193.108.118.121

200 OK

3.8 kB

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/flash.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Size
3.8 kB (3829 bytes)
Hash
d660b4b574161fdee86ae57edc8ed0ab
0b947dc39c7ba7415dd78683e06366ff3848b2d5
7483a49fc67a21c7a295b03880aa6c37425f3e96d60dff1ac36eff743ecf6078

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/flash.jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 3829
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-ef5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/panel.jpg

193.108.118.121

200 OK

24 kB

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/panel.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2016:05:13 17:11:55], baseline, precision 8, 990x36, components 3\012- data
Size
24 kB (23598 bytes)
Hash
ab6b76c0cc6683324bd7fe5923b24d17
559b8b1e50f80b7a218e25ce443e523401882577
a923ea85ee73e53db73038b2ea8712e7e40b067cde25b05ffa999608b17a304d

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/panel.jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 23598
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-5c2e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg

193.108.118.121

200 OK

887 B

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
887 B (887 bytes)
Hash
7754ce192cf45ea10de0706da442d2ff
b5b7d0fcf5e84b04b34629d5a5a9c0bb69ca5238
0bfd7fc5264b6cede1f78a26a96cee917f96989822aa2aa20ac854e13ad46b2b

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 887
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-377"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg

193.108.118.121

200 OK

1.9 kB

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.9 kB (1889 bytes)
Hash
ddf58dd1f8745a81264b21bcf1f9cc77
73a35df521dc648af06e2e490cac929bc681a06c
a2315bfaefeae19a449f38fe4131531c7603f5c7e75e956c240074da66123134

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 1889
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-761"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg

193.108.118.121

200 OK

1.4 kB

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x2a0818fe", progressive, precision 8, 60x60, components 3\012- data
Size
1.4 kB (1394 bytes)
Hash
609e06417314a6476bc6d0f3c1900e20
0e2b0d425bd9e5cc0ebb386b093adf64d464ac1e
9450244a77e354c177c18a691c0e5f0c2fc5d0ddf921f40178cbb8bfe4a076ac

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 1394
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-572"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg

193.108.118.121

200 OK

2.6 kB

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe705e0c1", progressive, precision 8, 60x60, components 3\012- data
Size
2.6 kB (2646 bytes)
Hash
677577d8c6ffb0107ee5c9fbabaa4af7
0bfcbbafee19eeeae113103080c41cd95b4083e5
3a215afa0d15ae2985cfb88e51e90b727f0ba03fe10f8e0b0980ef55af91bdb0

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 2646
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-a56"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg

193.108.118.121

200 OK

1.2 kB

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.2 kB (1191 bytes)
Hash
1226a24c469c0fba3970548aab13650f
a6d371e4acc2a9181d1d6bf13b5d51f82c49a943
6a1513dacd3fcffe47245068fe9fa6a49cdc9c352b8d9cbf8f72005c4cf5cafc

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 1191
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-4a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/jquery-3.2.1.min.js

193.108.118.121

200 OK

32 kB

URL HTTP/2
10.news-civuse.com/lands/38/jquery-3.2.1.min.js
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
32 kB (31907 bytes)
Hash
4eb824693667354b514e10c36ab9549a
ea472e8a8e32c825d4e967706f91e8e7a7e0ca7e
52bcfacb61d97039d0dd129cf573532fe0bceff844e16dde4a81069cef590c06

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/jquery-3.2.1.min.js HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: application/javascript
last-modified: Thu, 12 Sep 2019 09:33:06 GMT
etag: W/"5d7a10d2-15283"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css

193.108.118.121

200 OK

11 kB

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
11 kB (10610 bytes)
Hash
e4ac18000f1e664300a8c7ce5cb778d6
7dc0903b874870d367359a6466da31bd94f889c6
768501027582d0270c4abab9bec335ea96d46a30b478cc4c4fa03a8450f18147

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-10b2b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg

