| rosequake.com/PageCMS/NewsLetter_Click.aspx?edmID=51 | 188.114.97.1 | 301 Moved Permanently | 167 B |
URL User Request GET HTTP/2rosequake.com/PageCMS/NewsLetter_Click.aspx?edmID=51 IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash0104c301c5e02bd6148b8703d19b3a73 7436e0b4b1f8c222c38069890b75fa2baf9ca620 446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /PageCMS/NewsLetter_Click.aspx?edmID=51 HTTP/1.1
Host: rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Fri, 26 Apr 2024 20:54:17 GMT
content-type: text/html
content-length: 167
location: https://www.rosequake.com/PageCMS/NewsLetter_Click.aspx?edmID=51
cache-control: max-age=3600
expires: Fri, 26 Apr 2024 21:54:17 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r3Jg3IVZnl197HMoIkUqq0KDZBizH0EH3REPIzeYq57RTaejrZoLTE%2FU52Gku%2BEilfkcHYTK0WhsbERUwrVqBmC292WdxnRZ%2BsFU0vaEWE6e7V0mXp873QPckoNoB2Sw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a9779a1de75688-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/Swiper/11.0.5/swiper-bundle.min.js | 104.17.25.14 | 200 OK | 36 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/Swiper/11.0.5/swiper-bundle.min.js IP104.17.25.14:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65278) Hash1aba3b60641d8dc579dca329a28d74d8 1a54fa817a49108dfdf2e75ce2ae507f007ac2bd 6942f0873b6a7108e18a983b4192ad469011a8131317f88161d6f0917058da22
GET /ajax/libs/Swiper/11.0.5/swiper-bundle.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: application/javascript; charset=utf-8
content-length: 35885
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "655ecea0-8c2d"
last-modified: Thu, 23 Nov 2023 04:01:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 265008
expires: Wed, 16 Apr 2025 20:54:19 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BUqXkzqDRUY3oJs0fnIKZJndSRAqyIV9te0WGaQHU7%2BKzjrbZpW4opU2ghd4z29jDclGNMIbRfaL01BycchoQxwedpnZnCImn27mBCS2xdFJzVZMWLdkWrwAjJPkiOG9juRnwQiS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87a977a21ef256b1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/Swiper/11.0.5/swiper-bundle.css | 104.17.25.14 | 200 OK | 4.6 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/Swiper/11.0.5/swiper-bundle.css IP104.17.25.14:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (2240) Hashdedb655afa22e72add3bc9f46bdbed8c da69cab8478bbc98bd3f8cd3a75b8ca99ea2ff31 587a037b9ee024fa8e83e1a90c05cc0dcc4359c47a93173ea657f25d0480129c
GET /ajax/libs/Swiper/11.0.5/swiper-bundle.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: text/css; charset=utf-8
content-length: 4646
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "655ecea0-1226"
last-modified: Thu, 23 Nov 2023 04:01:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3689744
expires: Wed, 16 Apr 2025 20:54:19 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mfgHG7qUs5su0uK4IJVsTG80fRo6BdLua1c0nPvirvlumNqjw71lTu6CFtnSQYzEScNZ9QYNyfsuxiMwcJSXxdb3TTrbKuz14TnjVzwWCffOJL3MYFM0teGLU3wlEaVfSA3MQz7U"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87a977a22f1556b1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=AW-11401501348 | 142.250.74.168 | 200 OK | 89 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=AW-11401501348 IP142.250.74.168:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52 ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hash15a36d212eee97c084ab8b047ece28b3 73c685fe14afed5c57e4601e0e572b9b9e5ea9c5 4b4749361e10327baba3a187f1bfe1666f24a52e32b925799d717f726e94463f
GET /gtag/js?id=AW-11401501348 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 20:54:19 GMT
expires: Fri, 26 Apr 2024 20:54:19 GMT
cache-control: private, max-age=900
last-modified: Fri, 26 Apr 2024 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 88706
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.rosequake.com/images/RoseQuake.png | 188.114.97.1 | 200 OK | 114 kB |
URL GET HTTP/3www.rosequake.com/images/RoseQuake.png IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typePNG image data, 540 x 410, 8-bit/color RGBA, non-interlaced Size114 kB (113985 bytes) Hashb997cd9eaa87e5814d06814c9b8dff7a 20769ae44e304fde943d84b3cbc8c6137630a6ec 75a534c6e3aacab57d49bc39fe6abc0f96b6e71461da7c9337e7d9b49967d916
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/RoseQuake.png HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/png
content-length: 113985
last-modified: Sat, 07 Oct 2023 23:46:41 GMT
etag: "b2b35f8578f9d91:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5623
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nbQmmKb7nGfQQf%2FuOkGCQYh5pcy2FGOhfAGcb0GfMtddHGOByeORkhbrpn8%2BjN2BdVspUnLQWkbd%2FwEo71kuKJQL7xfzBvfwTVkxK%2FmHmzSC%2FyUxKHqb2Pmsyl5tbc0c4rbl9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977a25c7856c4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.googletagmanager.com/gtag/js?id=G-B1QS3P765Z | 142.250.74.168 | 200 OK | 101 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-B1QS3P765Z IP142.250.74.168:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52 ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT
File typeJavaScript source, ASCII text, with very long lines (5945) Size101 kB (100603 bytes) Hash4f1573190eee44ce2a4e19acc13ca6c8 073c9ed3a0058f243519e4467aece6b24bf67db0 7a388470baf729c054a163620c70f6e5c48437786f492a4b7468b2678d49c5fa
GET /gtag/js?id=G-B1QS3P765Z HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 20:54:19 GMT
expires: Fri, 26 Apr 2024 20:54:19 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 100603
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.rosequake.com/images/banner/ForHim.jpg | 188.114.97.1 | 200 OK | 16 kB |
URL GET HTTP/3www.rosequake.com/images/banner/ForHim.jpg IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeJPEG image data, progressive, precision 8, 250x370, components 3 Hash0bcb0688e586ccd6e854a96e1a6d3735 fab6cdd1c8a300cca54be5949e81be0f7a8d1240 ec731030ef100326fa916f2d77806ff11285cd9568ae227c160b207709ff5f4e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/banner/ForHim.jpg HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/jpeg
content-length: 16225
last-modified: Wed, 06 Dec 2023 18:13:34 GMT
etag: "b6d238ed6f28da1:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5623
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JFzaDzrX1cEm8W%2Bl1n%2F%2BK2SJU%2FcR6MLS11boa866hhtx0ON6n%2BwfkdHz46zOQFEbAtpfSVlN3UJ3TqzLJg2eTVp%2B6V7kgqkQ6MUmA8MxLHdv957E5KSY6WOktdEjZGJCkjs7Og%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977a26c8256c4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/images/banner/Couple.jpg | 188.114.97.1 | 200 OK | 16 kB |
URL GET HTTP/3www.rosequake.com/images/banner/Couple.jpg IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeJPEG image data, progressive, precision 8, 250x370, components 3 Hashec033fa43120a42803c965454f25ddea 6d4779f8b929123af1a8984271093b3c3e43a091 f4de491f8f691d2554bbbfb1aa7fd479aa50fdcb133486889cfe4776f57e54df
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/banner/Couple.jpg HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/jpeg
content-length: 16499
last-modified: Wed, 06 Dec 2023 18:14:19 GMT
etag: "6e7f1387028da1:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 6333
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hZ7jTgwNNgNo0hwJb%2F%2F1bi6b4uzKgrEJqnAzt4beCrrPP9vvu%2BEIKVTzG%2B8SRMJM7lEIw3Kg%2FRbk6ZoNCYiYSRgH%2Fos71BmYPRHeIS9WpyPw3NG63GF0H4AtwZuNBgUQxyxnTw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977a31d5756c4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/static/lib/jquery.cookie/jquery.cookie.min.js?v=cac22025232-20240427 | 188.114.97.1 | 200 OK | 17 kB |
URL GET HTTP/3www.rosequake.com/static/lib/jquery.cookie/jquery.cookie.min.js?v=cac22025232-20240427 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeJavaScript source, ASCII text, with very long lines (406), with CRLF line terminators Hashc2eb525e61d576ee386ba1adfaf736a7 db0ace78f4a6a2591545eeacb92c02d2022846d3 ab1ee99f22f107c9ae1559c920a1b7fe6cf89ec0c355a27be23669f688bf0350
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/lib/jquery.cookie/jquery.cookie.min.js?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2022 06:06:42 GMT
etag: W/"0858e306db0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hT5UeaEH4LZWSSiVjVg8YdcMGOqLY2E1PWTpWc5DUUsfGbiVHTHh%2FMl4MR%2BtQ%2Fm3pjNseXQt0AiwIE9hKRYdGV17opFPtsCaqlgXYx3TMLl672cO8cslYwIyeHsJvOYHIp7F2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a19b7256c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/static/lib/bootstrap/bootstrap.min.css?v=cac22025232-20240427 | 188.114.97.1 | 200 OK | 52 kB |
URL GET HTTP/3www.rosequake.com/static/lib/bootstrap/bootstrap.min.css?v=cac22025232-20240427 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeUnicode text, UTF-8 text, with very long lines (65302), with CRLF line terminators Hashc4d1ceed37c00ce45e73ad3eff7b3b11 8b02ab01b53a5cac0461a2fe0c0737e88691f5a5 096047f56d97ec5b954f7488aed28f752fb2b71edd8808e28ab1a5f2fe68b3d9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/lib/bootstrap/bootstrap.min.css?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: text/css
last-modified: Mon, 15 Aug 2022 06:06:20 GMT
etag: W/"09671236db0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eEz4So2pfFfLfVhjJ0JdHJ0Lz3Cc1oRqUwDzp5GmQ4bFLGXVEQ%2BCQBUhijIhss5VUQLrfKv8YU3czWsd6UZFe%2B673scKpUs7OY%2F6KUye53wTnIPhKxA0fwgPFR5Ks%2Fa8wed6DQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a15b0b56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/PageCMS/NewsLetter_Click.aspx?edmID=51 | 188.114.97.1 | 302 Found | 16 kB |
URL User Request GET HTTP/3www.rosequake.com/PageCMS/NewsLetter_Click.aspx?edmID=51 IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
Hashbb9cb59d372b768700d6382d7ec8a36a 100ef9ddfef760b01202ed652a0791637d94406d 3aeb6f04d83f8597a7f4d9b61b9ba18be225b0f242598e46907de741a86a54f6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /PageCMS/NewsLetter_Click.aspx?edmID=51 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Fri, 26 Apr 2024 20:54:18 GMT
content-type: text/html; charset=utf-8
cache-control: private
location: /
set-cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw; path=/; HttpOnly; SameSite=Lax
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L0pcmXoCQa%2FEE5bEZhADi6AXtYFudSG%2FvAtLeY31ayMVzGVyjYWF%2F0oERtDkVg01EESePBXyomdM%2BD2iUGjJsYV2L6IpNU9f2C3qShr9%2B2U83oaX1N0iHAGflh923aO3l7KMnw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a9779a8bc156c4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/theme.js?v=cac22025232-20240427 | 188.114.97.1 | 200 OK | 0 B |
URL GET HTTP/3www.rosequake.com/theme.js?v=cac22025232-20240427 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /theme.js?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: application/x-javascript
content-length: 0
cache-control: private
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: BYPASS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3vslo4jzhEoDUXFzurldm8CAuQlt6cXdSJWzDEOhF33zdttxPzdAodHYp99pKFpgSTwACPyidd2yC3tf%2BnjwrPje5LGJWjv1tx3ZPfUlPdcdX%2FL3BJXOQavvvCepEdqZNDE%2FWA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977a24c6956c4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/8934b67cc260820841e7be002b01cd49_600x.png | 104.19.235.103 | 200 OK | 74 kB |
URL GET HTTP/2img.staticdj.com/8934b67cc260820841e7be002b01cd49_600x.png IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashc7570af852efb7133595f308a6872439 af2ce68b2810dd3cf0a23353dbc9eb98590e548b aea29da31a42756938af836c3b07607b8c0312d954c29d8408c6fa4b6047f747
GET /8934b67cc260820841e7be002b01cd49_600x.png HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/webp
content-length: 73656
cache-control: public, max-age=31557600, max-age=3600, public
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=148581
content-disposition: inline; filename="8934b67cc260820841e7be002b01cd49_600x.webp"
expires: Wed, 03 Apr 2024 19:59:54 GMT
request-id: 125d14c5-15d3-4843-b8c2-4b0325a3f4e5
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 125d14c5-15d3-4843-b8c2-4b0325a3f4e5
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Apr 2024 18:59:54 GMT
cf-cache-status: HIT
age: 1328494
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0DVQVlLI6tkqBUVTjwxV8vtxwYI2%2BtNdGNyuaAZ1Nu6ueSKsYkyjz0yLyDL7WkvOnY0RXoeYrN%2F%2BEghp94qEOTc%2BO1pn8kA2z3ImY8W%2BEgGCQQq1es3R0Nfq2H%2FJtaZMoC8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=18.999815
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977a4486bb4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img.staticdj.com/83044eeea07045d893abc99643a74f88_600x.gif | 104.19.235.103 | 200 OK | 163 kB |
URL GET HTTP/2img.staticdj.com/83044eeea07045d893abc99643a74f88_600x.gif IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Size163 kB (162852 bytes) Hash83044eeea07045d893abc99643a74f88 fec1a9e1c4cd5099082aeab137b5197134bb1a05 8f9054814ffaaa62d81e5b5b753f8c4f9865caec4abf2f4885d064d9e6a4ee3e
GET /83044eeea07045d893abc99643a74f88_600x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/gif
content-length: 162852
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: status=format_not_supported
request-id: bd8a0901-e1a5-443a-9b2a-fe883e19e11a
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Sat, 27 Jan 2024 13:20:41 GMT
cf-cache-status: HIT
age: 4958775
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NZmlDQ7PmLy1QUqhVKpfF1P8xIOmkLVf6iTMfhNXwSuC2D1OUx3x6pJMzYk4mKdlNya8Vz1Ys047H67dNwI4whl4Cv49NUu7%2FYcjTGO6pa4k2f5GyRkPDE6HrxhHsJXnZC0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=20.999908
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977a4486db4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.rosequake.com/static/lib/slick-carouse/slick.min.css?v=cac22025232-20240427 | 188.114.97.1 | 200 OK | 18 kB |
URL GET HTTP/3www.rosequake.com/static/lib/slick-carouse/slick.min.css?v=cac22025232-20240427 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeASCII text, with CRLF line terminators Hashcbd721a56cee571b7894b4432b1644ff 64b55d078a6ff3ac9d916ab31017b22ad4cae4cc 051c156fd95c71e48fb3d4c69a131617be06758a4302f4d63f259ab32ced32ea
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/lib/slick-carouse/slick.min.css?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: text/css
last-modified: Mon, 15 Aug 2022 06:06:14 GMT
etag: W/"0fde1f6db0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=feblZAufEAe3IJs4OCUJjpoI2fATmuDgHq7WUT95c8jmVp64AoA6NKJNrdEaV6l6p0TOm6ZalbOpSjJDHqh7%2Fz9wGY8BNek51AzIR9t7a8GHDdS%2BPDooTLTl4ERBLQgAl%2FZZrA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a16b1c56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/static/lib/fancybox/fancybox.css?v=cac22025232-20240427 | 188.114.97.1 | 200 OK | 169 kB |
URL GET HTTP/3www.rosequake.com/static/lib/fancybox/fancybox.css?v=cac22025232-20240427 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeASCII text, with very long lines (474), with CRLF line terminators Size169 kB (168878 bytes) Hash8934fc2cc6952be05b710c87d7476178 f305054afdaf4c1df87f57a53724754cd0bc052f 1a9d522b9594ba76d8def2c0e4a6d26b6497cbce380c7ac87b51dd5548153c98
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/lib/fancybox/fancybox.css?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: text/css
last-modified: Mon, 15 Aug 2022 06:06:14 GMT
etag: W/"0fde1f6db0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6lSf0ahOO5z6ICBBU57wGtHv%2Bz4o93hqIhbQWBP8PHQsbNYdDOFFD%2B0rjZLARjplLLMhfdnBld%2BtV3F2RaeT2k%2FQX4ypD5NpTQc2BBYVV1FV2sQPOVwT2FY%2FjZ3EIZK%2FOFZyVg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a18b5256c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/static/lib/jquery.elevateZoom/jquery.elevateZoom.min.js?v=cac22025232-20240427 | 188.114.97.1 | 200 OK | 68 kB |
URL GET HTTP/3www.rosequake.com/static/lib/jquery.elevateZoom/jquery.elevateZoom.min.js?v=cac22025232-20240427 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeJavaScript source, ASCII text, with very long lines (1299), with CRLF line terminators Hashc4ab6fa36490a0cccc26ac7bbdd04c89 84c2e019f93a8db7c1607d6d9a74e3f2f9f11e00 f83b8845cc1020d205c0e74e9d68882bdda292334a8d4e4c9cddf5d7ce07e3d7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/lib/jquery.elevateZoom/jquery.elevateZoom.min.js?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2022 06:06:44 GMT
etag: W/"0b2bf316db0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CeFsN4%2B%2Bdd3OaPuoLp3AaSYknvOwTXN8yaPNuqYcxvUfGjsi08%2BVup1NOekd6xWMmOJnDYH%2Ff6XC8OAWJ6P5nZZ5PwJJOzbNpU3%2BO1yP7JWCbeYhU%2FKBfsNCYF5nJbsF1OfJqA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a19b8156c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/static/lib/bootstrap/bootstrap.bundle.min.js?v=cac22025232-20240427 | 188.114.97.1 | 200 OK | 82 kB |
URL GET HTTP/3www.rosequake.com/static/lib/bootstrap/bootstrap.bundle.min.js?v=cac22025232-20240427 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeJavaScript source, ISO-8859 text, with very long lines (65244), with CRLF line terminators Hash922da84a8e0006cd38b130a4987f6710 6a727fa12390dfb07934d52caffb1c8cc3bf8e17 f6fc102e7f94584f245c3bd6b6b38c4008a1782d7e12d4c663f43cc020190123
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/lib/bootstrap/bootstrap.bundle.min.js?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2022 06:23:40 GMT
etag: W/"0fe548f6fb0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KfjWzoLL4hO1OZk8fMl1OF8Fun3LTzT%2Bxh6%2B1kCItmDclAiA2jm7E1yqRQe00Y%2FUcexPuxLYIIe8%2FIX1hhchDDdgwgZ0wEUEOzeEZyeZEhRQZSR9S5B9ohdQVbjC6%2FG2FDd97Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a19b7456c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/c9253861e40edd923d3ac7749c815e14_600x.gif | 104.19.235.103 | 200 OK | 20 kB |
URL GET HTTP/2img.staticdj.com/c9253861e40edd923d3ac7749c815e14_600x.gif IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash5ceb632798d21262b562c46b8731325b 15c2e19115d1d84d98ebd93faae96ec5ab66bc2f f7c6f035c0a34447033bf25c1a0b75b8634a12b329da11e045ec3217b05581c8
GET /c9253861e40edd923d3ac7749c815e14_600x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/webp
content-length: 19630
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=57609
content-disposition: inline; filename="c9253861e40edd923d3ac7749c815e14_600x.webp"
request-id: 741bbce0-5b35-43c7-8ebf-d926da1639d6
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Mar 2024 05:14:12 GMT
cf-cache-status: HIT
age: 1328493
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k5W8ZWjE1HQfl9QC8pIR%2Bs9XDNH%2BNQPyDc26%2BR4BTvUbtryPGRaXWyZXfvwdqPwBDqQPJO3ZDkul5ti031RphSXMPbJEgt4MOeJZOTB5q%2BDmn%2BuY9eV%2Bdv0M%2Fhu5O%2FBZVRA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=23.000002
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977a44879b4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img.staticdj.com/0d6e8d0701e53234033de17232ab13c6_600x.gif | 104.19.235.103 | 200 OK | 33 kB |
URL GET HTTP/2img.staticdj.com/0d6e8d0701e53234033de17232ab13c6_600x.gif IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashc17bb512354bbad0517858a438ecc209 5d5b12c99f9bfb905d44670014a1deba173698b5 4161427620af49b7e95d31529bf41f533bd00854e0b425cc27fa59c4f1879b51
GET /0d6e8d0701e53234033de17232ab13c6_600x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/webp
content-length: 33024
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=88577
content-disposition: inline; filename="0d6e8d0701e53234033de17232ab13c6_600x.webp"
request-id: 41fe087b-3e90-4908-a042-de198929d72f
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Tue, 23 Jan 2024 23:13:25 GMT
cf-cache-status: HIT
age: 4958775