193.108.118.121

200 OK

1.8 kB

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.8 kB (1809 bytes)
Hash
f042aa7a438ca85be0afeba44a3ac116
183c8b20394fdaf6ba757ff76d3f25e33092369e
05b76ed86b70990f4307223391e1c9abfff59ec545d75d94683c0f69713eed79

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 1809
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-711"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js

193.108.118.121

200 OK

49 kB

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
data
Size
49 kB (49258 bytes)
Hash
2057de9ff4620865fb22698edcc967e7
6129c41384908aa8dc3a9885ee07794a905b2e61
6006f5fd26bbd6566b3413d506f17c60be5714dd05995bd8a6d6c37bcf898d22

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: application/javascript
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: W/"5d7a0ef0-f889"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg

193.108.118.121

200 OK

1.1 kB

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x0bb5b909", progressive, precision 8, 60x60, components 3\012- data
Size
1.1 kB (1085 bytes)
Hash
01ed303509acb0c822fa3c55976d4b96
7ed250f181498962ebafd21f1bde4ca15e6953c6
fba198ced4795895d1f6d0bc2247d315eb8cc6dda60ad119c99846d68d0ce445

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 1085
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-43d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg

193.108.118.121

200 OK

2.4 kB

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xd191bb02", progressive, precision 8, 60x60, components 3\012- data
Size
2.4 kB (2350 bytes)
Hash
ec2823c426475d6766008dabf85a4bc2
f0681ce27ba96a1b4f6547a42495ebb5b0ca514a
2316f8554d54e907f9992475ced3bf03fc95412e98b2bc29aa6e5407260bcddd

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 2350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-92e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg

193.108.118.121

200 OK

2.0 kB

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe0e89376", progressive, precision 8, 60x60, components 3\012- data
Size
2.0 kB (1979 bytes)
Hash
3f809b94b5e5607da5b5c6506a8729c1
26f4376095902a56db86ea2c76689f15ba3cf9c2
7b84461772bad27e431676a53efae81d8584a102f3f6f407ae0a54469a938ff6

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-7bb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg

193.108.118.121

200 OK

3.1 kB

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xd191bb02", progressive, precision 8, 60x60, components 3\012- data
Size
3.1 kB (3063 bytes)
Hash
cbff1c490bcdcad2989c2549f278eae5
56e1b4489cfc0d54f9f72e15777788beba396c95
6d96d3de01207ab505c62b2da624ba787cabe4fee767c181b175186e50c23af4

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 3063
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-bf7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg

193.108.118.121

200 OK

1.8 kB

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
1.8 kB (1758 bytes)
Hash
52eba434e5411806cd92add275d164ea
0cc9df3c52de111a307dc3d8d22254cf51b0c77f
a4c2a01f64274d0ede23e233e2be19225c68e5e5a6206b338fb8bc6410f7005f

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 1758
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6de"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png

193.108.118.121

200 OK

1.0 kB

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
1.0 kB (1045 bytes)
Hash
c840b43a0575b0a1742c50f186a67c22
d1ac0da47b4394a9dbea90eee26a260b5268c4d9
6a8ef9be89e89c23d6d96c50e2fa62bd25473e9cc7a79e2cd1ef64e2647cb38a

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/png
content-length: 1045
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-415"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg

193.108.118.121

200 OK

1.4 kB

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x2a0818fe", progressive, precision 8, 60x60, components 3\012- data
Size
1.4 kB (1373 bytes)
Hash
a08c2c5266f9701e422f042b4a3809c5
9884cf987f84b282f920634b2ab811077dfef7a3
054df6bf8ee2bcb904269745cd2c0830918d9e1a6ff1f965673af5f2946a3c37

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 1373
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-55d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg

193.108.118.121

200 OK

1.6 kB

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe0e89376", progressive, precision 8, 60x60, components 3\012- data
Size
1.6 kB (1563 bytes)
Hash
bfa11442f9457a03384ecf8128a586a2
a30e6f6a18be085197605b6463f840cb249d0510
941411042624c554a5828ee596c1e3ade4a787ae2fad6e5b6d585ab6a6e1e3c6