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XBCmcA2sd%2Bit5RuPU4IJPtMaByJ%2Bc1bD3oLAFu%2FLxUJm5%2BCcVsh%2F8wozD%2Fnem3C669dTrWofIwHaGU35%2FnRs0vwiTEQUB20vRQQP8vI2HAUKeg3pGmITPe1NZrM0WGo6x8E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=19.000053
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977a45883b4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img.staticdj.com/070d153349c79c7deb2c73960de15682_600x.jpeg | 104.19.235.103 | 200 OK | 21 kB |
URL GET HTTP/2img.staticdj.com/070d153349c79c7deb2c73960de15682_600x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash5c691090b454f1b36126b4d03ea1bf34 d47cf6b47047b65f231e4f9fa28dd95b0f693d0e 593bcf24ea1da41a5482b63134228ac274d503963897129fa24f268a460eed20
GET /070d153349c79c7deb2c73960de15682_600x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/webp
content-length: 20786
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="070d153349c79c7deb2c73960de15682.webp"
expires: Wed, 06 Mar 2024 20:01:56 GMT
request-id: c6fc1e99-4d63-44b5-9e8f-f22db30bda9d
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: c6fc1e99-4d63-44b5-9e8f-f22db30bda9d
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 19:01:56 GMT
cf-cache-status: HIT
age: 735518
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pqBajPCG74DM2N7iBCZKCUoP%2BwrufSKutqQumlM%2FPLqiAbtgWWXYN%2FlRXcbULl19DhektA%2FtCoiNmG8%2FvBSeCg7ppdDKynX0PS6tgCQlWz0jjgnzz7%2FGznQ0z%2F%2F8Y54p1Qw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=27.999878
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977a44874b4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img.staticdj.com/72767f2271b74ee198e09a21d56e3541_600x.gif | 104.19.235.103 | 200 OK | 19 kB |
URL GET HTTP/2img.staticdj.com/72767f2271b74ee198e09a21d56e3541_600x.gif IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashb27276b892f3c67098c0947293ed666a 435595e3bbfb2e6198331d3ca8eccdb01be2b937 ff19b713d662bd5a49453dd486265f365d5a32d8c50b1c210ce313727940b8d8
GET /72767f2271b74ee198e09a21d56e3541_600x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/webp
content-length: 19084
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=63049
content-disposition: inline; filename="72767f2271b74ee198e09a21d56e3541_600x.webp"
request-id: e3676804-8c34-4fdc-9850-38a06ed24b0a
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Thu, 07 Mar 2024 20:44:31 GMT
cf-cache-status: HIT
age: 3583457
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VsTFf7xTd5uadXpkkoWeBxCThyMRKX0YyWWgHD%2BAW4OzP5NAR9o1IAkUcE1sBQlImstVWJ4xhPzhqHDhtDXnalNhN9qKMFJ2whUScl69Y7cSPaPXGwRdEn%2BToR6EE%2BHBiEA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=29.999971
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977a4487eb4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.rosequake.com/static/assets/sass/sidebar/sidebar.css?v=cac22025232-20240427 | 188.114.97.1 | 200 OK | 29 kB |
URL GET HTTP/3www.rosequake.com/static/assets/sass/sidebar/sidebar.css?v=cac22025232-20240427 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeASCII text, with very long lines (41614), with no line terminators Hash30514b5eb429ab4f3e8b766d6c6ac06c a5c42cda1bb44a83c4fe9ca5221825ca1d0e53cb 31d5a65ed4f290361fa9f6431b3fda6ec771b90d0f7cc1403576637af527b9bb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assets/sass/sidebar/sidebar.css?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: text/css
last-modified: Mon, 15 Aug 2022 06:06:14 GMT
etag: W/"0fde1f6db0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8ETwcV%2BhfnLwi2izD%2B%2FDhs88mkG0pNNtgNPrp%2Fw7owI3cW5iMCn2PfDZDfTh6NQwxh77SFpMjo5Vk3Yv6AAzvKZ4xElOT9PWMUb8EKwSdkgn8cEeO7RjdDqFEgQd2a3J8fjrCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a17b3556c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/static/lib/fancybox/fancybox.umd.js?v=cac22025232-20240427 | 188.114.97.1 | 200 OK | 56 kB |
URL GET HTTP/3www.rosequake.com/static/lib/fancybox/fancybox.umd.js?v=cac22025232-20240427 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeJavaScript source, ASCII text, with very long lines (65501), with CRLF line terminators Hashb01da78c5d4905c9961b0f6edfa28c3f e51d3d15baa13e0cda9b2e6637925c74c8655a4c 691ffb9a7ea68f1b92aa89bfd4392bfe7de445a153c28ef4268aa192215d3ef7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/lib/fancybox/fancybox.umd.js?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2022 06:06:46 GMT
etag: W/"0dff0326db0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pKnFM6x2%2FdEnQucLuxS4eVjrEvcCFQeRLRBlmUSr3dfh%2FLLuq2oS9U8%2FC3wvAQIKzU7URCcXQLPgZIHvJv1EM0J9pvDXqWKd6gNrh0g%2BxSQ3x3TUbcaiqrOo5CStMDI%2BMKnsWw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a19b7e56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/3245df1dd364f2b1284301de13e1f57a_600x.gif | 104.19.235.103 | 200 OK | 32 kB |
URL GET HTTP/2img.staticdj.com/3245df1dd364f2b1284301de13e1f57a_600x.gif IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hasha6409efe2766bf6ca61a9fbb47b13d19 539281a4af53e949e0758c08acde561cd9b733fc 1ea89e37fd0728b37764328658726f9d3c9e2d81d8d9e4ab4895a77a93ee413f
GET /3245df1dd364f2b1284301de13e1f57a_600x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/webp
content-length: 31462
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=92940
content-disposition: inline; filename="3245df1dd364f2b1284301de13e1f57a_600x.webp"
request-id: 3731b15a-11e2-42fc-959d-5e73e776e91f
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Thu, 18 Apr 2024 00:37:28 GMT
cf-cache-status: HIT
age: 710352
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y8L%2BLuu4dkN7Az4oxamvilqnZk%2FAvAOG7XFgbFAA6mArOL193RBHjvPB9Soh6gUKKpEHUuxrzzWvl7D3VRgu8gflZ2pPox3oxYedeZZ14HUxTRqVbcCjD8ku8Y9B8%2FwTNHg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=26.000023
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977a44882b4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.rosequake.com/static/lib/slick-carouse/slick.min.js?v=cac22025232-20240427 | 188.114.97.1 | 200 OK | 42 kB |
URL GET HTTP/3www.rosequake.com/static/lib/slick-carouse/slick.min.js?v=cac22025232-20240427 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeJavaScript source, ASCII text, with very long lines (32026), with CRLF line terminators Hash04f7e97a54f61407f230196b17a3b5c8 e3d1d3bdc40c2e3788e2b83b1cf70084e330eaa3 254d80a49d0c9fced2fd0c272e7b868ca726df8189dc9c5735c56a33e7853dfc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/lib/slick-carouse/slick.min.js?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2022 06:06:42 GMT
etag: W/"0858e306db0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cF8P%2BDd9y2M5%2BjyBsI%2FtKOlrz2QNrp%2BJudAxUm2RLfj0HrB3hddosQzGHYx171p9yM8E8HhyYyvC2N2Z1%2B1o1oHlowtaCsTqLQgp8o8gOwSAcHLzAiK5Ikad2tpmjTU7pWoPhA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a19b7b56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/static/lib/bootstrap/popper.min.js?v=cac22025232-20240427 | 188.114.97.1 | 200 OK | 41 kB |
URL GET HTTP/3www.rosequake.com/static/lib/bootstrap/popper.min.js?v=cac22025232-20240427 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeJavaScript source, ASCII text, with very long lines (18706), with CRLF line terminators Hash777f8a32fe7ad62a6c5f1e649bc3616e 41feeaacdff5f9714848b7bbe55739185462f2ab 7a409fd037337862ad8373afd1e77781984d6961c90c00d901ae04664768b01b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/lib/bootstrap/popper.min.js?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2022 06:06:44 GMT
etag: W/"0b2bf316db0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X2Yxbop3%2FQYBBf3aIIBCuVWPV%2Bhs17mnUOLnZ3hfrbX55llj9raTHAjM8BfKFvFy9WgaMEhfwpUP1ISGLDMf8nspLKzfLsWALdogSin2aHJw1ag0UGYn%2FV%2Fn5E7Zh7Tl5%2F1I0w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a19b7856c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/4aa192c5ff5f15ea00730eeeb2f98e56_600x.gif | 104.19.235.103 | 200 OK | 36 kB |
URL GET HTTP/2img.staticdj.com/4aa192c5ff5f15ea00730eeeb2f98e56_600x.gif IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashddf34d8a6ae904b02838324a148d581c b33cde025e395b28ee2b51968e95fb4a86edd716 440b6848b4f9cdc605eebc75fbbb67e4434fc0d88afea3895ec812e8a4f7b585
GET /4aa192c5ff5f15ea00730eeeb2f98e56_600x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/webp
content-length: 36548
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=158108
content-disposition: inline; filename="4aa192c5ff5f15ea00730eeeb2f98e56_600x.webp"
request-id: 9081220b-317a-4b98-996d-ff5695cf5f41
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Wed, 17 Apr 2024 22:52:20 GMT
cf-cache-status: HIT
age: 710352
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S4IJSfSANfbRznT%2B83brdvVXYVL3niRT2ticgwuyQZp43KIn7I21sb20LsmPv9E5M3UL8t%2FasjoC9OxtX8fGvBk6OJlJPZmPZZ2JtHFWljUXR3CkqIGM8BGTR3yvk1cYA8g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=41.999817
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977a44869b4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.rosequake.com/static/CBDStyle.css?v=cac22025232-20240427 | 188.114.97.1 | 200 OK | 104 kB |
URL GET HTTP/3www.rosequake.com/static/CBDStyle.css?v=cac22025232-20240427 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeASCII text, with very long lines (1418), with CRLF line terminators Size104 kB (103765 bytes) Hash2e1858a92856a89908a456f977b96051 c9aa6018b21ba84a69e69159f75d73b41354d3ad f07cf5076ef90427551f5f5242ce673107a05737e875e9bd845628de102713d6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/CBDStyle.css?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: text/css
last-modified: Wed, 17 Apr 2024 11:40:57 GMT
etag: W/"80eaa91cbc90da1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a9vm311swpHIfkA8JU3qn3KOTPQDvQq%2BJ4gml4FPUgTVtgxTSZvfnvDKyg1tWTyqbLVL3jS%2FOxC%2FT6ShO3Y8h4aSLqSy3zC%2FMZztr%2BD07UXoAWIvckYRm%2BbCSDLrjqGImR2%2FNg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a18b5656c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/static/assets/sass/base/animation/animation.css?v=cac22025232-20240427 | 188.114.97.1 | 200 OK | 40 kB |
URL GET HTTP/3www.rosequake.com/static/assets/sass/base/animation/animation.css?v=cac22025232-20240427 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeASCII text, with very long lines (588), with no line terminators Hashae3be075920a0f6383941a562ca1d463 f69e0cf75305a350af184bfb68c8a76a4e04241b a9689c4c62542817e9915a50df62020a909a63b566cd09af80f42bd5d427b33d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assets/sass/base/animation/animation.css?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: text/css
last-modified: Mon, 15 Aug 2022 06:06:14 GMT
etag: W/"0fde1f6db0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8b6GBmB3Kegx9ey5A2Hbvawi%2BKtV8ewNvneUCcAZyPGy4tIaPP73iESkDfps7eXzTKCzpgMMNWhKrlSMSvpjW2ptqecQ5X%2Bqv2i45MebRi57DoE5Cx7m2XL2QENGu%2FstYfneXA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a17b2356c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/static/assets/sass/index.css?v=cac22025232-20240427 | 188.114.97.1 | 200 OK | 218 kB |
URL GET HTTP/3www.rosequake.com/static/assets/sass/index.css?v=cac22025232-20240427 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeASCII text, with very long lines (4799), with CRLF line terminators Size218 kB (218493 bytes) Hash3443516bacfaa66ae391b88d88e33e6f 37d95a74b0cec5732515056a2c9dae72a838f413 cad23b2d2a92fec9b54dcecf79459459a4d7bc4539bcb8c00b334bb319249038
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assets/sass/index.css?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: text/css
last-modified: Sat, 14 Oct 2023 18:20:10 GMT
etag: W/"029ee10cbfed91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wu7uk2O4j%2BLNjj63ZS%2BJhqZ%2FBedaWMKQSfaIYlSyGnf1RUrIbYWP1osQ2dMHK0sXd%2FGMs6j6Ik5Szqe8frbx1Urt5zT0TLi6xdpJsOFDclpBQydZcSZ%2FTSu%2FxaWyArLOtYKEEw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a16b1656c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/0bdfb387111342c9f79a5ed0a000e259_600x.gif | 104.19.235.103 | 200 OK | 112 kB |
URL GET HTTP/2img.staticdj.com/0bdfb387111342c9f79a5ed0a000e259_600x.gif IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Size112 kB (112056 bytes) Hash8e61e01c5c384a45493c35b8b67f25db ba74d4f3df6bb2c7f2d99bb5c4d3867f62588ea2 19be3c58378444aefd764cf358a68d5b91291c46a4e98f1bb1d04bc8d6a8f25e
GET /0bdfb387111342c9f79a5ed0a000e259_600x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/webp
content-length: 112056
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=155876
content-disposition: inline; filename="0bdfb387111342c9f79a5ed0a000e259_600x.webp"
request-id: 549646a7-189d-4877-9b90-150cfb5bf043
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Wed, 31 Jan 2024 08:06:01 GMT
cf-cache-status: HIT
age: 4958774
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S7xI90jx5KvCSUErrFNfYxzYyfZVTFq9%2F%2F8tjoqmK0%2F7gM3PWCJzTGm6VAxTBWCXg5fnF6VRQ4QWMBh4FF9hscuXjck7263hK5IoTmXXs9l9P5dOpZ7JI9lCXOmPkQIlpxE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=33.999920
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977a4486eb4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.rosequake.com/static/lib/jquery/jquery.min.js?v=cac22025232-20240427 | 188.114.97.1 | 200 OK | 166 kB |
URL GET HTTP/3www.rosequake.com/static/lib/jquery/jquery.min.js?v=cac22025232-20240427 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeJavaScript source, ASCII text, with very long lines (65446), with CRLF line terminators Size166 kB (166174 bytes) Hash3e4bb227fb55271bfe9c9d4a09147bd8 156837f75f6600ccb602b4efcbd393636c33f35e ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/lib/jquery/jquery.min.js?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2022 06:06:42 GMT
etag: W/"0858e306db0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4G0hicMTcgvnIvQ9UlGuftRZkvaOBqX2pBwYYLKh75Xub14Cn%2B6t1NBiRBjLgnAZ4ObwdDFo0canxX6TftFVvuw1FluDgKFYP9SYaKNBmzu%2B%2FhcxFMnJQ9nE59zo2mROMotyIg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a19b6f56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/static/assets/sass/base/product/component-product.css?v=cac22025232-20240427 | 188.114.97.1 | 200 OK | 158 kB |
URL GET HTTP/3www.rosequake.com/static/assets/sass/base/product/component-product.css?v=cac22025232-20240427 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeASCII text, with very long lines (39193), with no line terminators Size158 kB (158292 bytes) Hash1044c3cef197bf3574a60b7f321c86f5 be9c4ea7b19a183eec748eae25808d6e1d4b7289 c236d51685d99df1c5646a27f259badae7c284190dcff88487a6e63ff89578b2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assets/sass/base/product/component-product.css?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: text/css
last-modified: Mon, 15 Aug 2022 06:06:14 GMT
etag: W/"0fde1f6db0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ISQa1MjRnWEW3rSadwW0FejbMYvT5PwaqBw%2F6fkSSQGVGrymIZBgF1P3LzpTgtkzpZWeTJJRqQOxPZWntPSkHl6OR%2FFLd1bU0zfhssXIqQxcGuarXX63hmBaEVi9aGyb4iFNsw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a17b2b56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/static/assets/sass/popup/popup.css?v=cac22025232-20240427 | 188.114.97.1 | 200 OK | 262 kB |
URL GET HTTP/3www.rosequake.com/static/assets/sass/popup/popup.css?v=cac22025232-20240427 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeASCII text, with very long lines (10522), with CRLF line terminators Size262 kB (262042 bytes) Hash482bbe70e21e778f2c511a467d994090 5ac17271181cc9bb17adc708b7645208b11c532f ada0ffd438f67248313dce1f0f7e7c391e48d0f1089a06900892f827b721dc17
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assets/sass/popup/popup.css?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: text/css
last-modified: Sat, 28 Oct 2023 21:20:33 GMT
etag: W/"8066b995e49da1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A95e1D5z%2Bbddm3xruB1pDFW8NEKvDkP%2BP%2B0vIlOmAh5%2Fv5o5sU0bmtu4aoXWJH65w20DKQm6J0MP%2FMaicgD%2FUlfU0t5z7tf3BvVL7DLPk%2BhhYu40B0cd2mLztZ8CmBq6i8wqkg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a17b3456c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/theme.css?v=cac22025232-20240427 | 188.114.97.1 | 200 OK | 0 B |
URL GET HTTP/3www.rosequake.com/theme.css?v=cac22025232-20240427 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /theme.css?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:20 GMT
content-type: text/css
content-length: 0
cache-control: private
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: BYPASS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YAi%2FGc6cAFBDyUR1zsdkR75U02hHeEF1TWyJstDSXYHz6mSg4rGYOZgNuiGzw22%2FpVmGg5MyXNN1OkSxFO4dfD9N7KOzbFViQ0JHUC8d4Huj%2BTdO68%2FEjpaVVIT6QOLBUKVd3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977a24c6756c4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/8c6a27ad6c0d760d145addd96253ebaa_600x.png | 104.19.235.103 | 200 OK | 204 kB |
URL GET HTTP/2img.staticdj.com/8c6a27ad6c0d760d145addd96253ebaa_600x.png IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Size204 kB (204004 bytes) Hash79466905c32ff2a6d0c347b5e9515642 aa715ae401bdbc2e5778f3edc476b6438ffdba98 d62d135e95ca264042e19e4f9b50a106879d046a403e34847a13c4911d2f3a63
GET /8c6a27ad6c0d760d145addd96253ebaa_600x.png HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/webp
content-length: 204004
cache-control: public, max-age=31557600, max-age=3600, public
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=375970
content-disposition: inline; filename="8c6a27ad6c0d760d145addd96253ebaa_600x.webp"
expires: Thu, 11 Apr 2024 23:25:02 GMT
request-id: 9b4c627f-8025-435f-a73f-81a840b575bd
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 9b4c627f-8025-435f-a73f-81a840b575bd
x-xss-protection: 1; mode=block
last-modified: Thu, 11 Apr 2024 22:25:02 GMT
cf-cache-status: HIT
age: 1072530
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b%2BnAtsaBAwEvEFlzhHtzpg8gOcj%2FQdeLGFngGbQVa4Pq4ZwHs76bxCeSu4JlYeucAagW0ie1I2xB6NW8kdIZmh5TnrE%2F1BuFnoOMZGLummH1C1tQpcQ6MgOllx7Z9YOPp20%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=84.999800
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977a4486cb4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.rosequake.com/images/loading4.gif | 188.114.97.1 | 200 OK | 6.6 kB |
URL GET HTTP/3www.rosequake.com/images/loading4.gif IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeGIF image data, version 89a, 60 x 60 Hashee3e67267342c680d45aa26e7a766e0a 456c0413f2d2d7b41218ecc02207c05c31ab4737 ddaf92bbcc4785ceb3b77454898fae6603a82a75ff1b646dd8c387e9bbeb9922
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/loading4.gif HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw; _gcl_au=1.1.1780305057.1714164860
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:20 GMT
content-type: image/gif
content-length: 6581
last-modified: Wed, 13 May 2015 02:06:07 GMT
etag: "7c219c5f218dd01:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5623
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ANazlqPtlQn8xZVIczgnxg0bLm22HarNwFWLDQ3j4d%2FPZgcEaORn5%2FuPRP9i1UKHTqEvwRM5gFbxcogN%2BxjEWARQ4EoSwXNctl0ysqdAyQnr6QaUG0HOzwZ1SaT6RX0z%2BqHbTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977a9fca456c4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/static/assets/js/theme.js?v=cac22025232-20240427 | 188.114.97.1 | 200 OK | 13 kB |
URL GET HTTP/3www.rosequake.com/static/assets/js/theme.js?v=cac22025232-20240427 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with CRLF line terminators Hashc5469e9f0e448739e77e540bd0f1d8f5 8527e3f640254d4b9c23d5cc4f9cb205298eec58 dbabd00d3fa2893d1bef0085bc67ddb5624e3cfd72064d07f4b67bd63a011ba0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assets/js/theme.js?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw; _gcl_au=1.1.1780305057.1714164860