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 1563
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-61b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png

193.108.118.121

200 OK

1.0 kB

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
1.0 kB (1046 bytes)
Hash
96f46fad8cda5895b895f6ec3f95cda4
3bd79ef305bfa4b7c1a3f328828c63f89a818878
8e48576faf920cae224c669d61831d0ad5fc23f6220e83955275a3115bb568fc

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/png
content-length: 1046
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-416"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg

193.108.118.121

200 OK

887 B

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
887 B (887 bytes)
Hash
7754ce192cf45ea10de0706da442d2ff
b5b7d0fcf5e84b04b34629d5a5a9c0bb69ca5238
0bfd7fc5264b6cede1f78a26a96cee917f96989822aa2aa20ac854e13ad46b2b

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 887
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-377"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg

193.108.118.121

200 OK

841 B

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Size
841 B (841 bytes)
Hash
9cf522c306866742c2806e0c14c8bca7
7a3ff28af2c6f7cfd036ec4fc162651eaf634f7e
fa09bef7875241c06a9e2505bc698a189d3b3ce012af29c65817fd476627ec87

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 841
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-349"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg

193.108.118.121

200 OK

2.6 kB

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe705e0c1", progressive, precision 8, 60x60, components 3\012- data
Size
2.6 kB (2553 bytes)
Hash
950ff8ae916df997fea302859ca2ccb4
42232e28878f65aaf4120d9435784ad46c2be71c
c0b01da5a48a7ddd619a2dee26bec77300b68bb1b028716320719f9c1a5f769e

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 2553
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-9f9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg

193.108.118.121

200 OK

4.6 kB

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 150x84, components 3\012- data
Size
4.6 kB (4644 bytes)
Hash
0fa4a903a2adc9da58b52661ebc8d38c
061c6359c2951da7509f6ae4039c2f0bc1ce6b62
79d6da7e0398c3f607c4bbc93562cf6ab96bb800cdab4ef6df82718cf0a0d3e5

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 4644
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1224"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg

193.108.118.121

200 OK

4.4 kB

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x550d5e4d", progressive, precision 8, 150x84, components 3\012- data
Size
4.4 kB (4397 bytes)
Hash
58477c52a9d639b91b16f022d4676bcf
51a85ef703617e996c50cd76b38f2507517a9f25
a0653cc819b252702f55439d6f8763d212fca2f9f604d67224a2a9891e8eadbe

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 4397
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-112d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg

193.108.118.121

200 OK

7.0 kB

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x7ab4f024", progressive, precision 8, 233x131, components 3\012- data
Size
7.0 kB (6972 bytes)
Hash
2a4d527ed65de8e2e0a69dc9d50442d2
8ec4547a38c9e3d37469acfe21ea755531776f09
275876bbb5190da100ae4f9aca976ec15cea0de20d42e167f522a0a50ba8ca02

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 6972
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1b3c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg

193.108.118.121

200 OK

4.3 kB

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x852b408e", progressive, precision 8, 150x84, components 3\012- data
Size
4.3 kB (4315 bytes)
Hash
365e215442256548316a73bc7c79edf1
13078402132cb89939a39edf11181fb88ebe390f
f8c35c02ff055694af23c83b1e3019a8c29965ab57ed7db8173a23a38494ff58

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 4315
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-10db"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg

193.108.118.121

200 OK

4.0 kB

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x541b39db", progressive, precision 8, 150x84, components 3\012- data
Size
4.0 kB (4035 bytes)
Hash
416ec3af020687541765d48acb81fc08
48b80345ffb951535d4d6ca811d19bd9dd726998
75c30d77f900b2f4c91f502f45f00606b57a47bb84e6b700fb18482389d88f3c

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 4035
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-fc3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg