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:20 GMT
content-type: application/javascript
last-modified: Tue, 05 Mar 2024 22:04:51 GMT
etag: W/"80c34d25496fda1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2172
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ucbNPx%2B0KC2zoru3hg35PYnttmzDWoDdiJJZjpO9ziWCKmQFmDciLjTdv4Do9eCphezFFzjwdVg1yXAIE8BJm%2FrSAOlui45sAep6IEk0T9f%2BGOcAo1mSdrleSKunRaL7bzgs8g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a9fca956c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap | 142.250.74.106 | 200 OK | 5.5 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap IP142.250.74.106:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50 ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT
File typegzip compressed data, max compression Hashf7e1a96ecc17bb8274fbcbe020e61eb4 ddd26febbc0abdb2e90ce871e1d0ea63bb5c6dc0 8d1b7c6ff71876bc5843116e8b9204d3aed8c4870f4fc8350dfbbb1e39362623
GET /css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 20:54:20 GMT
date: Fri, 26 Apr 2024 20:54:20 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.rosequake.com/js/jquery-ui-1.13.1.custom/jquery-ui.min.js?v=cac22025232-20240427 | 188.114.97.1 | 200 OK | 19 kB |
URL GET HTTP/3www.rosequake.com/js/jquery-ui-1.13.1.custom/jquery-ui.min.js?v=cac22025232-20240427 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeJavaScript source, ASCII text, with very long lines (37264) Hashb74c18de0056ed87c5e712eb21074f98 fc1fa797cac8bb89a1416aa2662b2cd74d851d60 4502cf3c096b98c6ed963242ce158fce517d3afd00982d2a8daddce91f30375a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/jquery-ui-1.13.1.custom/jquery-ui.min.js?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw; _gcl_au=1.1.1780305057.1714164860
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:20 GMT
content-type: application/javascript
last-modified: Tue, 05 Apr 2022 21:33:12 GMT
etag: W/"05c40c03449d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2172
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j%2B9ql43yBd2opaWlkr6G5xeHwI3Pw%2Bq4DjfcTLMY%2FcGwUJRb3m8aFEyPpH6JoBSlF7Aix2RpZNNOSPGYEN7HgwB7tcfAqjvCL8LNi4IsesVdF5y5x17uNfwqwWq8vX2JRFsidw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a9fcb056c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| we.chatsoftly.com/js/im_load.js | 172.67.194.34 | 200 OK | 10 kB |
URL GET HTTP/2we.chatsoftly.com/js/im_load.js IP172.67.194.34:443
Requested byhttps://www.rosequake.com/ CertificateIssuerLet's Encrypt Subjectchatsoftly.com FingerprintB5:CE:E5:95:0F:6B:BB:E2:D4:E0:32:34:86:00:B8:EB:C8:3F:A6:E5 ValidityWed, 06 Mar 2024 04:41:15 GMT - Tue, 04 Jun 2024 04:41:14 GMT
File typeJavaScript source, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Hashcc1080d492f422ebfdcc091aa525580d 249685a9d4bec1dd1c3f7761254ef9d23265fad4 9c4416858603f97c66642e57c2a727280558f897be9cd9e52bee4e631ad48671
GET /js/im_load.js HTTP/1.1
Host: we.chatsoftly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:20 GMT
content-type: application/javascript
last-modified: Wed, 13 Sep 2023 15:41:56 GMT
etag: W/"07a42d358e6d91:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2172
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=reBamseatjDagbTwLqCuVsk9fDTPsdZoQRnMP0PQIDAFodoISNDbBfY2Obbaem8kUvk7bF4mpfRZlKyZSvhxDs5itR%2Bf9M7mnQ0Cc73%2BqowcvMfuGfVXiG0997tslk%2BmzoFyZw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977aa581256a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.rosequake.com/images/bg.png | 188.114.97.1 | 200 OK | 90 kB |
URL GET HTTP/3www.rosequake.com/images/bg.png IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typePNG image data, 750 x 900, 8-bit/color RGBA, non-interlaced Hashccf77e016e248189f1010ef460854b41 ba7980d6188a7581acc6e8e38c7bb3d3377af87b 58eab8be48f2cdd0eff40a5c8834dee3df3295020cc35104611ea2d0346357f9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/bg.png HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/static/CBDStyle.css?v=cac22025232-20240427
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw; _gcl_au=1.1.1780305057.1714164860
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:20 GMT
content-type: image/png
content-length: 89690
last-modified: Mon, 16 Oct 2023 18:33:27 GMT
etag: "82b653415f0da1:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5623
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=40%2Bf03fwNHfuop0PNe6yqEPMsjgyUOCukZ0whcvnZSQLNEO1qYxO3IxnYK2LzrIDjEF4lUhM1bT9kOndLT1qvVS0TVCE3joprUup5imNvyr%2BSuT5NKpFFaEZDzEYcc7vrgMmBA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977acbfb956c4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| global.akating.com/Images/country_list_bg.png?v=d | 104.21.11.35 | 200 OK | 73 kB |
URL GET HTTP/3global.akating.com/Images/country_list_bg.png?v=d IP104.21.11.35:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectakating.com FingerprintA8:7E:17:08:6D:10:CF:53:D4:98:D4:CE:50:7C:4A:15:9B:62:1D:62 ValidityFri, 19 Apr 2024 10:57:59 GMT - Thu, 18 Jul 2024 10:57:58 GMT
File typePNG image data, 20 x 5477, 8-bit/color RGBA, non-interlaced Hash6c82c39a53d564744f41787731157fe9 c1ed91eb19f49725887d7b8b5d72607500744b5a 0584c02871ac6487ab8a93f4d6a5c1d1b8100061d7485cae1de3e7dcab8ad347
GET /Images/country_list_bg.png?v=d HTTP/1.1
Host: global.akating.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://global.akating.com/files/css/countryFlag_s.css?v=cac22025232-20240427
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:20 GMT
content-type: image/png
content-length: 72595
last-modified: Sun, 03 Jul 2022 14:09:02 GMT
etag: "0d36072e68ed81:0"
x-powered-by: ASP.NET
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 5623
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M%2FvWkvrWJyBmqrwMAt24196mrDKEOXR2RwlQkaWZm35ovllMaVKuIY9U%2BL72df3zsjB2I7m6dVLloJg6hpQplGg%2FmAOonBT4OwkAlPt6aMjZfBSs5NwIcIjetN2cujsukOuYup4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977acbf205694-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/Images/country_list.png?v=dw11211221 | 188.114.97.1 | 200 OK | 151 kB |
URL GET HTTP/3www.rosequake.com/Images/country_list.png?v=dw11211221 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typePNG image data, 48 x 9428, 8-bit/color RGBA, non-interlaced Size151 kB (151317 bytes) Hash161094bc7dd657d7e721cb097797d48b 46239a5b5d7a4c0c0139e75389356d9a72cc0928 6f97ccec9e464f5cf66d78ad6713a62bb949d02ec98ba7fa4cfcf4587dae7ae5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Images/country_list.png?v=dw11211221 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/css/country-flag.css?v=cac22025232-20240427
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw; _gcl_au=1.1.1780305057.1714164860
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:20 GMT
content-type: image/png
content-length: 151317
last-modified: Fri, 04 Aug 2023 21:08:11 GMT
etag: "fe4e7dc617c7d91:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5623
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hSHECLDh9NMB4%2FIZDosi2upSMgVND5FoSJjsG%2FR3wnC2uF3%2F3p8Gi%2F3GlR9klYbXnmhjcxjgl%2FwT9F%2FOV2UFYREpAk4zMvi1EvUwafNyRmUIKsVUWWLXAWrNNCbQ22oEOT%2FULg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977acbfcc56c4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/images/loading.gif | 188.114.97.1 | 200 OK | 781 B |
URL GET HTTP/3www.rosequake.com/images/loading.gif IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeGIF image data, version 89a, 16 x 16 Hash21ab0717cf57aea00e222e6570678b35 d76c0624c7598ffa603475a1ece2ba4e18355879 82d0c69a839a750eeb6bd5d94b7a94ab87b006924e97479ce8c55dc13b39ee11
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/loading.gif HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/static/CBDStyle.css?v=cac22025232-20240427
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw; _gcl_au=1.1.1780305057.1714164860
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:20 GMT
content-type: image/gif
content-length: 781
last-modified: Wed, 13 May 2015 02:03:29 GMT
etag: "c16ee41218dd01:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 6332
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Edijb9gNWucav5OZa6gf5kJNM7XUnXPLF80ofKRXzUprKLXznNEqt16JxfqHXOoDNq24Bf0FW0U0xywIFyfU5cqsy4BE0E5GBRaxjrhLd1ZDGvB2GCGfvSFgfoQGFT050bpBRw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977acbfce56c4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.googletagmanager.com/gtag/js?id=G-B1QS3P765Z&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 100 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-B1QS3P765Z&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52 ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT
File typeJavaScript source, ASCII text, with very long lines (5945) Size100 kB (100495 bytes) Hashac74ef9c101add7f2511db4ec05a2348 ebb4423f4cc725ffc2eda07934edd50f8ee98503 28599a49851b73cf7f213aada728ac39c7bf68925de2fe36df01adef1aca3f86
GET /gtag/js?id=G-B1QS3P765Z&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 20:54:20 GMT
expires: Fri, 26 Apr 2024 20:54:20 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 100495
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 | 216.58.207.227 | 200 OK | 7.8 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 IP216.58.207.227:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7816, version 1.0 Hash25b0e113ca7cce3770d542736db26368 cb726212d5d525021752a1d8470a0fb593e0c49e 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rosequake.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 05:54:37 GMT
expires: Sat, 26 Apr 2025 05:54:37 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:00:32 GMT
content-type: font/woff2
age: 53984
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 | 216.58.207.227 | 200 OK | 7.7 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 IP216.58.207.227:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7748, version 1.0 Hasha09f2fccfee35b7247b08a1a266f0328 0da2d17e738f46d2a09e6fb7969da451719a9820 cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rosequake.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 03:25:26 GMT
expires: Wed, 23 Apr 2025 03:25:26 GMT
cache-control: public, max-age=31536000
age: 322135
last-modified: Fri, 22 Mar 2024 00:01:14 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 | 216.58.207.227 | 200 OK | 8.0 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 IP216.58.207.227:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 8000, version 1.0 Hash72993dddf88a63e8f226656f7de88e57 179f97ec0275f09603a8db94d4380eb584d81cd5 f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rosequake.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 05:53:26 GMT
expires: Sat, 26 Apr 2025 05:53:26 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:00:59 GMT
content-type: font/woff2
age: 54055
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.rosequake.com/js/layer.mobile/need/layer.css?v=cac22025232-20240427 | 188.114.97.1 | 200 OK | 11 kB |
URL GET HTTP/3www.rosequake.com/js/layer.mobile/need/layer.css?v=cac22025232-20240427 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeASCII text, with very long lines (5260), with no line terminators Hash633915e62d14a714594b95b974ee0836 e11ebb64a70272c4f35b92fea064f27c4b87efad eecc7effcae5f246e6212c30c525cee9e11cadedc7d32aa6def213f1a90d98f6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/layer.mobile/need/layer.css?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: text/css
last-modified: Fri, 26 Aug 2016 09:35:36 GMT
etag: W/"024e0327dffd11:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uUqeql845e3yoigOAzGVm%2Bn2pH1TzC1RXoDWaaA2DTKpKGJQQpvFbVq4k1%2BLsp0tIGowO8%2BSV9PMGU%2FSAJKRInFrq3dzkjpBUjVJ2MztWa8gonTIAMjh%2BwxURkTTlvG5emZXSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a21c1956c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 | 216.58.207.227 | 200 OK | 7.9 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 IP216.58.207.227:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7884, version 1.0 Hash9212f6f9860f9fc6c69b02fedf6db8c3 ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rosequake.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 05:53:15 GMT
expires: Sat, 26 Apr 2025 05:53:15 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
content-type: font/woff2
age: 54066
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.rosequake.com/css/iconfont/iconfont.woff2?t=1657020896111 | 188.114.97.1 | 200 OK | 38 kB |
URL GET HTTP/3www.rosequake.com/css/iconfont/iconfont.woff2?t=1657020896111 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 37788, version 1.0 Hashfda53bb64e7c76c9fd7a3feece87baf9 85ea2d508fa5da02d79f393b5779d61e1f3e0d46 868fa7e9273b2874aaa642ace965973f6ec2fba27d5da30211d42f299e54ea74
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/iconfont/iconfont.woff2?t=1657020896111 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/static/CBDStyle.css?v=cac22025232-20240427
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw; _gcl_au=1.1.1780305057.1714164860
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:21 GMT
content-type: application/font-woff2
content-length: 37788
last-modified: Sun, 31 Jul 2022 07:35:49 GMT
etag: "80b86b27b0a4d81:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 6335
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TTXcZQBnMdjH5UBosAXKZUor4sXoVPuT3P8y%2Bd%2FL8XYryhzRmyCLPgQnVAW1e9vHNi9eyBlsS%2Fv7zxg01tSY%2FFxEw0NN3cvTQgv1JT5txKxohN7popOVu4EVtH%2BkBsllrxMX5A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977ae090d56c4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/static/image/loading-0.gif | 188.114.97.1 | 200 OK | 5.8 kB |
URL GET HTTP/3www.rosequake.com/static/image/loading-0.gif IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeGIF image data, version 89a, 60 x 24 Hasha72011ccdc2bcd23ba440f104c416193 ba81388bbac5bc223f94489b97a95a13f3c78e47 07236f6814a40623bab43f2043860c97678bc7deedbf06feff92f0d6e6673bf5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/image/loading-0.gif HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/static/CBDStyle.css?v=cac22025232-20240427
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw; _gcl_au=1.1.1780305057.1714164860
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:21 GMT
content-type: image/gif
content-length: 5793
last-modified: Tue, 05 Dec 2017 03:57:25 GMT
etag: "5ac952297d6dd31:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5624
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dFSvp0Guulvj1a%2FCnRmONK6XDZLb0TcKJm9SC0Zxu%2Fe1j11sHDu1L0gBVHMR3oYn0Pl5P%2Bu7M8aBrHMfRwlNBvyvjxRjuHMNwCjwY8i8AkXyfL8jjm28HbgC%2BYU4Df3rBsYFBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977ae191156c4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/static/lib/masonry/isotope-masonry.pkgd.min.js?v=cac22025232-20240427 | 188.114.97.1 | 200 OK | 19 kB |
URL GET HTTP/3www.rosequake.com/static/lib/masonry/isotope-masonry.pkgd.min.js?v=cac22025232-20240427 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeJavaScript source, ASCII text, with very long lines (32019), with CRLF line terminators Hash5fb7c19c9c51cfb99f5ff942629f0f21 14c7f59e73d2a99aa688c2443a9a9b24acbff43c a931e5af561b1f0efaf6cdb96aeac4c035c30756dd6edd1091da1a68747d35bc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/lib/masonry/isotope-masonry.pkgd.min.js?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw; _gcl_au=1.1.1780305057.1714164860
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:20 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2022 06:06:48 GMT
etag: W/"0c22346db0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2172
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gxQtSmkbK476oGUO59Mx3aXhIzCSQ4k70oY%2FOPJe4qs7bkGaHld8tqiJmK6xZaB6oOwnU0cUJ19o5rU97z0hdC6SxP5fIaXG88sZVqzniUTo561hUZUWct%2BWtqvp6vmMw7ahSw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a9fca756c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdn.shopify.com/videos/c/vp/5c4e8ab37b8f49b5823ee2567a37a3e0/5c4e8ab37b8f49b5823ee2567a37a3e0.HD-1080p-4.8Mbps-19618712.mp4 | 23.227.60.200 | 206 Partial Content | 3.2 MB |
URL GET HTTP/2cdn.shopify.com/videos/c/vp/5c4e8ab37b8f49b5823ee2567a37a3e0/5c4e8ab37b8f49b5823ee2567a37a3e0.HD-1080p-4.8Mbps-19618712.mp4 IP23.227.60.200:443
Requested byhttps://www.rosequake.com/ CertificateIssuerLet's Encrypt Subjectcdn.shopify.com Fingerprint34:CE:56:3A:83:8F:D8:06:E6:52:5C:6D:DE:D5:CD:92:EE:F0:79:DF ValidityTue, 05 Mar 2024 12:27:42 GMT - Mon, 03 Jun 2024 12:27:41 GMT
File typeISO Media, MP4 Base Media v1 [ISO 14496-12:2003] Size3.2 MB (3205331 bytes) Hashfd5e187806b02991081a2c8489f00301 b645a0b0b6e16013fbb595ce978300c38c57da22 115e483747fd69f0c0258846c9ec198896819a2853d5367a789b00de108a60de
GET /videos/c/vp/5c4e8ab37b8f49b5823ee2567a37a3e0/5c4e8ab37b8f49b5823ee2567a37a3e0.HD-1080p-4.8Mbps-19618712.mp4 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
date: Fri, 26 Apr 2024 20:54:21 GMT
content-type: video/mp4
content-length: 3205331
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Range, Access-Control-Allow-Origin
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/videos/c/vp/5c4e8ab37b8f49b5823ee2567a37a3e0/5c4e8ab37b8f49b5823ee2567a37a3e0.HD-1080p-4.8Mbps-19618712.mp4>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: 281143b7-4155-48b6-b2bf-cd9d30ba97d1-1709760439
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,gcp-us-east1
last-modified: Wed, 06 Mar 2024 21:27:19 GMT
cf-cache-status: HIT
age: 2060870
content-range: bytes 0-3205330/3205331
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mslYrg6a10GVigSeLnJaCNFvlsb1PitwqKiX7AbaUMz1jdUYDNmsdqq9GjhPKC%2F6mXENS%2B1L%2BpNLb0hsled9lmcHOnGkB8qkXTNDnJXxh%2FxRkVOnJbVM1UGv4spKPyoh6g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server-timing: imagery;dur=145.663, imageryFetch;dur=145.133, cfRequestDuration;dur=13.999939
server: cloudflare
cf-ray: 87a977aeca3856bb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.rosequake.com/cdn-cgi/challenge-platform/scripts/jsd/main.js | 188.114.97.1 | 302 Found | 0 B |
URL GET HTTP/3www.rosequake.com/cdn-cgi/challenge-platform/scripts/jsd/main.js IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw; _gcl_au=1.1.1780305057.1714164860
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Fri, 26 Apr 2024 20:54:21 GMT
content-length: 0
cache-control: max-age=300, public
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bbbNQVt7K5fl9LnbvnAwIxk3o4ETmlN8u9s5NtZFRj6lpq9%2Fe%2BBGNEa6Nh%2BrkBLJtDMGybMOyqyo7TiWq%2BWREss%2FX7LT9KMaqX7kvDTZuFJfrwahFdQMwGy6AYR8PSwir6rrYg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977b04b5e56c4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| web.cbdcdn.com/file/2024/03/10/6af5f59f3be2493b978f6183f82438ab.jpg | 104.21.15.17 | 200 OK | 349 kB |
URL GET HTTP/2web.cbdcdn.com/file/2024/03/10/6af5f59f3be2493b978f6183f82438ab.jpg IP104.21.15.17:443
Requested byhttps://www.rosequake.com/ CertificateIssuerLet's Encrypt Subjectcbdcdn.com FingerprintBF:02:F6:35:4B:B4:AA:9C:11:18:17:94:E4:5F:36:DE:60:E1:F5:D0 ValiditySat, 06 Apr 2024 06:43:03 GMT - Fri, 05 Jul 2024 06:43:02 GMT
File typeJPEG image data, progressive, precision 8, 1920x667, components 3 Size349 kB (348684 bytes) Hashb5bf33f28c5fa82e80a08995f1c53d71 6d153ffd7cb82c18d4a6494295bf0276ff67d6f5 3b35651386715db3ce846c2af57dbc88e9861691886944711b31bbe8e9880766
GET /file/2024/03/10/6af5f59f3be2493b978f6183f82438ab.jpg HTTP/1.1
Host: web.cbdcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:21 GMT
content-type: image/jpeg
content-length: 348684
x-oss-request-id: 65FE1F60F1151CBBDD422DC0
etag: "B5BF33F28C5FA82E80A08995F1C53D71"
last-modified: Sun, 10 Mar 2024 12:39:54 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 2898822139854134682
x-oss-storage-class: Standard
content-md5: tb8z8oxfqC6AoImV8cU9cQ==
x-oss-server-time: 233
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fv5nzp567LzWdPO8u5AsaKzLYuxUkU%2BnEdlbOHeUl%2FaXlYFO43K324WjEI1C6GKLHOBLjLamm6vpYc6AudSC3i6LsWuEJmhbJdowuO2MAK5ynKlpNot%2BMhuOHU37xNzLJw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977af3c990b59-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.rosequake.com/cdn-cgi/challenge-platform/h/b/jsd/r/87a9779c6dc856c4 | 188.114.97.1 | 200 OK | 0 B |
URL POST HTTP/3www.rosequake.com/cdn-cgi/challenge-platform/h/b/jsd/r/87a9779c6dc856c4 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/jsd/r/87a9779c6dc856c4 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12151
Origin: https://www.rosequake.com
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw; _gcl_au=1.1.1780305057.1714164860; _ga_B1QS3P765Z=GS1.1.1714164861.1.0.1714164861.0.0.0; _ga=GA1.1.379596347.1714164862
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:21 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: cf_clearance=kbCUiwrgr269rrXfQfhT2.QA72LxwNcT_RGTVyI8PZk-1714164861-1.0.1.1-IUuCBYJG.SHnX3ZpoOA4LNplNS2TjQnYKA2dG2IgHVKRUxUTJhzUEMKsgAEL8hgn7cK8R1I.BdEYxFrGMYLejA; path=/; expires=Sat, 26-Apr-25 20:54:21 GMT; domain=.rosequake.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cyYvqLxBYBF1xI9rJc5ZxRTE44jK0UtcjkV8mnHRXnjiWG2bxk%2BEYDDP9kgYLKtOADZkIvC%2FwyHue8kIZu%2FenyNhFVDXxddaOnYV0ku0qbBMNCKTaWQYHf0C5ye7RpY5oOBWjw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977b33e2d56c4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/e33588be6cde09c48fb6e061a2688ebb_100x.gif | 104.19.235.103 | 200 OK | 3.8 kB |
URL GET HTTP/3img.staticdj.com/e33588be6cde09c48fb6e061a2688ebb_100x.gif IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash2f02bb779ddb9bdb398e0fefdd465349 ba99cb7cb9caca4daac8c9da27a6a58a612cf742 fae85899b8b333f33bb0e5a15aea0948f15c27b4a2f8fdd53762ef3b037ff1a2
GET /e33588be6cde09c48fb6e061a2688ebb_100x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:21 GMT
content-type: image/webp
content-length: 3810
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=6119
content-disposition: inline; filename="e33588be6cde09c48fb6e061a2688ebb_100x.webp"
request-id: 27a6a0a7-3e31-4fb6-91b7-b2d73c05f98b
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Thu, 11 Apr 2024 22:51:43 GMT
cf-cache-status: HIT
age: 710347
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E483jAgo0H9pd3Ao80y1T%2FAAVYWXBAvrxIk6dxCW6ssykTmRYHhA76xY8wpbgW3ps1jZQJ6NA4tF76Povqiv7zsKYaRQslSN9BadKbo2MuenaEQyx5A53wl3YnHp39wNlSU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=21.999836
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b34ac2b4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/45a2c95a69cd27a85ef342bf2daa3c00_100x.gif | 104.19.235.103 | 200 OK | 24 kB |
URL GET HTTP/3img.staticdj.com/45a2c95a69cd27a85ef342bf2daa3c00_100x.gif IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashb015fe5843ec4ee5498184ac437d459f 0c4639d22722561f1d9497c59dc566045a8cdb11 a4a6cde65a86e5f12012f31a1e64b958244fc90395346fd43701a4385cfba28a
GET /45a2c95a69cd27a85ef342bf2daa3c00_100x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:21 GMT
content-type: image/webp
content-length: 24518
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=26770
content-disposition: inline; filename="45a2c95a69cd27a85ef342bf2daa3c00_100x.webp"
request-id: 162a42e8-c479-4617-a490-bf2e2c869789
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2024 12:51:34 GMT
cf-cache-status: HIT
age: 1328495
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=724QLm4XeMdDinCrzmDbFXmVfW1TAwN3RVKD%2F8Z8CloQhjH6v%2BoC2I6WttPAeSsmzkQPtE6diJ3riZM%2FGp%2Fo5nJGQDFuWkhpq7utNaUiKODdgbBTWH8n0ys6gZRpz5TK0%2F4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=29.999971
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b34ac3b4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/bd2be3f97a8263d0c341798c28f90346_100x.gif | 104.19.235.103 | 200 OK | 3.5 kB |
URL GET HTTP/3img.staticdj.com/bd2be3f97a8263d0c341798c28f90346_100x.gif IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hasha54fff23d8193dcb16a5de6ecb236bf2 3eafc61d33c7ad871e5ef7ef10a9a9b69357e250 2b1217d010a990cb46e54c2fb7a92f872332a08b06aa807a2f69992d860580b5
GET /bd2be3f97a8263d0c341798c28f90346_100x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:21 GMT
content-type: image/webp
content-length: 3460
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=6844
content-disposition: inline; filename="bd2be3f97a8263d0c341798c28f90346_100x.webp"
request-id: 99328114-fabd-487a-93a0-19541baab3f3
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Fri, 19 Apr 2024 11:35:33 GMT
cf-cache-status: HIT
age: 626325
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=teD8uW22j5Su1KOfeSz5QDfb0tJqZzyfs0q3Bfi8NXR40OOM5d7xpFsswJUNkO%2FU6KRowSIZNc1gj%2FgPqT09CaaNQY%2F33QWNIdKakZDWhRH4JP9UVDVhggPaZpZdT6JfM7k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=30.999899
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b34ac4b4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.fantaskycdn.com/75e2af75b44da5f6cd9c193aecb5a548_600x.jpg | 104.18.21.211 | 200 OK | 43 kB |
URL GET HTTP/2img.fantaskycdn.com/75e2af75b44da5f6cd9c193aecb5a548_600x.jpg IP104.18.21.211:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectfantaskycdn.com Fingerprint72:FB:90:36:3F:60:4D:C3:71:A5:77:4E:63:A8:50:5B:B3:2D:0C:6E ValidityThu, 25 Apr 2024 11:02:19 GMT - Wed, 24 Jul 2024 11:02:18 GMT
File typeRIFF (little-endian) data, Web/P image Hash1d002d2cceb28edf9f4f802f7e448a21 ce2ef5c9c01a667fac09936fec61a6fe3b81cf0b 549619640a9ba26ec114ededd8af8772d1b554b7d584c3ea15bdd809861d75b9
GET /75e2af75b44da5f6cd9c193aecb5a548_600x.jpg HTTP/1.1
Host: img.fantaskycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 43186
cache-control: public, max-age=31557600
content-disposition: inline; filename="75e2af75b44da5f6cd9c193aecb5a548.webp"
expires: Sun, 27 Apr 2025 02:54:22 GMT
request-id: 103ec4cd-2ec2-4f15-a3ed-a542425bd3a2
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 103ec4cd-2ec2-4f15-a3ed-a542425bd3a2
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 22:34:41 GMT
cf-cache-status: HIT
age: 710348
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b3bd6a0b61-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.rosequake.com/js/video-js.min.css | 188.114.97.1 | 200 OK | 60 kB |
URL GET HTTP/3www.rosequake.com/js/video-js.min.css IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeASCII text, with very long lines (45950), with no line terminators Hashfbc92259a04709e2f8a10960e574e5fc c03562e5c2c407426076f7f844f0c634631ea0f0 48876176ecb5cf6cdb8e7d91c8d63b89f6bc3fa8fb4b67a595c0a59940a433a6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/video-js.min.css HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: text/css
last-modified: Thu, 26 Oct 2023 05:20:16 GMT
etag: W/"50afb71acc7da1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5623
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S6IgsVj99PrBh97vXeN7UVnkEEGY9snQVdSgqS3Q9uOjaOlIhDURanrVX08y5NgC9mjh7FgZPoPW2b58arB4qd1nlNSjU3qo%2BwrzCDcoYdswWbVG8Z2MjSZzUUN17TZZL5isPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a24c5c56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/3767a66f878a8bb251fec712221a2809.png | 104.19.235.103 | 200 OK | 80 kB |
URL GET HTTP/3img.staticdj.com/3767a66f878a8bb251fec712221a2809.png IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash3c450f4f2e8970abb3da014e75c849b4 5778751906436229db18ac23694ee0269b2e9934 e534cf17aecbc3189015e7a225aa82c83be16b57036dc09ece578147ed1b9705
GET /3767a66f878a8bb251fec712221a2809.png HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 80406
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=128110
content-disposition: inline; filename="3767a66f878a8bb251fec712221a2809.webp"
request-id: 0763fafa-6c70-4e57-b825-e1dd52692035
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Thu, 08 Feb 2024 17:08:26 GMT
cf-cache-status: HIT
age: 4958777
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cnMnR%2BiOj8Csa8WPxcG80wXheoe%2FELOgD0HMdx%2BVBStCjVV%2FPuiC2vnv1895X8gxSAxBvtqFrMLAmaWyDTi%2FgC2Ki4SGRCJYGeV%2FrCRUcaWNa%2FvzNDskt1id6%2BiwlEhaxx0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=25.000095
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b38af5b4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.fantaskycdn.com/f20d99174929d59cbc89e47591902b55.png | 104.18.21.211 | 200 OK | 36 kB |
URL GET HTTP/2img.fantaskycdn.com/f20d99174929d59cbc89e47591902b55.png IP104.18.21.211:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectfantaskycdn.com Fingerprint72:FB:90:36:3F:60:4D:C3:71:A5:77:4E:63:A8:50:5B:B3:2D:0C:6E ValidityThu, 25 Apr 2024 11:02:19 GMT - Wed, 24 Jul 2024 11:02:18 GMT
File typeRIFF (little-endian) data, Web/P image Hash607ffd7b5013c25d42ae88442a285ec5 bd682fa1ef03f611bf846baecf1851acfb9fbbd8 adcbd1fbce6030fca678f1ffa9a9e04f2a687cc463bd7387b86421e82d53420c
GET /f20d99174929d59cbc89e47591902b55.png HTTP/1.1
Host: img.fantaskycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 35982
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=84309
content-disposition: inline; filename="f20d99174929d59cbc89e47591902b55.webp"
request-id: 3af69a90-131b-4225-af87-6082240606b3
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Wed, 21 Feb 2024 08:49:22 GMT
cf-cache-status: HIT
age: 4958776
expires: Sun, 27 Apr 2025 02:54:22 GMT
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b3ed950b61-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img.staticdj.com/b87aac99bbd03a02888546a08d17b466.png | 104.19.235.103 | 200 OK | 69 kB |
URL GET HTTP/3img.staticdj.com/b87aac99bbd03a02888546a08d17b466.png IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash59bdb4af411d24221dce1bbf4ca6f3c1 f6fdb8d63aa229a804cb2fe6a4854fa65ea445a3 5a495e6dde820a0f44a974b9986ecdf51626af58b151bd876f76734b63dd933d
GET /b87aac99bbd03a02888546a08d17b466.png HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 69166
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=117635
content-disposition: inline; filename="b87aac99bbd03a02888546a08d17b466.webp"
request-id: cfdf9f0a-909e-4f03-9d79-18ad9fc94ff2
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Wed, 21 Feb 2024 07:18:12 GMT
cf-cache-status: HIT
age: 4958778
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8MW4%2BwRzrLTF%2F6kx0UGC3b92vlIkXfbXFYhOiUeizSyzh7gu4yAlOrzTx5A4aCe29u%2BXcnC4PBbf9CCWlVhQKQkD8Ea%2F6ctnSODTJN5UZUNiZBOKVBuCyms3HwoZTLx%2F0Hk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=32.000065
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b39afeb4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/c80e7270b6c98dd3e322f70f9a74991e.png | 104.19.235.103 | 200 OK | 49 kB |
URL GET HTTP/3img.staticdj.com/c80e7270b6c98dd3e322f70f9a74991e.png IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashe27f5f615b5930b51a047d2b0d592000 95c81f53184a61065aece44baaed693a161c39ad 9e45ed2d61fb56cd6e8f178566a794554355408531319f566b78e86fc93d213d
GET /c80e7270b6c98dd3e322f70f9a74991e.png HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 48948
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=83317
content-disposition: inline; filename="c80e7270b6c98dd3e322f70f9a74991e.webp"
request-id: 12589264-0535-4c27-8114-f9699de3d2f2
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Wed, 13 Mar 2024 20:29:12 GMT
cf-cache-status: HIT
age: 2724903
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4CV6iv%2F7qFSZG0UDVM0MQ2TYEQ2vnDx1DkOUVQTqxvk9eiCBzXqeNH4%2B7KimODidsxt4CcAkWq9XeYxgPJm9B7dK07E0PDSQ2LFvrAFvuu3OeS6LQxVX1NMio9YOfLq%2B0GM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=28.000116
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b39b03b4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.fantaskycdn.com/d7d3c1935ec493796e9ea29c1c72fa35.png | 104.18.21.211 | 200 OK | 36 kB |
URL GET HTTP/2img.fantaskycdn.com/d7d3c1935ec493796e9ea29c1c72fa35.png IP104.18.21.211:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectfantaskycdn.com Fingerprint72:FB:90:36:3F:60:4D:C3:71:A5:77:4E:63:A8:50:5B:B3:2D:0C:6E ValidityThu, 25 Apr 2024 11:02:19 GMT - Wed, 24 Jul 2024 11:02:18 GMT
File typeRIFF (little-endian) data, Web/P image Hash15fba0b1d6e41d214d7ab9031a2516a1 260d5b5e284d6e69f2b774c298d7a9eb6044fa3a 67722342495e164a8f4eeb967474d8f1a56e21b5aa2012af6d9a7ee904bf8a42
GET /d7d3c1935ec493796e9ea29c1c72fa35.png HTTP/1.1
Host: img.fantaskycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 36064
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=78274
content-disposition: inline; filename="d7d3c1935ec493796e9ea29c1c72fa35.webp"
request-id: a2280487-077a-43e8-b5d7-f5471b674033
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Wed, 17 Apr 2024 21:36:52 GMT
cf-cache-status: HIT
age: 626326
expires: Sun, 27 Apr 2025 02:54:22 GMT
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b3fda60b61-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.rosequake.com/static/lib/bootstrap/bootstrap-grid.min.css?v=cac22025232-20240427 | 188.114.97.1 | 200 OK | 241 kB |
URL GET HTTP/3www.rosequake.com/static/lib/bootstrap/bootstrap-grid.min.css?v=cac22025232-20240427 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeASCII text, with CRLF line terminators Size241 kB (240974 bytes) Hash7dbc3c16a7a1e0d4941608290b1cb218 d9fcde029ae22c446ced020bd143bc4c47eb7d9c 871f218ccbc29aea08acee4ff6164888af936d0b6f604c1658e3b19094660e9a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/lib/bootstrap/bootstrap-grid.min.css?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: text/css
last-modified: Mon, 15 Aug 2022 06:06:14 GMT
etag: W/"0fde1f6db0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l%2BUbdehoZEu6M5Q8Ze6iMfeFzebMiGxiKizSG7rhRcHdWashfWjBjcPL6xWJypKkPZJ9j2yqM21kwlg2Q2mkqhnlwFCalcP5mrqGaBOW8iZ1O8YYieIYf0pQDd92r4iicvehAA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a15b0e56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/ajax/index.aspx?action=UserInfo | 188.114.97.1 | 200 OK | 15 B |
URL GET HTTP/3www.rosequake.com/ajax/index.aspx?action=UserInfo IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
Hash00d746e4b7a743d7815f126764dbf5c0 46247b4f29333cdfdf067dc2c5d449fffab7f77c 786a593906565372853a05afa202cc6228dd70e479befba3096965a06682529a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ajax/index.aspx?action=UserInfo HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw; _gcl_au=1.1.1780305057.1714164860; _ga_B1QS3P765Z=GS1.1.1714164861.1.0.1714164861.0.0.0; _ga=GA1.1.379596347.1714164862
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: application/json; charset=utf-8
content-length: 15
cache-control: private
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ffYlaqxIo3JG1rMr67j4ihtRj0Dh7ynMiU7I6VhDAXCxZz1EKQAxg5nQGuaNhWo6aCrH2Wg275O8I4wIIteNeAUSeRfXMrTbByEF7ujlObs44fVqGNqU5i%2Bw02rUv%2BpK2Qg8wg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977b34e3d56c4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/2374bf3561a464876edb3bc32113e8c2.png | 104.19.235.103 | 200 OK | 105 kB |
URL GET HTTP/3img.staticdj.com/2374bf3561a464876edb3bc32113e8c2.png IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Size105 kB (105384 bytes) Hashb8a9a8b11cfa4355c2bd061448263df7 f6973877a03918c6370afba48675782b124a35b2 27f93e215aaf90d8d6a44707b508dd79356b3f291d7ec1b0a11799a9f2c2c650
GET /2374bf3561a464876edb3bc32113e8c2.png HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 105384
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=135462
content-disposition: inline; filename="2374bf3561a464876edb3bc32113e8c2.webp"
request-id: e60920f5-bb2f-42bb-b2cb-bddb5ba7c591
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 20:09:37 GMT
cf-cache-status: HIT
age: 3583459
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NwbBQGAibDbBiNE393DhYyAMfVNLuDFZaF12EKKtBxoR6O3Nv9qJErKnNrx7Ujn2kPNcAb%2BNkBWJ%2FHcDdOXdih395Id8PiQltnTMJSKdduZLD4sKPabvEg%2ByRWgeVOCjcKY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=21.000147
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b39b04b4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.fantaskycdn.com/13ed9a20da4686310481089ced22245c_600x.JPG | 104.18.21.211 | 200 OK | 98 kB |
URL GET HTTP/2img.fantaskycdn.com/13ed9a20da4686310481089ced22245c_600x.JPG IP104.18.21.211:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectfantaskycdn.com Fingerprint72:FB:90:36:3F:60:4D:C3:71:A5:77:4E:63:A8:50:5B:B3:2D:0C:6E ValidityThu, 25 Apr 2024 11:02:19 GMT - Wed, 24 Jul 2024 11:02:18 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], progressive, precision 8, 600x1059, components 3 Hashb9ad1f4b7fb9840363a9b893856d6a28 aa28392d4f8c3dfa7fa459ea34152c0d53f05dcd d8e9545e688f68cca472e98e8b61042f122feb10e4b4900e1a4f5f357048ae41
GET /13ed9a20da4686310481089ced22245c_600x.JPG HTTP/1.1
Host: img.fantaskycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/jpeg
content-length: 98074
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origSize=98176
content-disposition: inline; filename="13ed9a20da4686310481089ced22245c.jpg"
expires: Sun, 27 Apr 2025 02:54:22 GMT
request-id: 176dab8e-88d1-418d-89d4-5e7f2db14a2b
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 176dab8e-88d1-418d-89d4-5e7f2db14a2b
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2024 14:24:27 GMT
cf-cache-status: HIT
age: 626326
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b40db40b61-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| global.akating.com/static/images/country/RU.png | 104.21.11.35 | 200 OK | 339 B |
URL GET HTTP/3global.akating.com/static/images/country/RU.png IP104.21.11.35:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectakating.com FingerprintA8:7E:17:08:6D:10:CF:53:D4:98:D4:CE:50:7C:4A:15:9B:62:1D:62 ValidityFri, 19 Apr 2024 10:57:59 GMT - Thu, 18 Jul 2024 10:57:58 GMT
File typePNG image data, 120 x 80, 8-bit/color RGBA, non-interlaced Hash793e22ff1f1919260bf5dfbfa4f49536 380584aaae3e07373545f567609e2dd3b0da1399 3155f1bcf967e2d240cdf21dab23ed98c92c2a4e9b77ccf3dbe9418c3ba053ca
GET /static/images/country/RU.png HTTP/1.1
Host: global.akating.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/png
content-length: 339
last-modified: Sat, 16 May 2020 04:28:08 GMT
etag: "8ed0c2663a2bd61:0"
x-powered-by: ASP.NET
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 5624
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BXEKnilxWOQPUZGRq7tpx%2FD9Xj3A8IEElyCfnx1kDtqJQU3lLk3fGKuraOAcXPujFxpWZNBk66x73kfuE8MasXQK8I3clGQc%2BxxyBuZwqbGPq5QwEJ%2BmLWrYoPAlikXBKIt4n2k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977b638dc5694-OSL
alt-svc: h3=":443"; ma=86400
|
|
| global.akating.com/static/images/country/GB.png | 104.21.11.35 | 200 OK | 1.7 kB |
URL GET HTTP/3global.akating.com/static/images/country/GB.png IP104.21.11.35:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectakating.com FingerprintA8:7E:17:08:6D:10:CF:53:D4:98:D4:CE:50:7C:4A:15:9B:62:1D:62 ValidityFri, 19 Apr 2024 10:57:59 GMT - Thu, 18 Jul 2024 10:57:58 GMT
File typePNG image data, 120 x 80, 8-bit/color RGBA, non-interlaced Hash7395045bdbb57b20e5aa639f1ab3c0f7 4b26239d94e6e14a41bc7cec5d7f2064ecbb3e47 78516cab66e3a8dfa9b964b4c397fecd1ccd9d6b7322380d1bc39760c0f43e1a
GET /static/images/country/GB.png HTTP/1.1
Host: global.akating.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/png