193.108.118.121

200 OK

8.6 kB

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 233x131, components 3\012- data
Size
8.6 kB (8615 bytes)
Hash
55778c73ba99a9477464e5c90cdd7e02
bc49e8058f1dafe10e817441de952ba6aa3b7b58
c362fc3a2aafd1b0d8069fb1fae83b5f0abb06443d3e00b21b37be13aeb75bfa

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 8615
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-21a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg

193.108.118.121

200 OK

5.1 kB

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x852b408e", progressive, precision 8, 150x84, components 3\012- data
Size
5.1 kB (5080 bytes)
Hash
72e270f7041c2fe2f326d11e162fb249
3f918a2023f10a01a2ed74713d292df415d14e05
b17ce663fab4421f728ea0dd218d2a8a6a10a4314759fdf139b9388fa26e37f6

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 5080
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-13d8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg

193.108.118.121

200 OK

4.4 kB

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6359dcbc", progressive, precision 8, 150x84, components 3\012- data
Size
4.4 kB (4417 bytes)
Hash
447470b34b66b570c8fc0dbc11c06609
863180b376242e256189888eb99282e597d894c9
dd57f5a80517b8109279b57d702278f31a9878295045c6766931a0453244d749

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 4417
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1141"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg

193.108.118.121

200 OK

7.9 kB

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 233x131, components 3\012- data
Size
7.9 kB (7904 bytes)
Hash
5df975e7a8c0b2610069610c54c5ce6c
ab6390fbb7be1be9a0f4477b4439e34d5175b6fc
bbfb6830dabc55fd598cc0948049f2367d17c80f286e0821e660ba7f5a6b360c

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 7904
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1ee0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg

193.108.118.121

200 OK

3.8 kB

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x8c97c7da", progressive, precision 8, 150x84, components 3\012- data
Size
3.8 kB (3835 bytes)
Hash
6ed4eca1ed776930746531005fcf22aa
11e8643932e35a8ef65be8ef585afee241c8eddc
28849006b773d85fb8fb2295a86bcee5d2cdabb9a23d854ffebbd8dfd203588c

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 3835
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-efb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/tds.php?sid=8051799&p1=&domain=news-civuse.com&p2=s8hnpa6u30i6&p3=

193.108.118.121

302 Found

4.7 kB

URL HTTP/2
news-civuse.com/tds.php?sid=8051799&p1=&domain=news-civuse.com&p2=s8hnpa6u30i6&p3=
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x550d5e4d", progressive, precision 8, 150x84, components 3\012- data
Size
4.7 kB (4664 bytes)
Hash
12f0c14e5943fd57577ce11155107bdb
a484cb296770fe6cb55d25cba19f831cf1aaf7d1
9eb468f7688a901a3626fdde8d0b07dc490a830718c2938d32f70f0ec122a344

HTTP Headers

GET /tds.php?sid=8051799&p1=&domain=news-civuse.com&p2=s8hnpa6u30i6&p3= HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: text/html; charset=UTF-8
location: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
cache-control: no-cache, must-revalidate
pragma: no-cache
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg

193.108.118.121

200 OK

6.8 kB

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1f7d625b", progressive, precision 8, 233x131, components 3\012- data
Size
6.8 kB (6827 bytes)
Hash
2ad4260dc1204ad8f3c0c29bd919830a
fd2ddfca32f55ba5d180af812a787e61ce136480
acc8f76a570c0833d34835f5694409e082b4af09783366596c2e151e0b0ed128

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/jpeg
content-length: 6827
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1aab"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif

193.108.118.121

200 OK

1.9 kB

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
GIF image data, version 89a, 88 x 31\012- data
Size
1.9 kB (1882 bytes)
Hash
2bcf55138cde4a65770426a67ea247fc
13d8c808a4276dc88937817d7df7720182c093f6
348fd1e58aec8d99001aca1dd12b72eafef534c2d11725b2280a173d03b5fa6b

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: image/gif
content-length: 1882
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-75a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F566ad678-65a7-4c74-8467-5fa73f0c1e16.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9731 bytes)
Hash
bc4af7bd5bdcf67a4bac63e22b5d7ce8
5c457bf5021e9336d8582eed9e84e5279e08547c
0dac79971019d06657a1948f1cedaca02b3f9eca1eae52026ad9bdd0e4137b35

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F566ad678-65a7-4c74-8467-5fa73f0c1e16.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 9731
x-amzn-requestid: 297af487-e8cf-4d0a-a30b-337cf1630f71
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_RImGLjoAMFnDg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c89d-3c4f6fa521885bd45e943d3b;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:54:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QgszcGhVatkK5TB5DXK4WVXz6OtG00uMKZ50sRGuoDom0MSVrrtbkw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:59:21 GMT
etag: "5c457bf5021e9336d8582eed9e84e5279e08547c"
content-type: image/jpeg
age: 35029
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

10.news-civuse.com/sw.js

193.108.118.121

200 OK

4.2 kB

URL HTTP/2
10.news-civuse.com/sw.js
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (4168)
Size
4.2 kB (4199 bytes)
Hash
569090f90a522f4c62af3b9e40635957
4e6f57da49920f30777f3fe71f83f6183aeb4f3f
ee8c6af307c8d085753adb810c69c8379d1e8d01211b491409c43e9edc9f6fb5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sw.js HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: application/javascript
content-length: 4199
last-modified: Thu, 01 Dec 2022 08:31:02 GMT
etag: "63886646-1067"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js

193.108.118.121

200 OK

0 B

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: application/javascript
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: W/"5d7a0ef0-f889"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css

193.108.118.121

200 OK

0 B

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-3957"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=

193.108.118.121

200 OK

0 B

URL HTTP/2
news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4= HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
pragma: no-cache
set-cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8; expires=Wed, 08-Feb-2023 08:43:02 GMT; Max-Age=3600; path=/
content-encoding: gzip
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css

193.108.118.121

200 OK

0 B

URL HTTP/2
6.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-2f3dd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css

193.108.118.121

200 OK

0 B

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-6aa0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

1.news-civuse.com/traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38

193.108.118.121

200 OK

0 B

URL HTTP/2
1.news-civuse.com/traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /traffback.php?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=&land=38 HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Connection: keep-alive
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css

193.108.118.121

200 OK

0 B

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-2f3dd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/jquery-3.2.1.min.js

193.108.118.121

200 OK

0 B

URL HTTP/2
7.news-civuse.com/lands/38/jquery-3.2.1.min.js
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/jquery-3.2.1.min.js HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: application/javascript
last-modified: Thu, 12 Sep 2019 09:33:06 GMT
etag: W/"5d7a10d2-15283"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css

193.108.118.121

200 OK

0 B

URL HTTP/2
7.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css HTTP/1.1
Host: 7.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-10b2b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

8.news-civuse.com/lands/38/jquery-3.2.1.min.js

193.108.118.121

200 OK

0 B

URL HTTP/2
8.news-civuse.com/lands/38/jquery-3.2.1.min.js
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/jquery-3.2.1.min.js HTTP/1.1
Host: 8.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:08 GMT
content-type: application/javascript
last-modified: Thu, 12 Sep 2019 09:33:06 GMT
etag: W/"5d7a10d2-15283"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:300,400&subset=latin,latin-ext

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:300,400&subset=latin,latin-ext
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Open+Sans:300,400&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 Feb 2023 07:43:02 GMT
date: Wed, 08 Feb 2023 07:43:02 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=

193.108.118.121

200 OK

0 B

URL HTTP/2
6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4= HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.news-civuse.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
pragma: no-cache
set-cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8; expires=Wed, 08-Feb-2023 08:43:06 GMT; Max-Age=3600; path=/
content-encoding: gzip
X-Firefox-Spdy: h2