content-length: 1674
last-modified: Sat, 16 May 2020 04:28:12 GMT
etag: "9e97ce683a2bd61:0"
x-powered-by: ASP.NET
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 5624
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3dgen3Nas9IwfVxK8xfjzyLKASmFrp1nMZjyV0mq66y36qEzntANl%2FzkiUpGasv8LERQchkr0Y9hkwJTaGiAaIxFwg9MHQ18xljMGCikGHxF%2FejUy0K80VQIYC45A%2FxBzXAcEvw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977b648f95694-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/f8e07c16204b3275d317716ba745c3cb_100x.jpeg | 104.19.235.103 | 200 OK | 3.9 kB |
URL GET HTTP/3img.staticdj.com/f8e07c16204b3275d317716ba745c3cb_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashe152e1ef0f56a2cdcc94c35f82e65e39 2799d8ae9f98950cbb9b483b008c00cca0261f1a 6a24447bb7aeac36ea1f562d25991e8391ff58f622522da6c967a7c903bbb497
GET /f8e07c16204b3275d317716ba745c3cb_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 3870
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="f8e07c16204b3275d317716ba745c3cb.webp"
expires: Wed, 06 Mar 2024 20:06:11 GMT
request-id: 08561db1-25ba-4ce8-aa0e-dd4306916683
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 08561db1-25ba-4ce8-aa0e-dd4306916683
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 19:06:11 GMT
cf-cache-status: HIT
age: 735520
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TLz46bjM9XowhKOLImUXhMbSMvqZkm1pBaHGF28gLe%2BBAxF5R45VCTSfATg2v1Yh7WDzONtIYMsHx%2B7hmSNX07MQl2UcPVfkgyP8zuV9WmZUKj0v%2Bg0eJhj5AR6r6xHGKSE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=24.000168
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b63dd6b4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/Apis/Reviews.aspx?pageSize=8&pageIndex=1 | 188.114.97.1 | 200 OK | 7.6 kB |
URL GET HTTP/3www.rosequake.com/Apis/Reviews.aspx?pageSize=8&pageIndex=1 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
Hashb78649165192b13a47ed346f880ec210 54341ed793694d7f0710344d91bee65e18c8118c 7aff79a2c12432917c9853e4480e1fc2dfa328e1b24a24ed6f1d9350569d67f3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Apis/Reviews.aspx?pageSize=8&pageIndex=1 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw; _gcl_au=1.1.1780305057.1714164860; _ga_B1QS3P765Z=GS1.1.1714164861.1.0.1714164861.0.0.0; _ga=GA1.1.379596347.1714164862; cf_clearance=kbCUiwrgr269rrXfQfhT2.QA72LxwNcT_RGTVyI8PZk-1714164861-1.0.1.1-IUuCBYJG.SHnX3ZpoOA4LNplNS2TjQnYKA2dG2IgHVKRUxUTJhzUEMKsgAEL8hgn7cK8R1I.BdEYxFrGMYLejA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: application/json; charset=utf-8
cache-control: private
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TZV7lxFf%2FvbOsxU0nj9R%2BD3atC2Y7uQZhic%2Bf%2Fnfaui3%2Fgc0GFqIpK4OChs%2B8u%2FM1I%2F3XCYcTeG6PBSxp0Fb64aU8JjGZ6tj7OxbNxHYHYGvZ6fUx%2FcQBWgEGxPT8FQqzp5ZQg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977b3be9056c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| global.akating.com/static/images/country/US.png | 104.21.11.35 | 200 OK | 1.7 kB |
URL GET HTTP/3global.akating.com/static/images/country/US.png IP104.21.11.35:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectakating.com FingerprintA8:7E:17:08:6D:10:CF:53:D4:98:D4:CE:50:7C:4A:15:9B:62:1D:62 ValidityFri, 19 Apr 2024 10:57:59 GMT - Thu, 18 Jul 2024 10:57:58 GMT
File typePNG image data, 120 x 80, 8-bit/color RGBA, non-interlaced Hash8d4c6abfb5a2710d832c9ccefe0aee40 fdb1f9fe27953b701fbd8c37b201c99e33910d77 4a22c5ebceef499edbb389f78c5d81fd3b1fcb43528adf5fb00fc40e2d9205bc
GET /static/images/country/US.png HTTP/1.1
Host: global.akating.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/png
content-length: 1662
last-modified: Sat, 16 May 2020 04:28:09 GMT
etag: "2afc4673a2bd61:0"
x-powered-by: ASP.NET
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 5624
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VeaZvL0rjIEDQdugvHXsiA%2FFdG5z0%2B2qc%2Bxeh%2Fx%2FXrBvWU45i%2B2scmETZs4p3Ru0nT%2B2HT0yNlewa87qVMYWrnnYxjHYL4ttmcIkl37UjUhLTlZYN5kNdX5uRrtHfduVXwBLFos%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977b6590d5694-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/859b076550ebcc4204818a464b0e76d1_100x.jpeg | 104.19.235.103 | 200 OK | 5.0 kB |
URL GET HTTP/3img.staticdj.com/859b076550ebcc4204818a464b0e76d1_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashfe7359946541eae7f72fc32fb9a8647e 9a842bc5c44da6841d3de24a2bc4f3eb59d0fb11 251cb6002ca819e00a40ee07169c137d113f6eea202dcd480cf3d463d9ec5f7d
GET /859b076550ebcc4204818a464b0e76d1_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 5026
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="859b076550ebcc4204818a464b0e76d1.webp"
expires: Fri, 08 Mar 2024 06:51:30 GMT
request-id: 8d3d0442-ee35-4251-8a02-9d12f670b57a
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 8d3d0442-ee35-4251-8a02-9d12f670b57a
x-xss-protection: 1; mode=block
last-modified: Fri, 08 Mar 2024 05:51:30 GMT
cf-cache-status: HIT
age: 3583459
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EHbfRVHCbkQIxWr%2FLuPiJRO6U7YxvYc5rGfmWvI4pizNHrszCqaCWtxNB1Ww1oJDxlP2knQi8Cjx907RDPWI1JkeLcvsNDKt7eSSxWQvDTlb8rPSL1tVzdmL9tsuf2TUvR4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=23.000002
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b64de1b4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/d4a340ce46744f358a4d324fe7dffc27_100x.jpeg | 104.19.235.103 | 200 OK | 4.0 kB |
URL GET HTTP/3img.staticdj.com/d4a340ce46744f358a4d324fe7dffc27_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash1d1cc3259f964e63a095acd3d0d2d3fc ad510ac4bbed99617c82f067b4ca0319c2dc792a d7f6a4632b5fdd255e7360c4dba402fab4a87ee8ec97afe519872eda47937065
GET /d4a340ce46744f358a4d324fe7dffc27_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 3998
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="d4a340ce46744f358a4d324fe7dffc27.webp"
expires: Wed, 10 Apr 2024 15:24:27 GMT
request-id: 48869618-ef5b-41ce-abb6-04bf991914bb
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 48869618-ef5b-41ce-abb6-04bf991914bb
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2024 14:24:27 GMT
cf-cache-status: HIT
age: 1072533
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XKnxK6XJC3AK1XBe3eAoWr7mS5ekSlpx3W8NNw8ajxZpie2%2FcJHzSjMaXMrJpqCUsvxdlws1Fh4TeBiqP17dkHViqIkeLQquE0WShY2uQfmz3R9PE%2FYNiZiH%2BFbfV3y6c%2BA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=19.999981
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b64de8b4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/dd2f847011f9155460b01f52deeed91d_100x.jpeg | 104.19.235.103 | 200 OK | 7.1 kB |
URL GET HTTP/3img.staticdj.com/dd2f847011f9155460b01f52deeed91d_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash1128c40e76cd48449ad772f6e19089ac 2d8d89e3b76cae4f2035e8b14ca339d19784ba2e 6a8522e0ed15bebf6fed9dc5256fdc72afbdf6a3e272bd2ccd6f33b7be7b114c
GET /dd2f847011f9155460b01f52deeed91d_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 7094
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="dd2f847011f9155460b01f52deeed91d.webp"
expires: Thu, 18 Apr 2024 01:02:55 GMT
request-id: a8d2ba84-a6bb-475c-93b6-9323cd5e219e
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: a8d2ba84-a6bb-475c-93b6-9323cd5e219e
x-xss-protection: 1; mode=block
last-modified: Thu, 18 Apr 2024 00:02:55 GMT
cf-cache-status: HIT
age: 142982
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4qJ3Dqq9b8aaWA3mdQhTx%2B%2Baaj%2BpK%2FMfWztSIjjy6AfHCnYGKhMk6yRLZJVbn1RL7ml632x3OZHTjt%2BdOb9Cqk0FQ%2FeMHVNB9qTZUi6iWNe8kqLyjpB3bHVOYNfsXGqgXkU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=19.999981
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b64debb4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/bab7df84c94a403c00a0e4dc7dba2b59_100x.jpeg | 104.19.235.103 | 200 OK | 6.7 kB |
URL GET HTTP/3img.staticdj.com/bab7df84c94a403c00a0e4dc7dba2b59_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash9ea0fedf1d8f2c80fa822762ca4a6eae c92733b5af62413fcdfa7007ead0f231d690e01e 1d34b017428f695b9583036322927ee0d89e92a3bdd6cebe58c94fb043235563
GET /bab7df84c94a403c00a0e4dc7dba2b59_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 6680
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="bab7df84c94a403c00a0e4dc7dba2b59.webp"
expires: Fri, 08 Mar 2024 06:23:51 GMT
request-id: cacd44b8-ab45-4b81-bf1d-09f37840e4c1
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: cacd44b8-ab45-4b81-bf1d-09f37840e4c1
x-xss-protection: 1; mode=block
last-modified: Fri, 08 Mar 2024 05:23:51 GMT
cf-cache-status: HIT
age: 2724903
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hMRfLdTaXiczKOAX9lZL35xfJ4UF4ZOeHt2qnO9hgqRUhPtnmNGmj9lJL0fBBBol9dvRjE4ZGOuAlVQjeB5VbrSy2pIA6N05i1VJTv%2FM4izszBNJ87fGy4mOuN8NOsTvTVk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=19.000053
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b64deeb4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/images/favicon_RoseQuake/favicon.ico | 188.114.97.1 | 200 OK | 11 kB |
URL GET HTTP/3www.rosequake.com/images/favicon_RoseQuake/favicon.ico IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeMS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel Hashf033c0b4ab01e492fb3fadb6ca951f06 33e214cc88ca96bb5ab7e5bab69ff93f0f67aa43 26b0ccd197318f6eafe8f4edb28a004830152274194774fe6821c6c3abdb38b3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/favicon_RoseQuake/favicon.ico HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw; _gcl_au=1.1.1780305057.1714164860; _ga_B1QS3P765Z=GS1.1.1714164861.1.0.1714164861.0.0.0; _ga=GA1.1.379596347.1714164862
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:21 GMT
content-type: image/x-icon
last-modified: Tue, 03 Oct 2023 09:59:06 GMT
etag: W/"091d83ee0f5d91:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 3129
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7NWAsc7pRt9AfAQRReTbRC%2Ft0IzIjGh8G1RI34GuqRt7%2Fwj9wJhpfHrQt1RyTs72ixdWUX4LiP8D4qepFbFvI7PCeQDMP%2Ftsp%2FcR3V6tlBJhMVTM969zi2NvFblEuQud6XfX8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977b33e2c56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/b63ef38ff60cb0522be49f9cb061aaa9_100x.jpeg | 104.19.235.103 | 200 OK | 7.9 kB |
URL GET HTTP/3img.staticdj.com/b63ef38ff60cb0522be49f9cb061aaa9_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashecbaf1b4d3c71b95ddae6fd5fe22043d 2fe54209b696f37c0487e58e81c0e66d717aef9c 986a8f15245e0a37283c7d0cd57318ef01120a17d974f4e34f3dbc09b98cb50c
GET /b63ef38ff60cb0522be49f9cb061aaa9_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 7886
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="b63ef38ff60cb0522be49f9cb061aaa9.webp"
expires: Wed, 06 Mar 2024 21:09:38 GMT
request-id: c13116fa-f8f4-46c7-8df1-b5360a7d9752
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: c13116fa-f8f4-46c7-8df1-b5360a7d9752
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 20:09:38 GMT
cf-cache-status: HIT
age: 735520
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qCFUsfrJLR77d5KmJazKA%2BgWvKusUer%2FCrYseGTTZ4gu1FKIOL6S5I3DAuE8ZnPAbavyQUZBjyvqoTdySACeNuD5T%2B9q6cIp8sfkxZDqkQ1AqDJ658wilIBq2Eai%2Ftkn9lI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=29.999971
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b64decb4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/27779eaff6b7a7c50edbe7e82f0ad420_100x.jpeg | 104.19.235.103 | 200 OK | 5.1 kB |
URL GET HTTP/3img.staticdj.com/27779eaff6b7a7c50edbe7e82f0ad420_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash5705c377831b7547072fc32420d24220 d1f3502312f4fdb33b50608dbde7cd68e3c5d20e 057dea6dbb5dfbe45fd2e8c18e2cb44737e363a390142a2730bb0deb28ce5799
GET /27779eaff6b7a7c50edbe7e82f0ad420_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 5056
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="27779eaff6b7a7c50edbe7e82f0ad420.webp"
expires: Thu, 29 Feb 2024 06:04:02 GMT
request-id: b63c18da-eb6e-403c-993b-cf15787dae64
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: b63c18da-eb6e-403c-993b-cf15787dae64
x-xss-protection: 1; mode=block
last-modified: Thu, 29 Feb 2024 05:04:02 GMT
cf-cache-status: HIT
age: 4958777
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hA5XIlcfG8EGTwgcN1LyPoiMtFGjbzIfANjxSLERf1%2FBDCFedxWA5Q1iQwUfXpHpC593dxPhhTzsce%2F1i%2BpruqqphnZ6mubuxsuDvxZERKSi2yL7VHQGy6MspGXpxGNPFiU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=19.999981
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b65e07b4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/06492e93ca2119d0630f802a7e1ff44f_100x.gif | 104.19.235.103 | 200 OK | 4.8 kB |
URL GET HTTP/3img.staticdj.com/06492e93ca2119d0630f802a7e1ff44f_100x.gif IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashb6f2cf67555c16d87455ae59d30772db aa5335a17b64cf596791f2212f6b38181ed870e2 efdd757999715a9a87df5aa50e8bec49252c4278d34779a911ffe5697ac957ed
GET /06492e93ca2119d0630f802a7e1ff44f_100x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 4790
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=8611
content-disposition: inline; filename="06492e93ca2119d0630f802a7e1ff44f_100x.webp"
request-id: 46cf847a-596c-4725-bbb9-31c6f19098f4
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 22:44:04 GMT
cf-cache-status: HIT
age: 1328496
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eIfrwNRAMbLeZ4%2BNGmt85eb9jCRxOGpnoaSXXhqEeq1qjUBMhL6d2m8PtVe6iECZYiBUHTjCu3R%2B1bQSikTTeJAsfud0zqTANvBA62joQKydsjaRWGLbxSBuoYU14CNtWww%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=20.999908
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b65e03b4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/f6ff1ab35c2b89fc58a2bf4e809179da_100x.jpeg | 104.19.235.103 | 200 OK | 2.2 kB |
URL GET HTTP/3img.staticdj.com/f6ff1ab35c2b89fc58a2bf4e809179da_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashf4e47c1bab71137930bee821d12ec9d2 78de080f41c8c2e96cc3c8b53446df6d0523562e b688a8cd498558db5d55fdcbefe1c1d1cac13119b0eeba82ea9643390ba4fc70
GET /f6ff1ab35c2b89fc58a2bf4e809179da_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 2234
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="f6ff1ab35c2b89fc58a2bf4e809179da.webp"
expires: Mon, 18 Mar 2024 20:54:13 GMT
request-id: 36c1f59e-428e-4905-a39f-6795cc028d9c
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 36c1f59e-428e-4905-a39f-6795cc028d9c
x-xss-protection: 1; mode=block
last-modified: Mon, 18 Mar 2024 19:54:13 GMT
cf-cache-status: HIT
age: 735520
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m2BxNNKkTMAJOJM%2FqUgkiRfKZsx5gHekmkvk5Ip3xQoYZVn4zS5kE80r0Z3%2FQhASho3hAHpNRH9PZmBJz%2BeqFe5xvHt1tKSe0Ehl6NIjBWTgcovxAL1shFXQp3movh9KlgM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=13.000011
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b66e18b4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/static/base.js?v=cac22025232-20240427 | 188.114.97.1 | 200 OK | 23 kB |
URL GET HTTP/3www.rosequake.com/static/base.js?v=cac22025232-20240427 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (1635), with CRLF line terminators Hashb537b42f84d7a25f610f9889a938fa00 e16a71b9a18a348d13436a04171f3e6f65b9a79c be22e743ee67a40014e10f81dbd65e5984bf86f70cedbc73f4f83e194a0de9d5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/base.js?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: application/javascript
last-modified: Sat, 06 Apr 2024 09:48:33 GMT
etag: W/"80ee6196788da1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7saH%2BiusxBY%2FYMvs9EYTHq0bKFqPMqBAmkwe15TOEWWQs2WYupWN2PG77QgWdM7tfjpwdtJ4CE2%2FKSzHxfhiCtT4cjpu9ouJZvaMEGVxpf0q%2FvoCVSKhIFPmmS5DHRwtJvHL9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a1ebd456c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/41b845def7e42bc7961689e9013d6eec_100x.jpeg | 104.19.235.103 | 200 OK | 8.3 kB |
URL GET HTTP/3img.staticdj.com/41b845def7e42bc7961689e9013d6eec_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash43fe7306dba178012b0dd66f571c08da 1101a6dc7beac9b33ac596fdac099426c2a2fadc 86c72c75bc10c29a434cfee02dcf017dbb7f43ca930d4172bdae036eff2d465c
GET /41b845def7e42bc7961689e9013d6eec_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 8294
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="41b845def7e42bc7961689e9013d6eec.webp"
expires: Wed, 10 Apr 2024 15:24:27 GMT
request-id: 6d91a8f6-6132-438f-b2be-ca5dfdd3da0e
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 6d91a8f6-6132-438f-b2be-ca5dfdd3da0e
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2024 14:24:27 GMT
cf-cache-status: HIT
age: 1328496
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f2e1beBLsR%2BeMXMtnkCZTxZWXK%2B8HrSaBIqbiuyHcrnJvG4MaRWkht%2FCnOvtF8PPCbLevT55auHHfQgWL3G44OZTAdvXtWt2U%2FTE%2FvPuGj6sV79%2FmxQ%2Fp5Q8Jqrgomi3wa4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=24.999857
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b65dfdb4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/js/video.min.js | 188.114.97.1 | 200 OK | 187 kB |
URL GET HTTP/3www.rosequake.com/js/video.min.js IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65142) Size187 kB (187251 bytes) Hashf50c31011e4900174758bb688253b0b3 f15c8636f7dcd7f25798dd2d4a710f4f5fbcfd1a 0990b905d2a411a8f29c0502458419b91932e740cc66b1aca128179cbede5867
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/video.min.js HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: application/javascript
last-modified: Thu, 26 Oct 2023 05:20:34 GMT
etag: W/"e255b25cc7da1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5623
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bxGotpw4KtugE1tYDWUJyVy8Idd7jHJQ%2B1cQBpXxUEzdqsRWa7CmaAF0vskeeZTGqTJX3mClf4VUfDe7dtXMz5fdSz2tQXhbktjz%2Fh6f6Y9hoCetzDlAAkLwiHU7NB%2FP5fSuqg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a24c5d56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/eb1c5479ebc24fcab7025b76859a14ae_100x.jpeg | 104.19.235.103 | 200 OK | 2.4 kB |
URL GET HTTP/3img.staticdj.com/eb1c5479ebc24fcab7025b76859a14ae_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashe0352f0066966ca91244aa5df1800f63 0784e3930264c7dec58feb8bc79ac7978bd41495 2803c73fe763d464c634a1b2a6e0daf9f021578eb8c98819972e0930f799af1e
GET /eb1c5479ebc24fcab7025b76859a14ae_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 2412
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="eb1c5479ebc24fcab7025b76859a14ae.webp"
expires: Fri, 22 Mar 2024 09:22:58 GMT
request-id: c84f91b1-f923-41b8-bda2-0f16a08eb483
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: c84f91b1-f923-41b8-bda2-0f16a08eb483
x-xss-protection: 1; mode=block
last-modified: Fri, 22 Mar 2024 08:22:58 GMT
cf-cache-status: HIT
age: 2724902
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A7Boz6rJFk8mSCM5BvOe8sg2RWO4l8jBTiKeY8ZHHiQ8D5ybMmB1T5JCKbJpSRcGALdmPQOR3gPHF1qb6qifO%2Bi5nua8BSKH5PeCM%2FYyRCeMQjY9eT8w34%2FNu9hO4G1EWVE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=17.000198
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b66e15b4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/de5a984e245ee620a2f7c425177d3d4b_100x.jpeg | 104.19.235.103 | 200 OK | 5.3 kB |
URL GET HTTP/3img.staticdj.com/de5a984e245ee620a2f7c425177d3d4b_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash9d1b45ee034353742e39192622718559 bc2436642677db17d3832e4fa7b8e0a4422bbbc1 14a610e1f8e437b27b40ced462fd8d895c8dfe222f18b759025349d2a09e06f1
GET /de5a984e245ee620a2f7c425177d3d4b_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 5296
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="de5a984e245ee620a2f7c425177d3d4b.webp"
expires: Wed, 06 Mar 2024 22:17:41 GMT
request-id: 8be29516-538c-438d-b26c-69e3d41ea6b9
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 8be29516-538c-438d-b26c-69e3d41ea6b9
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 21:17:41 GMT
cf-cache-status: HIT
age: 2724902
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NwujQCfU%2BaocaHmhTUIPC41VvwtZgU6qJWlM%2BXVFJep4ff58A4SSEHnJ8oriH9y2c2haZSBCv3EmB3%2FtMPIzlOvY2S0QvqHvJc%2F6TTUSkotvKEmv9ntSgNbUg1EetIUvY3s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=23.999929
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b65e08b4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/509669b0dcedb24946c68f508b7d15b5_100x.jpg | 104.19.235.103 | 200 OK | 2.0 kB |
URL GET HTTP/3img.staticdj.com/509669b0dcedb24946c68f508b7d15b5_100x.jpg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash9da0c50c4f73310154a41d291b29e96e 4d00ccf2f146b253300004924818e182e9c1fe39 4ef972704c40f6af71e86ff5e3d7beb1562430de320bb3e749d083efe4d67032
GET /509669b0dcedb24946c68f508b7d15b5_100x.jpg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 1966
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="509669b0dcedb24946c68f508b7d15b5.webp"
expires: Fri, 22 Mar 2024 14:00:33 GMT
request-id: 585b675f-aeeb-46df-b84a-8006e16277cc
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 585b675f-aeeb-46df-b84a-8006e16277cc
x-xss-protection: 1; mode=block
last-modified: Fri, 22 Mar 2024 13:00:33 GMT
cf-cache-status: HIT
age: 735520
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8mOSPCvW45spEuUuVLrBES6iudbfaYTQqpIQLsZpsZFTCZSTdB99aDtZRVNiGAmu0tvawiMDcntIWyRi3mJnXOu%2F9XamKzHy96a3ZFKQPl11Ko53WtgOor5FIhzI1EvDeC4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=39.000034
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b64deab4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/b7ac1b47d7f7fc902a851d7f23e3dd77_100x.jpeg | 104.19.235.103 | 200 OK | 5.4 kB |
URL GET HTTP/3img.staticdj.com/b7ac1b47d7f7fc902a851d7f23e3dd77_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash9d0002b9d6279b0cd8aba311f21ad1c9 15ae4708187a343dd72d70b4891f676f0695ac75 42c7b978aac7e579e40943d18a132e2f33ab902d4d042eb0433254cb50c920b5
GET /b7ac1b47d7f7fc902a851d7f23e3dd77_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 5432
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="b7ac1b47d7f7fc902a851d7f23e3dd77.webp"
expires: Wed, 06 Mar 2024 21:09:38 GMT
request-id: f9b05066-3cd7-4765-8590-cedeabdd4f41
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: f9b05066-3cd7-4765-8590-cedeabdd4f41
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 20:09:38 GMT
cf-cache-status: HIT
age: 735520
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CnbXoMdk3W6%2BmT056efmuyfoE3keU6thFVjM471Hq6H59Pl3SGE8QTDr8pCKnLd7Kf0cR%2F2ZWE19EQgknNy7PME%2Fk0ICDbcre8vItj2L43JqQplc4trRb8pBZ4PGST%2F%2FrOo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=23.999929
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b65e09b4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/a3cda8b10a3f1c83bbf760b52726d866_100x.gif | 104.19.235.103 | 200 OK | 1.9 kB |
URL GET HTTP/3img.staticdj.com/a3cda8b10a3f1c83bbf760b52726d866_100x.gif IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashda5ad54473a7f27739e5ec1143faac0d 0f2fd05b65b04156154580bd264d2c94a3b6b90f 5f8a052bf202c49f27bd28c076cbf4a77554d45011911898e22a59ee2c23c4a7
GET /a3cda8b10a3f1c83bbf760b52726d866_100x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 1894
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=6250
content-disposition: inline; filename="a3cda8b10a3f1c83bbf760b52726d866_100x.webp"
request-id: 9e3b3106-e8c3-4a20-b571-36b6a88fcb23
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Mon, 11 Mar 2024 18:48:13 GMT
cf-cache-status: HIT
age: 3583459
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UdiVSiQ0Ob52TwUobFm%2F9NebdEKa6ywkCTLAOApitFUgoFwaYn9OFnu1woG7hJfOripHF4G%2FY9aovLa5%2Fi3xU%2Fuvh%2BV6WzIKTxhIUO68ekLDaZ3D4KGUCgN3rbMhD1tY0SQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=17.999887
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b66e19b4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| global.akating.com/files/Country_list.js | 104.21.11.35 | 200 OK | 11 kB |
URL GET HTTP/2global.akating.com/files/Country_list.js IP104.21.11.35:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectakating.com FingerprintA8:7E:17:08:6D:10:CF:53:D4:98:D4:CE:50:7C:4A:15:9B:62:1D:62 ValidityFri, 19 Apr 2024 10:57:59 GMT - Thu, 18 Jul 2024 10:57:58 GMT
File typeASCII text, with very long lines (55293), with no line terminators Hash3dd00c1468c48f40ac11cf9715d34831 98691de8e84697877dfdbf2f9e87149621c64656 0512d7cec7a4d88356a2b50d5254c7884ad61cd7f343c8add98a4c8a4ca77eb2
GET /files/Country_list.js HTTP/1.1
Host: global.akating.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: application/javascript
last-modified: Tue, 28 Nov 2023 20:39:55 GMT
etag: W/"e08f8ab3b22da1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 2171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7ryTrsFodcfQDPzX4relZR1QTh5a95QCypPPdRvAW1hYvzYMicNM%2FmnrZDwNzGH3Ywr4AUHAFbOQZPGCsPABgx0wuggFodrhM%2FbPQHn7CetZuw6iJNHxFvQPPHcJrc8bdanMHT0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a23f19b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img.staticdj.com/0bca6197e2f237c278b094fbf18ce611_100x.jpeg | 104.19.235.103 | 200 OK | 2.3 kB |
URL GET HTTP/3img.staticdj.com/0bca6197e2f237c278b094fbf18ce611_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash4931fc397659b100726fa8468f144f8f 3a1eb1ce848c415578bbb343c507d990230bf3c0 aa252b2ee479b70900739c527fd08ace6585df0d0c6f58b4dabaea18b75d1713
GET /0bca6197e2f237c278b094fbf18ce611_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 2348
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="0bca6197e2f237c278b094fbf18ce611.webp"
expires: Wed, 06 Mar 2024 23:33:57 GMT
request-id: 8a1c6abb-c6aa-4ba2-874e-3343a53532b1
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 8a1c6abb-c6aa-4ba2-874e-3343a53532b1
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 22:33:57 GMT
cf-cache-status: HIT
age: 2724903
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LsQU%2BG9rSzybfafC1vCZIa3Grq3wezmRtdTgDdI6V7TzU6NAfC5CMZcy0J3mOWrel%2F%2F6SIpG%2BhF2xIBNRQdNbxOyU%2FNqTEsSzA%2FLdSmrpyOCyzME1Xv80UoOi6negveARdg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=29.000044
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b65e01b4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/2be646a2364d0fd4ada1c0df823e96e6_100x.jpeg | 104.19.235.103 | 200 OK | 2.2 kB |
URL GET HTTP/3img.staticdj.com/2be646a2364d0fd4ada1c0df823e96e6_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash500eb6360bf696f982722d078af4f7b0 8a8da7948e09aa85a5f9295070000b4951b35c70 a073b9f4ff059d81451655d61a79f76de5c9d1d5fbca61fbfb70cd8095c25fee
GET /2be646a2364d0fd4ada1c0df823e96e6_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 2214
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="2be646a2364d0fd4ada1c0df823e96e6.webp"
expires: Mon, 18 Mar 2024 21:49:24 GMT
request-id: 5e4ab6f5-c2b0-4a14-a5db-0bb55f28a9a2
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 5e4ab6f5-c2b0-4a14-a5db-0bb55f28a9a2
x-xss-protection: 1; mode=block
last-modified: Mon, 18 Mar 2024 20:49:24 GMT
cf-cache-status: HIT
age: 2724902
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hFukDmSlnJZcMfTYx%2FwqFXkPQQxYYoDWYTfCf%2FGAWwHy2wrIahhBjLffqTM1V0HybPc4DpVRHQEdvLObfKr5qMAXudh5TEciHBiMIt8YKVe%2FW5CUpNdQWlphpqRSZr8k%2FLM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=17.999887
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b66e1eb4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/84cc7e684561de314cde018b6a020908_100x.jpeg | 104.19.235.103 | 200 OK | 2.6 kB |
URL GET HTTP/3img.staticdj.com/84cc7e684561de314cde018b6a020908_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashb79df0caa544f5f6dd9109393e98b81b fc9af4731ac7003396090d5b9452df202d66de51 6e1dbf2a2d6374ae56638eb40ab6fa2008585d6b9497293f90acc02824e7640c
GET /84cc7e684561de314cde018b6a020908_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 2578
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="84cc7e684561de314cde018b6a020908.webp"
expires: Fri, 01 Dec 2023 12:54:38 GMT
request-id: 12b9e180-b02a-41df-9722-6125d9734dea
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 12b9e180-b02a-41df-9722-6125d9734dea
x-xss-protection: 1; mode=block
last-modified: Fri, 01 Dec 2023 11:54:38 GMT
cf-cache-status: HIT
age: 4958777
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xCZGXWMBqVP3Mxc9sX2jX2VD0%2F7VBpHNz8sqEMgt9ybKVgWV2kcpd%2FjUoJQE1dxTiCikY5j%2B4OOTuFFPAzqxtcU2e6aooDuR8U4JFwAYaVm4Md5RRDRWysTkcUr1I0RqTdU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=13.999939
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b67e25b4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/de4fef1b05b5f0293d6da27bf9e0b08d_100x.gif | 104.19.235.103 | 200 OK | 10 kB |
URL GET HTTP/3img.staticdj.com/de4fef1b05b5f0293d6da27bf9e0b08d_100x.gif IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashf2380f44185ac131e1c0006431820336 70cc1a582645574994f4c8ab0ee5dadd439a68a8 7abc9aea7d80701fd38d241fb1a79863a900a2abad12bbb4a969642b3f6d25eb
GET /de4fef1b05b5f0293d6da27bf9e0b08d_100x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 10206
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=15145
content-disposition: inline; filename="de4fef1b05b5f0293d6da27bf9e0b08d_100x.webp"
request-id: 41f84ad3-12b9-4cfe-891e-7be0fc0f448b
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Apr 2024 21:57:08 GMT
cf-cache-status: HIT
age: 142980
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1Z8KePkGTdHJ6swEhw8h7bqjNgMgIC6KVbkp9LERADQiwPB0pGEnan5UflBU4krYge63n23CqJDADVxxEX7XMTQiO2LiRkAL0NeqJuCGvCwwbER9GRY2TQqe32KgI00Sey0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=20.999908
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b66e10b4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/ff4edc9f8feb23fad74ef845533b1046_100x.jpeg | 104.19.235.103 | 200 OK | 3.1 kB |
URL GET HTTP/3img.staticdj.com/ff4edc9f8feb23fad74ef845533b1046_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashaea58abc1821b06e732cbf48902b0d3e fdc8d79a2c906037af1eb76bc3291c52356c12c7 f935a617dde7953226058623b60e00f0b3fd5041c12a10e440378868d5bbc441
GET /ff4edc9f8feb23fad74ef845533b1046_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 3142
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="ff4edc9f8feb23fad74ef845533b1046.webp"
expires: Sat, 23 Mar 2024 09:13:55 GMT
request-id: 4191f7d8-81e0-4791-a9bf-5c0941007ec4
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 4191f7d8-81e0-4791-a9bf-5c0941007ec4
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Mar 2024 08:13:55 GMT
cf-cache-status: HIT
age: 735520
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NJz9PKR6dydPM8z2xJGs6p53yINGpnpTWkkR9fXweWA4nPaSxKHlAabbmmrbkBvEYnHmF7UUbn6%2FEFGOmgoT12HszC%2FkrWxDBfNIKhk8XM2yftnGd11D9ulpb%2FXZOt2pmGE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=25.000095
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b66e16b4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/706b0aab69dd77b0c961cf8dbb30c37e_100x.gif | 104.19.235.103 | 200 OK | 5.5 kB |
URL GET HTTP/3img.staticdj.com/706b0aab69dd77b0c961cf8dbb30c37e_100x.gif IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashd3ac7e59e47e3e859f675b70f56ef667 fa71cd2b734a7a4748c30b30f995a80c765280f7 b15b7e1e98284d3c2234947b8934d974e0740992c0ec3b2a07bf92c72fa23a0c
GET /706b0aab69dd77b0c961cf8dbb30c37e_100x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 5474
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=9718
content-disposition: inline; filename="706b0aab69dd77b0c961cf8dbb30c37e_100x.webp"
request-id: 2efa763e-d085-4a5e-8312-9a5296da1f6e
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Wed, 17 Apr 2024 17:47:38 GMT
cf-cache-status: HIT
age: 142979
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rY7a1Byx%2FXS8%2Fdph6FaNNbh4iP9oiypbKMg%2FZDNk5wuloCeiO8ngE5Qxicki0Fa%2FntHgw7TiaccEh4lxZhlipwZgNQrOUZDz5pN3MNAz0%2FVsx%2FZqts5Jhl%2B9SNx6e70v5vk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=13.000011
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b67e30b4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/dd51b3cbd397fca23e13c19abea4b9ff_100x.jpeg | 104.19.235.103 | 200 OK | 5.5 kB |
URL GET HTTP/3img.staticdj.com/dd51b3cbd397fca23e13c19abea4b9ff_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash5a7decf8f4229f976e0140f63c42c3c9 8fed3d8f86165021156bee40a499d58b0f7f783e 083cd65b8a726ca0b91db7d07ab3199f2a5509363270f788adaa2068941a6768
GET /dd51b3cbd397fca23e13c19abea4b9ff_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 5476
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="dd51b3cbd397fca23e13c19abea4b9ff.webp"
expires: Sat, 23 Mar 2024 10:43:57 GMT
request-id: 70eacc54-d9cf-48cb-b85f-803d469a64ae
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 70eacc54-d9cf-48cb-b85f-803d469a64ae
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Mar 2024 09:43:57 GMT
cf-cache-status: HIT
age: 52393
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K8iDukFz0LULHDLQzWxajvPMhSg%2B44s5XCTT9ymKnW8LBgJX0RahTtifdi7Yb7COXRWGi0SNbmVYuNObCOq5m6jj7jqhD%2Fkz0XwYLx44qzC20ukX8d2cGeGvEM3m11WGMl0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=16.000032
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b67e27b4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/8da1e1a7efc32d52933797747822caad_100x.jpeg | 104.19.235.103 | 200 OK | 5.5 kB |
URL GET HTTP/3img.staticdj.com/8da1e1a7efc32d52933797747822caad_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashb8d6601b5dd6fced248d5ae1b3908f2c c7c69ff0ba15031f2054e75af3a5c64d0bbecce9 c488c65d3ca13fa9098c13f23f090838176968ccf0e4e5158a9943a6188fc864
GET /8da1e1a7efc32d52933797747822caad_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 5468
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="8da1e1a7efc32d52933797747822caad.webp"
expires: Wed, 06 Mar 2024 20:02:02 GMT
request-id: 71063f1c-84a3-486f-93bc-6a350396ead9
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 71063f1c-84a3-486f-93bc-6a350396ead9
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 19:02:02 GMT
cf-cache-status: HIT
age: 735520
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wmNupwX6dnzXhfrpTpt8S6cpNUR0NSlWqSm97nx%2FsjiILyc8E1n5OiJiHWcZUvhWPOLuQqnoL58fEt%2FP5ejxy5XIUScBtjwNrwcVL2yDakq7YQ9XtDhr3iSjJQj8sUtJ9hE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=32.000065
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b66e0ab4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/debfb8e4dacf20f6c4af762c205ab1e5_100x.jpeg | 104.19.235.103 | 200 OK | 3.1 kB |
URL GET HTTP/3img.staticdj.com/debfb8e4dacf20f6c4af762c205ab1e5_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash22e1aa1d218c8b6ed19fbac3879737e9 09b90ce6e7ea66d455f65a0bce5f98e33d1e2732 a58dfee137102ebbdf58f3d24b1565616c46adf0d47cf7dc034dd5a1ec9ab1fa
GET /debfb8e4dacf20f6c4af762c205ab1e5_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 3102
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="debfb8e4dacf20f6c4af762c205ab1e5.webp"
expires: Wed, 06 Mar 2024 20:02:05 GMT
request-id: 4410643d-c9a2-4c3c-bb3d-8fc78711e4dc
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 4410643d-c9a2-4c3c-bb3d-8fc78711e4dc
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 19:02:05 GMT
cf-cache-status: HIT
age: 1072533
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=md8pBPtFJd321bkfp4IfN%2BGC%2Fud79n%2B1OtZng3NPyjsd1ZjphdU1qH1XwAy8dcMucYYBG4Inv7EAZSQi6LhnHosT%2FGB%2BgFUXBC8VL1p%2F5lzSdY3OF%2FI%2F6gje1zy3U%2BDElng%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=23.000002
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b66e20b4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/b2439535bc4d1194f5e3698c8beffa37_100x.jpeg | 104.19.235.103 | 200 OK | 6.1 kB |
URL GET HTTP/3img.staticdj.com/b2439535bc4d1194f5e3698c8beffa37_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash00ec29b63d622a98dd7cc28600480349 7489431bd7be61d351cd4e8f1d635aa70074b9c6 7f40e82134f1f1cbe7a47a2911c5d13d3fe65fec874f3e6e2ce7dc5cf8d1603d
GET /b2439535bc4d1194f5e3698c8beffa37_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 6056
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="b2439535bc4d1194f5e3698c8beffa37.webp"
expires: Tue, 19 Mar 2024 12:01:08 GMT
request-id: 7375877b-f21a-4430-a92a-e6751d248376
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 7375877b-f21a-4430-a92a-e6751d248376
x-xss-protection: 1; mode=block
last-modified: Tue, 19 Mar 2024 11:01:08 GMT
cf-cache-status: HIT
age: 2724902
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wmqQGH0Er7Jr6fJkl4wxxbTeznue2nyDsx6qi%2FAkCmOj5wOipCUU%2B7zpatrqIRRBdU0pJtmZS70lkzBWmeAq%2BBwy6sIqaANeVQvUyaH93%2BDSfeeBgz2vqQUVLd9xBrWz9SE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=23.000002
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b67e28b4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/390237f8831322dc5db1f4a87c8d4cb4_100x.jpeg | 104.19.235.103 | 200 OK | 2.4 kB |
URL GET HTTP/3img.staticdj.com/390237f8831322dc5db1f4a87c8d4cb4_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash309e70a7e11577476a73c203935caa99 d702149af3fa2dffc6f697e2cdb9ea265cb630b9 ff535ef033b0e906e7fabcb17346c61b1018068b4f358a71c345bb67fa0ac5dc
GET /390237f8831322dc5db1f4a87c8d4cb4_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 2370
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="390237f8831322dc5db1f4a87c8d4cb4.webp"
expires: Wed, 06 Mar 2024 23:34:19 GMT
request-id: 2ca2ae89-7d89-4074-b3c9-d1f6bc901230
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 2ca2ae89-7d89-4074-b3c9-d1f6bc901230
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 22:34:19 GMT
cf-cache-status: HIT
age: 1072533
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VigJclj48E3yPLKGV4IEg5CwQM2Q0XTFbvgUf9H0tCvjRVwc%2FxHFWyLEoGlgVGVvYqGIMfeE9BsewXnkFSebGda2YIgzSscZVxwfzcUDs1pqYQ1LO1RLXkN6WxKdx3WLwlo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=24.999857
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b67e24b4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/c07c90db188eb5558686d6e3cba11863_100x.jpeg | 104.19.235.103 | 200 OK | 2.3 kB |
URL GET HTTP/3img.staticdj.com/c07c90db188eb5558686d6e3cba11863_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash159a287adca47ba28cc23f7007b512de acf6fa74ab7fea8014fb4464c77f254cda490468 269f0e3ee6df922cd2fc38d9c16a64d4c434224ee5fdd10689befdba2c2b2b70
GET /c07c90db188eb5558686d6e3cba11863_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 2280
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="c07c90db188eb5558686d6e3cba11863.webp"
expires: Fri, 08 Mar 2024 06:19:35 GMT
request-id: 8324d96d-0653-4f64-960f-042266a8e765
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 8324d96d-0653-4f64-960f-042266a8e765
x-xss-protection: 1; mode=block
last-modified: Fri, 08 Mar 2024 05:19:35 GMT
cf-cache-status: HIT
age: 2724903
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qEbexxNdaOaoEOHJn%2BRAXbJ4GW9JUkxV29TC2Q24%2F7yrTmdABZ3MWXnnSpnZv63kKKo1318NQ94bkMgDmhBF4k5K1svQxxVAulPR81AtjwHBbfIfc45SM5fPH90Cg1Wn49I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=15.000105
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b68e34b4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/df40a88624b210c98b1d8221f8539b79_100x.jpeg | 104.19.235.103 | 200 OK | 5.6 kB |
URL GET HTTP/3img.staticdj.com/df40a88624b210c98b1d8221f8539b79_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash46416c5ba10e11325d905a330124ad6f 32ba931880dc2a4f250d2b25e164b6418153a5f2 231f73b33d461b965eb8aad74a34c69c5dca0b2c27858c7f852bd554aa3d5d77
GET /df40a88624b210c98b1d8221f8539b79_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 5590
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="df40a88624b210c98b1d8221f8539b79.webp"
expires: Wed, 06 Mar 2024 23:44:04 GMT
request-id: 3c23a506-97e7-4fb5-8103-dd939a5e9817
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 3c23a506-97e7-4fb5-8103-dd939a5e9817
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 22:44:04 GMT
cf-cache-status: HIT
age: 2724903
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RyBx9tyxaKAGGbXDlnP%2B5LkFm2TijpFohcNE%2FxKInNrsHm%2BxbF67h8nKLIgEJ0S9O%2B915J2BjKVVkujzHGPEJPBaw%2FbG6CmPAJiJFpWZ0E2CyQGaYi4HrZ87uf%2BC2HW46r4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=24.999857
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b67e2ab4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/74ef331e09d70cfa31f8b60255227d84_100x.jpeg | 104.19.235.103 | 200 OK | 4.4 kB |
URL GET HTTP/3img.staticdj.com/74ef331e09d70cfa31f8b60255227d84_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashb050e4ba5a7966a4debaee837cea66de 892a45a8ee95cbdebd36b255b333f88468681726 3954ae88fb4fcc818e9f86f16fe903f84261d493e074d4ddaa137d9f5b4c3827
GET /74ef331e09d70cfa31f8b60255227d84_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 4384
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="74ef331e09d70cfa31f8b60255227d84.webp"
expires: Mon, 18 Mar 2024 20:54:13 GMT
request-id: c978d044-650a-4502-ae47-a73966d88ec0
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: c978d044-650a-4502-ae47-a73966d88ec0
x-xss-protection: 1; mode=block
last-modified: Mon, 18 Mar 2024 19:54:13 GMT
cf-cache-status: HIT
age: 2724902
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FqWxCd01lYp%2F%2FKcwG5ElKDSHVu%2FnhskR64RdyO%2BQ1DdHPpv3y0OP6IloSW5E7fVelvHp93H3g%2F%2Bx%2FX9XrRVYXHM1Q4fSWJMSeEkRgDXkWgYczqyRG8rg9rZFikCkbk6S1wQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=32.999992
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b66e1cb4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/ca7576731760e11e12dcc5eb9f3744fe_100x.jpeg | 104.19.235.103 | 200 OK | 5.3 kB |
URL GET HTTP/3img.staticdj.com/ca7576731760e11e12dcc5eb9f3744fe_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash612cb7dd2d785cb4784a26df05e4b5c7 bae921244322088a1f3d1a48f8074c12beb47de1 2e054dd90deba4cf6fcbf8af70b65216afc754d593a7bf110652141a24303cc3
GET /ca7576731760e11e12dcc5eb9f3744fe_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 5300
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="ca7576731760e11e12dcc5eb9f3744fe.webp"
expires: Wed, 06 Mar 2024 20:02:06 GMT
request-id: c91ce225-31a4-4870-b20e-e8d02fb2c2ae
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: c91ce225-31a4-4870-b20e-e8d02fb2c2ae
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 19:02:06 GMT
cf-cache-status: HIT
age: 2434185
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uVv4CmBkLkGUxLSfm5dkqGcfWWpZuwBCzz3%2BqawaEeIM9VstNoUGJOrhq4tWCvuUR0InRhzNOqRM9SFwz1Dht0HpiXyMe4OWl%2BIphNTlD9VwFVogeH0lCrbHGji92VTxCnE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=30.999899
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b67e26b4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/ce1685b8c6ee64f0a6a62616900beaca_100x.jpeg | 104.19.235.103 | 200 OK | 5.5 kB |
URL GET HTTP/3img.staticdj.com/ce1685b8c6ee64f0a6a62616900beaca_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashbab263567cbbc100807a7c743527816d 50583c81a6b091a98ec9f13a4ff992be59427fc1 37065fe7a81138315e3f7d1be66f941b4ee1641d1bb15d919601a157d94c44ca
GET /ce1685b8c6ee64f0a6a62616900beaca_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 5518
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="ce1685b8c6ee64f0a6a62616900beaca.webp"
expires: Thu, 21 Mar 2024 09:36:37 GMT
request-id: 5761189e-823d-49fb-a0df-acc0a3e67f2a
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 5761189e-823d-49fb-a0df-acc0a3e67f2a
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Mar 2024 08:36:37 GMT
cf-cache-status: HIT
age: 1072533
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wprOyCFbi%2FOCQwXuEkRn5XL9lE8XUNVJ75%2FpVQlsZmXS%2BtysMezleGal1w1UfMWrNE3gfb2BN35F%2BqWofexcmT4gef%2B2FgRKoJ7ByqaAkJ2ciV8SzfpTuxV58K6TfImHFB8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=29.999971
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b67e2eb4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/54fe4a6cce98f14244804e0c43ff48d0_100x.jpeg | 104.19.235.103 | 200 OK | 1.9 kB |
URL GET HTTP/3img.staticdj.com/54fe4a6cce98f14244804e0c43ff48d0_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashc2f88f71eee4da1c3a42c6b7ef72668c 862e9da4023b60dffa58d4e725506240369df751 147c70483c2776c5aeeada3e45e6f07ab92b1bcc68753021e59988e6fa2bdf27
GET /54fe4a6cce98f14244804e0c43ff48d0_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 1904
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="54fe4a6cce98f14244804e0c43ff48d0.webp"
expires: Thu, 30 Nov 2023 14:13:56 GMT
request-id: c51b5f37-806a-461e-8cb5-55238ceaf532
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: c51b5f37-806a-461e-8cb5-55238ceaf532
x-xss-protection: 1; mode=block
last-modified: Thu, 30 Nov 2023 13:13:56 GMT
cf-cache-status: HIT
age: 4958777
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XvvbqOMqyHYhisbOM%2BiUG8TxUEjP9aqMAhMbWA8OVtKrh8JDJQTA58AwW7qlOixEDPwxXu5KLdLXwylxYD4aisAun5SmSSC2b4CJ1HU4xiGKJG75i%2BeZaQYU9yeVo6l85Y0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=23.000002
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b68e38b4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/d31eb7a33614c54bc564e6fd60428233_100x.jpeg | 104.19.235.103 | 200 OK | 3.4 kB |
URL GET HTTP/3img.staticdj.com/d31eb7a33614c54bc564e6fd60428233_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash9f110dfa3d480cb689b095677850243a 9830750faf525ce0895bb1a05c7dc36f6df31645 3ce3f447f9a267e4d7d9b182ef3a390cb448732e9832bd6048ed1b692e1fbaad
GET /d31eb7a33614c54bc564e6fd60428233_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 3392
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="d31eb7a33614c54bc564e6fd60428233.webp"
expires: Fri, 22 Mar 2024 13:20:10 GMT
request-id: 1e31eb3f-bdd5-4ec0-a3cc-aa75dd7ca298
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 1e31eb3f-bdd5-4ec0-a3cc-aa75dd7ca298
x-xss-protection: 1; mode=block
last-modified: Fri, 22 Mar 2024 12:20:10 GMT
cf-cache-status: HIT
age: 1072533
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j2Xyo0HVYiezYPRw4syftjjcCp83%2BCEZQLD86DIfXLAGvCDFjvveAC7n700otmjIoEMX3kgd1SfR0Iy7wvZ0UQ%2F9TYgcpZZdfkjj1XCAEktrQGrwkLomh0lfObg2Sq1dSSA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=27.000189
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b68e39b4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/d4c160624c8818a0376061feb47462ac_100x.jpeg | 104.19.235.103 | 200 OK | 5.7 kB |
URL GET HTTP/3img.staticdj.com/d4c160624c8818a0376061feb47462ac_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hasha563f0adf30eba05a3ed6048fe85411a 936e77c87224f2a0ea9c1b547f2feba39ec00143 95486c5aecb81d6bf32bc7b71900a4949329a1aeb98e40985a52d41030f63617
GET /d4c160624c8818a0376061feb47462ac_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 5672
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="d4c160624c8818a0376061feb47462ac.webp"
expires: Thu, 21 Mar 2024 10:36:40 GMT
request-id: 378762c7-f82b-41f8-a808-70b3e4f19049
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 378762c7-f82b-41f8-a808-70b3e4f19049
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Mar 2024 09:36:40 GMT
cf-cache-status: HIT
age: 2724903
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=raFPsrHCLDL2sKD522hCZLYCX5N4xZKhD8SWSmUE19dvryC6Dr6loyFHOBCHjFqnZgnTyrTNNNtEXQ%2BR0xFFC%2FKcQSo9U7ty8vorpG3qW9qNUl8S65FRYmdITUTw8MYi3z4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=13.000011
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b6be6fb4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/2aa3496fd6f3aa7cf73f523f4eeac087_100x.jpeg | 104.19.235.103 | 200 OK | 3.8 kB |
URL GET HTTP/3img.staticdj.com/2aa3496fd6f3aa7cf73f523f4eeac087_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash4238b0b941b556b27d945b8f137fa635 f7df95772c3c8807f8476058e764de4c9d8d5c2e f7d77298c937ae5c90b3d970f8f2c5e7b723e40bf79de6269bd9229b54918884
GET /2aa3496fd6f3aa7cf73f523f4eeac087_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 3788
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="2aa3496fd6f3aa7cf73f523f4eeac087.webp"
expires: Fri, 22 Mar 2024 09:22:58 GMT
request-id: 5859122e-b02d-47b9-9fab-cb93dcc0f697
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 5859122e-b02d-47b9-9fab-cb93dcc0f697
x-xss-protection: 1; mode=block
last-modified: Fri, 22 Mar 2024 08:22:58 GMT
cf-cache-status: HIT
age: 1072533
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NSb3aObCJ8n9wovwe%2BkZh9%2BaZa7zRxOfI56L8NVzhufnI8ma9urFOC%2B0Py2BimgrnC3BBeDk9uquhe2K0k62uja6sc5nWWrBrLTRs2EWIxY40CjYorvBu523kGqml2g5ECI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=15.000105
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b6be6bb4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/dab6e69237c3b8b86ad69740387af70a_100x.jpeg | 104.19.235.103 | 200 OK | 3.5 kB |
URL GET HTTP/3img.staticdj.com/dab6e69237c3b8b86ad69740387af70a_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashaf0fa7b3c972b176b247e43da921cdf9 d6625b8fa81f90dc54770cb644e78dc5706ec582 53198496bd049832588634b7b28494d029a6e95d2f95cc63a3a315cce1af7cac
GET /dab6e69237c3b8b86ad69740387af70a_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 3504
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="dab6e69237c3b8b86ad69740387af70a.webp"
expires: Wed, 06 Mar 2024 22:17:41 GMT
request-id: 4509fb2d-c2be-4abc-bd5a-f88a629cbc33
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 4509fb2d-c2be-4abc-bd5a-f88a629cbc33
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 21:17:41 GMT
cf-cache-status: HIT
age: 2434185
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r5Xh%2FuXdgHlVhtdjV7becjdlc7xkML3Qa4Vnv9GVZDU%2B6e%2FcHYhvSP74QINFrPTGxFwzXYgvDsJYESEa0A6S9Jv9E70XqVRBq7UinV8u68C1%2Fay4yFyo0oWWXH0VMDBGOWg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=15.000105
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b6be6db4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/Ajax/GetMinCart.aspx?type=&r=0.9360356141702216 | 188.114.97.1 | 200 OK | 7.1 kB |
URL POST HTTP/3www.rosequake.com/Ajax/GetMinCart.aspx?type=&r=0.9360356141702216 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
Hash52733d7065168773501175b02368ce4f 9fa99e4ae056bba023987252dc227e57980a375a 82e5034b8a158462ac520bc23d5c81b8a93d839c742de19d4059c37df70e390c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /Ajax/GetMinCart.aspx?type=&r=0.9360356141702216 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 11
Origin: https://www.rosequake.com
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw; _gcl_au=1.1.1780305057.1714164860; _ga_B1QS3P765Z=GS1.1.1714164861.1.0.1714164861.0.0.0; _ga=GA1.1.379596347.1714164862
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: application/json; charset=utf-8
cache-control: private
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BtEm1w8shzO%2BwYbJaTrXeRES0KSAljO%2BsGEmTYLUnmnN01qoKN%2F2l99AAVMrMzmLGNGe9itKMapKhg8oFy1kH0Z6t%2B1YKz6Apxz0yCyK5j6kA7ywSgEn0QgVXQuFrzZGTPOoGw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977b34e3f56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/2f931445ef6ce220d149806eec5bfef9_100x.jpeg | 104.19.235.103 | 200 OK | 7.9 kB |
URL GET HTTP/3img.staticdj.com/2f931445ef6ce220d149806eec5bfef9_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash57707a103590555bf483df57b1f76bd5 22270f1fbbe3d8ffd8283813126debd748667d7f 2a29004e5c4c66eb954004a01d14307ebaece558236fa7ae06b361a7456b7cc4
GET /2f931445ef6ce220d149806eec5bfef9_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 7854
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="2f931445ef6ce220d149806eec5bfef9.webp"
expires: Wed, 06 Mar 2024 20:02:08 GMT
request-id: cd7a1d3b-56f1-4c49-9ef7-d67cc2934875
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: cd7a1d3b-56f1-4c49-9ef7-d67cc2934875
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 19:02:08 GMT
cf-cache-status: HIT
age: 1328496
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3%2BosoKhJnRT7dUF0taqVr3ICCFYv4PGyiOqGEXQ7K4JO9YvJO96IcXSFDfCSB5gTdU0dIFudZvGD29idkXZj0VuXfLa1Zfu4KNc0jb0cNTEP%2FFJyk0hv6Z19XrQne4uK8hs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=25.000095
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b6be71b4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/ee9abcbc18be04ca41d287a786c6eb40_100x.jpeg | 104.19.235.103 | 200 OK | 5.8 kB |
URL GET HTTP/3img.staticdj.com/ee9abcbc18be04ca41d287a786c6eb40_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash1b587e71059ad839e608324aca95ccfb 7ff274bd3c3dfb32eee6ec395602642580adb490 49ed4dce56ab4ee84d1e56a3f916c9130a105f3de70738c3df06c8573e25b382
GET /ee9abcbc18be04ca41d287a786c6eb40_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 5776
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="ee9abcbc18be04ca41d287a786c6eb40.webp"
expires: Thu, 21 Mar 2024 10:36:40 GMT
request-id: 5602b8ba-2854-4a43-9169-f127ecb861b4
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 5602b8ba-2854-4a43-9169-f127ecb861b4
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Mar 2024 09:36:40 GMT
cf-cache-status: HIT
age: 1072533
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VzCAetfDvx6A1fm%2FiW8NHbQ1jGdJ2%2FJTeYdtITNEiaeSAfbu9ve5lMKOcPf9ZyM72YVlEnb6pfNINjHNfOAZEeMcDsjmA2yBe4c2%2Fh4MnMsbVulP%2BN8SSCXZEn5q8f7P2lg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=22.000074
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b6be72b4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/0d9b5d0e5320655d89515246767e012c_100x.jpeg | 104.19.235.103 | 200 OK | 4.6 kB |
URL GET HTTP/3img.staticdj.com/0d9b5d0e5320655d89515246767e012c_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashf5ce53c174243ecfea2bb0f9cc50df71 5d76d76dec34219cc2a10892463e4c68a1a1e109 06bc2fe9ffb45512dfa6700b6d67a69088ca46df624912415e894fdbafec925d
GET /0d9b5d0e5320655d89515246767e012c_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 4580
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="0d9b5d0e5320655d89515246767e012c.webp"
expires: Wed, 06 Mar 2024 20:02:08 GMT
request-id: 89d28de3-8ef6-40c3-a2ab-ae320afe6cc5
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 89d28de3-8ef6-40c3-a2ab-ae320afe6cc5
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 19:02:08 GMT
cf-cache-status: HIT
age: 1982998
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L4reKbcIbL1cYUO0OadYWsvfOG%2FDAWb6IkMaFanenlkAtdblEld5krDdP27Er45QvlxNRc9hVjXX3X03Rp1uxhU9%2B12r%2F%2FPGBloMQk8EsbKdQt1sLXSktgYtCrwVMI15O2E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=13.000011
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b6be73b4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/a8ef1b6b0b5bb394bf747c2d7581916e_100x.gif | 104.19.235.103 | 200 OK | 9.3 kB |
URL GET HTTP/3img.staticdj.com/a8ef1b6b0b5bb394bf747c2d7581916e_100x.gif IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hasha833a97ba6f247894e9921bac9c2efb9 17e01c550fb24bc7cdba378e9e6e4e247a3bcf5a db278bfed75528096b3e6e5b4601bf69b6dfed032059472b104e91b0cb274a90
GET /a8ef1b6b0b5bb394bf747c2d7581916e_100x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 9286
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=21271
content-disposition: inline; filename="a8ef1b6b0b5bb394bf747c2d7581916e_100x.webp"
request-id: 93ab2e69-4bff-437c-b58a-c9863c0a0d4a
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Fri, 22 Mar 2024 00:11:04 GMT
cf-cache-status: HIT
age: 2724903
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oc%2Fo7Nnibg2p3LWXdUc2zyJrmh6xAlsoaFupA%2FenmwTxqq1n05je5FFrj0EGCFYnFsbrBzeE62TyKO73f9UV2i8fIDk5CRg64ynMd3RA1ZsP5WPvSuvcYyPOMFBHXJoTiO4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=13.999939
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b6be74b4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/images/starIcon.png | 188.114.97.1 | 200 OK | 2.8 kB |
URL GET HTTP/3www.rosequake.com/images/starIcon.png IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typePNG image data, 80 x 96, 8-bit/color RGBA, non-interlaced Hash80b32f34f8b4a9310abfc8d91ca5a6f8 29b5f72686bfe80f4f1ed1ad4765645285cc13c2 74c692972ae3c1c83ac74969fc5c7891d5de6abdfb69625a21a2e777739bb16a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/starIcon.png HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/static/CBDStyle.css?v=cac22025232-20240427
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw; _gcl_au=1.1.1780305057.1714164860; _ga_B1QS3P765Z=GS1.1.1714164861.1.0.1714164861.0.0.0; _ga=GA1.1.379596347.1714164862; cf_clearance=kbCUiwrgr269rrXfQfhT2.QA72LxwNcT_RGTVyI8PZk-1714164861-1.0.1.1-IUuCBYJG.SHnX3ZpoOA4LNplNS2TjQnYKA2dG2IgHVKRUxUTJhzUEMKsgAEL8hgn7cK8R1I.BdEYxFrGMYLejA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/png
content-length: 2824
last-modified: Thu, 17 Aug 2023 21:46:57 GMT
etag: "8f436e5854d1d91:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5624
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NUAc%2FnMrZzrgLGtq76ztY5CQoGdHyYhXIt9hZq6YKxWixWHu%2Bt6soOtWTmvUmT4ZnGEWsKne0eBk6V3PgXv57LXLlXqyJ8Bvn2aZLJGvpj7FMsiwXPPuz27v%2FJEbne7ZOPS3gg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977b7baf056c4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/js/layer.mobile/layer.js?v=cac22025232-20240427 | 188.114.97.1 | 200 OK | 37 MB |
URL GET HTTP/3www.rosequake.com/js/layer.mobile/layer.js?v=cac22025232-20240427 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (3204) Size37 MB (37330158 bytes) Hashdd2d9abc4f31f7e0b5eadde59641632e 98b28a118b5211190bf368bd437d8a26e752fa63 772e7cd4bcdb897178cadf50cd8a97f99fcfc39027c02fb4ff20b7fe053d2af3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/layer.mobile/layer.js?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: application/javascript
last-modified: Fri, 19 Mar 2021 17:46:56 GMT
etag: W/"0a886dae71cd71:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IkudUOnuYjmaqC1YoBxwMpBzwgnS%2BlRmEa33Klv2qVcNmaNoVdbGSUjrI02O%2BO0i%2FSghlAwuTTmwYnSkGgwB578CDKs%2BrGYn1E4OB2ouuNCPAe5yyYmh%2BDYjDDfpZiikAhDHoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a21c1356c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| global.akating.com/images/e7324f65a97f479eae35dea57525995b.jpg | 104.21.11.35 | 200 OK | 166 kB |
URL GET HTTP/3global.akating.com/images/e7324f65a97f479eae35dea57525995b.jpg IP104.21.11.35:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectakating.com FingerprintA8:7E:17:08:6D:10:CF:53:D4:98:D4:CE:50:7C:4A:15:9B:62:1D:62 ValidityFri, 19 Apr 2024 10:57:59 GMT - Thu, 18 Jul 2024 10:57:58 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 24.7 (Windows), datetime=2023:10:29 15:20:47], baseline, precision 8, 1900x600, components 3 Size166 kB (165578 bytes) Hash93ed4410afe4d281d98ed1fe5f887098 12bee450a2725f1a0441fc8b4c4b80c4d34f7140 736a26f8c9508e3d094d96999cab2845e0389abd9bce3cfd194cfa50dad3727e
GET /images/e7324f65a97f479eae35dea57525995b.jpg HTTP/1.1
Host: global.akating.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:25 GMT
content-type: image/jpeg
content-length: 165578
last-modified: Tue, 28 Nov 2023 21:41:01 GMT
etag: "46d99f944322da1:0"
x-powered-by: ASP.NET
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 5625
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ri%2BIt3OEL61U0Gb9JFRhzfwheUqQWS3j3O6jVz%2B%2FGTJEX8HmKAnnYstZ%2B64yYz4NBEgOyhScftE2rpKjeKv5AgbWLG%2FoHvWJ7Ka5HjwRTXbY%2B4Ua7OFd48oP%2F2vhlEwmRNwgYjI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977c6ecea5694-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/images/rose/07b6e3s5debve63c9e9.jpg | 188.114.97.1 | 200 OK | 728 kB |
URL GET HTTP/3www.rosequake.com/images/rose/07b6e3s5debve63c9e9.jpg IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1900x600, components 3 Size728 kB (728405 bytes) Hash07b6e375a5deb69b6d1aa3be7e63c9e9 4c7993ef917884ffb1f9ecc77b29f12501e6fdcf bf5f7ca6102bc3c0668bc498a3854136a36d9301bc8a1b7162c386ec04c7f09f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/rose/07b6e3s5debve63c9e9.jpg HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw; _gcl_au=1.1.1780305057.1714164860; _ga_B1QS3P765Z=GS1.1.1714164861.1.0.1714164861.0.0.0; _ga=GA1.1.379596347.1714164862; cf_clearance=kbCUiwrgr269rrXfQfhT2.QA72LxwNcT_RGTVyI8PZk-1714164861-1.0.1.1-IUuCBYJG.SHnX3ZpoOA4LNplNS2TjQnYKA2dG2IgHVKRUxUTJhzUEMKsgAEL8hgn7cK8R1I.BdEYxFrGMYLejA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:30 GMT
content-type: image/jpeg
content-length: 728405
last-modified: Tue, 10 Oct 2023 19:39:16 GMT
etag: "537b5874b1fbd91:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5627
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0sExSOtL13D6R%2FYUQi2xErX36QBcY28tmLqazF5X2yPvcLLH9sZbatUdVyVgV5qcdWQmwpkBPV2iBtcjgjZ5I8xE%2Bi9y7a4it3yfT1kivYFjwSvLCa8BefQbv0tqG7jJINiFww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977e85d2956c4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| we.chatsoftly.com/agents/images/cbdshop/agent_offline.png | 172.67.194.34 | 200 OK | 4.5 kB |
URL GET HTTP/3we.chatsoftly.com/agents/images/cbdshop/agent_offline.png IP172.67.194.34:443
Requested byhttps://www.rosequake.com/ CertificateIssuerLet's Encrypt Subjectchatsoftly.com FingerprintB5:CE:E5:95:0F:6B:BB:E2:D4:E0:32:34:86:00:B8:EB:C8:3F:A6:E5 ValidityWed, 06 Mar 2024 04:41:15 GMT - Tue, 04 Jun 2024 04:41:14 GMT
File typePNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced Hashf31b27f2dd78d85a52e0588a7e7698ec a601d2b2098b159d3ebe1508ff87b76131a691d6 585a9c155c15c0ba3be761b5ea54fa8fa897e888ad1d415edacf1792d7ee2c54
GET /agents/images/cbdshop/agent_offline.png HTTP/1.1
Host: we.chatsoftly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:30 GMT
content-type: image/png
content-length: 4458
last-modified: Wed, 14 Apr 2021 15:07:35 GMT
etag: "54f5cbe63f31d71:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5630
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z0Mt1PzV8EZw4MN1SkTGxtJ4K5OSA1WZlWm6q8gOkLu%2FVqIfAajZIhEXpEN8LHWNeA35aqLOf5cZHYLdNlBDSvROi5ULMx94A5Q9bPnFt5psyI%2FXSduRYlcARbOUEJqyLwlZXw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977ea9edfb523-OSL
alt-svc: h3=":443"; ma=86400
|
|
| we.chatsoftly.com/spa1/im_web_plugins/out_config.aspx?id=9&company_code=RoseQuake&language=en-us&session_key=&callback=udesk_jsonp0 | 172.67.194.34 | 200 OK | 6.0 kB |
URL GET HTTP/3we.chatsoftly.com/spa1/im_web_plugins/out_config.aspx?id=9&company_code=RoseQuake&language=en-us&session_key=&callback=udesk_jsonp0 IP172.67.194.34:443
Requested byhttps://www.rosequake.com/ CertificateIssuerLet's Encrypt Subjectchatsoftly.com FingerprintB5:CE:E5:95:0F:6B:BB:E2:D4:E0:32:34:86:00:B8:EB:C8:3F:A6:E5 ValidityWed, 06 Mar 2024 04:41:15 GMT - Tue, 04 Jun 2024 04:41:14 GMT
File typeUnicode text, UTF-8 text, with very long lines (2820), with no line terminators Hash6c3948ad373d8ae7a243a0e281a54ba4 5dbac628298993c2842f8cbe0af10dabd9eae976 47f52bbc5d89e0fd25786a55e8bfb2907e72afaa00a0ae8f69dc8da30ff324b9
GET /spa1/im_web_plugins/out_config.aspx?id=9&company_code=RoseQuake&language=en-us&session_key=&callback=udesk_jsonp0 HTTP/1.1
Host: we.chatsoftly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:30 GMT
content-type: text/javascript; charset=utf-8
cache-control: private
vary: Accept-Encoding
set-cookie: ASP.NET_SessionId=01qtkumfm55vfepnykbebpgj; path=/; HttpOnly; SameSite=Lax
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hypFUHblujVM1MvOD5xbo14kvN4wL%2FfXg1tnPqAEgksBMGmuwTxN0tg9WXQAqk81%2FsviO86%2BcX%2FupnU7jsGf6F9jkhb4lZTvDA6RGO4nX9vI4anuK90L2jctYNNTTUliPrQTkA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977e8ec94b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/images/rose/07b6e3s5debve63c0.jpg | 188.114.97.1 | 200 OK | 222 kB |
URL GET HTTP/3www.rosequake.com/images/rose/07b6e3s5debve63c0.jpg IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2023:10:11 03:50:16], progressive, precision 8, 1900x600, components 3 Size222 kB (222417 bytes) Hashfdc2b3b7d952a2bc8e01d3986045ca81 36836d21cf2e5a58df6a99cbc48e2d076914a47c 2a921ee0e9fb9e05f8d29612835cfc1aa4f28dc7f96c15ce9799d4ac84fff7b8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/rose/07b6e3s5debve63c0.jpg HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw; _gcl_au=1.1.1780305057.1714164860; _ga_B1QS3P765Z=GS1.1.1714164861.1.0.1714164861.0.0.0; _ga=GA1.1.379596347.1714164862; cf_clearance=kbCUiwrgr269rrXfQfhT2.QA72LxwNcT_RGTVyI8PZk-1714164861-1.0.1.1-IUuCBYJG.SHnX3ZpoOA4LNplNS2TjQnYKA2dG2IgHVKRUxUTJhzUEMKsgAEL8hgn7cK8R1I.BdEYxFrGMYLejA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:31 GMT
content-type: image/jpeg
content-length: 222417
last-modified: Tue, 10 Oct 2023 19:50:17 GMT
etag: "27495bfeb2fbd91:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5624
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4%2Fz05zKKqT7lZeCmHPxq5EDHWOeJD%2F4ZJf4s14Rmxwq1KJ%2FN4dfJgObpEUzcvUIavlUtOmVqQUgJb4D08m6Ot5rCY0j8RH2dWyJ0qf3PlODsJTGKmMkwADpDKHKQo72YlHL1zg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977f04d5356c4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/Images/blank.gif | 188.114.97.1 | 200 OK | 123 B |
URL GET HTTP/3www.rosequake.com/Images/blank.gif IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeGIF image data, version 89a, 75 x 75 Hashaeaad81449b30b1cfa2844c54ef496ee 2d735dd13b9faa084b4ac2778e7f0959e664dca3 52d0dbe6ba1d11ebc403a5ee2d98b707b61f48516ee2c2cf6187ace9191ae1a8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Images/blank.gif HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/gif
content-length: 123
last-modified: Wed, 13 May 2015 02:06:04 GMT
etag: "d162215e218dd01:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5622
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HOCAyPLv8e2%2BThI7kV30bP2Bzd%2BVsg6cQ%2F4AC7g4T8FvDqAjk0ETzutInG6%2FOFHGXRYs%2FQxYKvsCUgTUUNzI7LEdIXtj%2BZrY24TD%2Bpdka5YOWVcR6thAJTHGR1TzRY74jvf%2BYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977a31d5b56c4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/static/assets/sass/style.css?v=cac22025232-20240427 | 188.114.97.1 | 200 OK | 91 kB |
URL GET HTTP/3www.rosequake.com/static/assets/sass/style.css?v=cac22025232-20240427 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeASCII text, with CRLF line terminators Hash9ecdc5fe4c25c939533d5613a560b7b3 c432fd1eff96051da782463f392531d7e25f8f80 1c84f82609078a0639992c996a8b7c55f2d5b75508494cfa58deee2dbef06a21
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assets/sass/style.css?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: text/css
last-modified: Wed, 27 Dec 2023 10:52:08 GMT
etag: W/"0fc93bcb238da1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=49nFCAo4OHgaJqEZv%2BhPQyicE4aR6Rat3H1UVka%2BVKNw5UzSESAZGCb%2BfD0kMjgiCgYCNyeqTglJGH%2Fu3%2BER8t5fGqKf2cIr7eKlTsbcvxwMIb%2BszE7k83QtgQEvch8gsgN0VA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a16b1156c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/css/shop-section.css?v=cac22025232-20240427 | 188.114.97.1 | 200 OK | 20 kB |
URL GET HTTP/3www.rosequake.com/css/shop-section.css?v=cac22025232-20240427 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/shop-section.css?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: text/css
last-modified: Thu, 28 Dec 2023 19:18:46 GMT
etag: W/"06f9cadc239da1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cUUDFW3gViWYP1CSIUDJD4PST9AbIbQtx%2FgT1ils7RoDVo6Ay0P%2Fatnvxo2Nd2R%2FD021V%2BWabS5XWphAKoJ6GpQEo5mykmXFscEV70KFjDsn6OjuF4yNlhLrIXfSMah3lSfxcw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a22c2456c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/e7a0a7e798092ef2c5aa9d37afa9af98_100x.jpeg | 104.19.235.103 | 200 OK | 5.2 kB |
URL GET HTTP/3img.staticdj.com/e7a0a7e798092ef2c5aa9d37afa9af98_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashe5ac08d5ca7814fda72e410b69e84e1a c30663198c84e979d505aa405c42492cf58c8c5e 99d82ef5165f59fb83a8fe8fcd6e1bf6b36ecf8d3f372b7e491d81dc01f6d901
GET /e7a0a7e798092ef2c5aa9d37afa9af98_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 5150
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="e7a0a7e798092ef2c5aa9d37afa9af98.webp"
expires: Fri, 08 Mar 2024 06:35:35 GMT
request-id: 7c026fce-d467-4649-81f5-2803c1b12ad3
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 7c026fce-d467-4649-81f5-2803c1b12ad3
x-xss-protection: 1; mode=block
last-modified: Fri, 08 Mar 2024 05:35:35 GMT
cf-cache-status: HIT
age: 1072533
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8ffOyB6DIwFwhekN4oRXREcLT1wYjBXyvjC6n2eR8yGOQtVx4NDRTJx6TJLBx4xvbsP7I%2BebVILeqLYrcy1kH1%2F%2Bwu4itVfTFiPMKHkHoAjA4fiS3v04Nbnj%2FUr2f2bG5w8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=21.000147
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b65e06b4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| global.akating.com/files/js/chosen_v1.8.7/chosen.jquery.js?v=cac22025232-20240427 | 104.21.11.35 | 200 OK | 48 kB |
URL GET HTTP/2global.akating.com/files/js/chosen_v1.8.7/chosen.jquery.js?v=cac22025232-20240427 IP104.21.11.35:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectakating.com FingerprintA8:7E:17:08:6D:10:CF:53:D4:98:D4:CE:50:7C:4A:15:9B:62:1D:62 ValidityFri, 19 Apr 2024 10:57:59 GMT - Thu, 18 Jul 2024 10:57:58 GMT
File typeJavaScript source, ASCII text, with very long lines (326), with CRLF, LF line terminators Hash89081048f3bf7c9d5985d79e4976f359 50bb8dde91c4f95c98716d7d702617dbea18bbc7 811ec63ebf47f8ccdafdc6c39280dff6c51b980b2a94547a8b78a3e6cc0b853f
GET /files/js/chosen_v1.8.7/chosen.jquery.js?v=cac22025232-20240427 HTTP/1.1
Host: global.akating.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: application/javascript
last-modified: Sat, 20 Jul 2019 16:38:39 GMT
etag: W/"80115e95193fd51:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 6333
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p7aL2X0vbMOAFWp8c8HdBxXGoyWDz6jkHkmotWskRHgmq%2BCbg1XevDPubxGDC7xDhUBzL6SQvp1d21%2FbtKAgrwIEGiTnN3k4v2QM1iQrjnu1rFecFxxRAUSiilvbnoPsOqzSkP8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a23f13b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img.staticdj.com/da09e529a78d22acbc8323c13c5cc630_600x.png | 104.19.235.103 | 200 OK | 257 kB |
URL GET HTTP/2img.staticdj.com/da09e529a78d22acbc8323c13c5cc630_600x.png IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Size257 kB (256606 bytes) Hashb7ad50615326bfbf25dc7aaacafb5490 87e0a38db1ce414fcd2136f765b8da96afe5d949 9fd89cd7a5812ee7dac86896bd9884be484c037cb1197fcdaf7bc164ce6fd07a
GET /da09e529a78d22acbc8323c13c5cc630_600x.png HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/webp
content-length: 256606
cache-control: public, max-age=31557600, max-age=3600, public
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=459851
content-disposition: inline; filename="da09e529a78d22acbc8323c13c5cc630_600x.webp"
expires: Thu, 11 Apr 2024 23:12:43 GMT
request-id: f77d0d2d-e7d4-4c11-a66e-ceae06526476
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: f77d0d2d-e7d4-4c11-a66e-ceae06526476
x-xss-protection: 1; mode=block
last-modified: Thu, 11 Apr 2024 22:12:43 GMT
cf-cache-status: HIT
age: 1072531
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ISoKqhSL1m27RWOOdQxNBw5ZBQ7aVt6TD4FL3lOJ17cVo3CSyqqE1Mc8j696orAw%2FH0aKGe%2B3jgt0XPrR0LuE4RZxbgXfvoy%2FSF7dvus%2BU7qOnxO%2BEcc1JsFGgei9ixUJWA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=27.999878
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977a44867b4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img.staticdj.com/7dc7294d364026f639068e11fa703b18_600x.gif | 104.19.235.103 | 200 OK | 165 kB |
URL GET HTTP/2img.staticdj.com/7dc7294d364026f639068e11fa703b18_600x.gif IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Size165 kB (165198 bytes) Hash7dc7294d364026f639068e11fa703b18 5f594b9ed1b55a61858fc96fbc224614fed0b42d e2a7445b15a99a9ae4e87686a9f247a04d2e78da38f849fa9cec2646187549b0
GET /7dc7294d364026f639068e11fa703b18_600x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/gif
content-length: 165198
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: status=format_not_supported
request-id: a6c499b0-00d7-4780-b2b8-1598397d51cb
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Sat, 27 Jan 2024 14:39:00 GMT
cf-cache-status: HIT
age: 4958775
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MhFPkxiL0nqsLYufYbctvVfDXLbzU9X7q7EPrcHuBie4GL7TRP61chkQ6kiCVw%2BfdXSxEmfGwD3uIrs5Qb2askexNd9g0xf%2FC2Lauq0NRXVo%2FWl99UJCYQ%2B81qwMklm3Gbc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=25.999784
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977a44868b4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img.staticdj.com/c0e7c8a730a4dd28ef807f72cb292f64_100x.jpeg | 104.19.235.103 | 200 OK | 4.9 kB |
URL GET HTTP/3img.staticdj.com/c0e7c8a730a4dd28ef807f72cb292f64_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hasha24b8f7ca9b2b2aa64f93a540efe9367 30e1c9048df38990b9d0dd4e63388d82d5a237ac 6cc5bcbbbda841e4d9d4aaa923c8f32bf7eb70d4a92a19238ea4be7c34f23e67
GET /c0e7c8a730a4dd28ef807f72cb292f64_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 4856
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="c0e7c8a730a4dd28ef807f72cb292f64.webp"
expires: Wed, 17 Apr 2024 19:50:42 GMT
request-id: c05305e7-01fa-49a4-80b1-a9b91b313251
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: c05305e7-01fa-49a4-80b1-a9b91b313251
x-xss-protection: 1; mode=block
last-modified: Wed, 17 Apr 2024 18:50:42 GMT
cf-cache-status: HIT
age: 142981
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GkdBAlC5x8g1VbDoIWj2rKbICBgiRzpx7IGnf%2BB%2F7pCu0kOxUqBKDRQkBe8v9t71C%2FLYSXWmACCy0HjQihDf2%2FeRsWTYLR4xAXmyJzfPYAm1d5Dnksg4Z4hrZ2X9cGH%2Be34%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=22.000074
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b63dddb4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| global.akating.com/static/js/pixel2023.js?v=cac22025232-20240427 | 104.21.11.35 | 200 OK | 15 kB |
URL GET HTTP/2global.akating.com/static/js/pixel2023.js?v=cac22025232-20240427 IP104.21.11.35:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectakating.com FingerprintA8:7E:17:08:6D:10:CF:53:D4:98:D4:CE:50:7C:4A:15:9B:62:1D:62 ValidityFri, 19 Apr 2024 10:57:59 GMT - Thu, 18 Jul 2024 10:57:58 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/js/pixel2023.js?v=cac22025232-20240427 HTTP/1.1
Host: global.akating.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: application/javascript
last-modified: Sat, 10 Feb 2024 17:00:24 GMT
etag: W/"495bf2a3425cda1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 6333
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F%2BOOGdtuDStBK%2BYqIQmClcEAKXxfL2iXRMktlG9pTI5iDgiMb8DoV%2BI8C6mGGeEF8nCJs8VLBvwbnTu%2B38xxB0ylfhyTxCAWZelWPV96cYToRoQl8N6%2FLmZh7ie61NFMLPanFzQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a23f1fb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img.staticdj.com/632746d706da83e4fdc5052971513462_600x.jpg | 104.19.235.103 | 200 OK | 58 kB |
URL GET HTTP/2img.staticdj.com/632746d706da83e4fdc5052971513462_600x.jpg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashc90e5d16403043deb84d1b8b24689b4c 76d24ed464c7437b70cb4aa415ea5a3e0024273b 3f1cf1e27f4478a0f2af432d725f4a6413d17fff2dce1a12e6a11010c91a914f
GET /632746d706da83e4fdc5052971513462_600x.jpg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/webp
content-length: 58254
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="632746d706da83e4fdc5052971513462.webp"
expires: Wed, 06 Mar 2024 23:44:02 GMT
request-id: ba400a9e-cdfb-4468-a707-8b6a473cfab2
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: ba400a9e-cdfb-4468-a707-8b6a473cfab2
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 22:44:02 GMT
cf-cache-status: HIT
age: 142981
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PBMBZUBl6J36JOY4Xp5Ev8lCmyZjm4k%2Bk%2FvjCs5X%2FGl2TBnjTbEBty5OOce6NxJLm3JH68GI5WcfeNaxvkHRkCRVH%2B9lhHlkb%2FejemusyrObLvBwn5LKADNlFu4ulr5x%2Fcg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=29.000044
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977a4385cb4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img.staticdj.com/de4fef1b05b5f0293d6da27bf9e0b08d_600x.gif | 104.19.235.103 | 200 OK | 152 kB |
URL GET HTTP/2img.staticdj.com/de4fef1b05b5f0293d6da27bf9e0b08d_600x.gif IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Size152 kB (151866 bytes) Hash2777d2f066ac9a81e5ab09d9b2be6561 0c19384068669134195e35dd8858e2a13e28a0ca f21bc908138664cd6014fc302599665a19309c92f3dd85c43be7889a078e9a92
GET /de4fef1b05b5f0293d6da27bf9e0b08d_600x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/webp
content-length: 151866
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=443294
content-disposition: inline; filename="de4fef1b05b5f0293d6da27bf9e0b08d_600x.webp"
request-id: 6d404eb4-a304-40c2-9415-feeb99bc8540
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Mar 2024 19:32:12 GMT
cf-cache-status: HIT
age: 2463344
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LcjXBmB1Lo64uemuQiYXSoSQqp44kAs57OPgkxn7zBMqvOx0lgq79bePNdEMKXfkgx5nNVtCsJv2%2BtZF08m89H21mERCXT5TgNrC9sFA5lM2EHKcHjLjx0%2BvAAyhOsVLvbM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=27.999878
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977a458a0b4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.rosequake.com/js/layer.mobile/need/layer.css?2.0 | 188.114.97.1 | 200 OK | 5.3 kB |
URL GET HTTP/3www.rosequake.com/js/layer.mobile/need/layer.css?2.0 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeASCII text, with very long lines (5260), with no line terminators Hash633915e62d14a714594b95b974ee0836 e11ebb64a70272c4f35b92fea064f27c4b87efad eecc7effcae5f246e6212c30c525cee9e11cadedc7d32aa6def213f1a90d98f6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/layer.mobile/need/layer.css?2.0 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw; _gcl_au=1.1.1780305057.1714164860
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:20 GMT
content-type: text/css
last-modified: Fri, 26 Aug 2016 09:35:36 GMT
etag: W/"cffb58337dffd11:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 6334
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2eKQhIgmgWKle3%2Fg%2BOH0S3J5GdcR8SRp%2FH29EPlGoeUijuER5LC97Mwet8YJSBKdEFI7QwCMi4qJkqkWxRS%2B8t07gVrW9QE4Op8ehdsqx355pj6Vsq2Y8SOHtTkZhRNCRDmsJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977abbe6156c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| global.akating.com/files/ExchangeRate.js?v=cac22025232-20240427 | 104.21.11.35 | 200 OK | 11 kB |
URL GET HTTP/2global.akating.com/files/ExchangeRate.js?v=cac22025232-20240427 IP104.21.11.35:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectakating.com FingerprintA8:7E:17:08:6D:10:CF:53:D4:98:D4:CE:50:7C:4A:15:9B:62:1D:62 ValidityFri, 19 Apr 2024 10:57:59 GMT - Thu, 18 Jul 2024 10:57:58 GMT
File typeASCII text, with very long lines (10593), with no line terminators Hashfc715516fb030cd6858f16981ad2650c