5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=

193.108.118.121

200 OK

0 B

URL HTTP/2
5.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4= HTTP/1.1
Host: 5.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.news-civuse.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:06 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
pragma: no-cache
set-cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8; expires=Wed, 08-Feb-2023 08:43:06 GMT; Max-Age=3600; path=/
content-encoding: gzip
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css

193.108.118.121

200 OK

0 B

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-1327c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css

193.108.118.121

200 OK

0 B

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-10b2b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css

193.108.118.121

200 OK

0 B

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-6aa0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css

193.108.118.121

200 OK

0 B

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-3957"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=

193.108.118.121

200 OK

0 B

URL HTTP/2
1.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4= HTTP/1.1
Host: 1.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:03 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
pragma: no-cache
set-cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8; expires=Wed, 08-Feb-2023 08:43:03 GMT; Max-Age=3600; path=/
content-encoding: gzip
X-Firefox-Spdy: h2

evweinviw.com/WPMM8BgZ

172.67.154.226

302 Found

0 B

URL HTTP/2
evweinviw.com/WPMM8BgZ
IP
172.67.154.226:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /WPMM8BgZ HTTP/1.1
Host: evweinviw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: text/html; charset=UTF-8
location: https://news-civuse.com/tds.php?sid=8051799&p1=&domain=news-civuse.com&p2=s8hnpa6u30i6&p3=
cache-control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0
expires: 0
last-modified: Wed, 08 Feb 2023 07:43:02 GMT
pragma: no-cache
set-cookie: _subid=s8hnpa6u30i6;Expires=Saturday, 11-Mar-2023 07:43:02 GMT;Max-Age=2678400;Path=/
_token=uuid_s8hnpa6u30i6_s8hnpa6u30i663e3528607a604.87180578;Expires=Saturday, 11-Mar-2023 07:43:02 GMT;Max-Age=2678400;Path=/
26a99=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjI2NFwiOjE2NzU4NDIxODJ9LFwiY2FtcGFpZ25zXCI6e1wiMTUyXCI6MTY3NTg0MjE4Mn0sXCJ0aW1lXCI6MTY3NTg0MjE4Mn0ifQ.62Samd4fw5oRR2iPLiDa9yrQte2H9Wu6fzZrflakwXc;Expires=Wednesday, 18-Mar-2076 15:26:04 GMT;Max-Age=1675928582;Path=/
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mee9%2F3uwDtqtJp4UTOQ73XpW16NibUEQ3LUkSVC%2FBGuWeKthnYv0R3KsS9WaiKs7MZXQaQnBdddjFfacJdPvwEzn9BLjvZdgfd9VzwPNNnU0rVJAiPypAri3g%2Fl7kNnY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7962bb653e94b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js

193.108.118.121

200 OK

0 B

URL HTTP/2
10.news-civuse.com/lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js HTTP/1.1
Host: 10.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:10 GMT
content-type: application/javascript
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: W/"5d7a0ef0-f889"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

6.news-civuse.com/lands/38/jquery-3.2.1.min.js

193.108.118.121

200 OK

0 B

URL HTTP/2
6.news-civuse.com/lands/38/jquery-3.2.1.min.js
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lands/38/jquery-3.2.1.min.js HTTP/1.1
Host: 6.news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:07 GMT
content-type: application/javascript
last-modified: Thu, 12 Sep 2019 09:33:06 GMT
etag: W/"5d7a10d2-15283"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css

193.108.118.121

200 OK

0 B

URL HTTP/2
news-civuse.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
IP
193.108.118.121:0
ASN
#61003 GlobalTeleHost Corp.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css HTTP/1.1
Host: news-civuse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-civuse.com/lands/38/?site=8051799&sub1=&sub2=s8hnpa6u30i6&sub3=&sub4=
Cookie: clickdata=ODA1MTc5OXw6fDM4fDp8fDp8czhobnBhNnUzMGk2fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:43:02 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-1327c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (23)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL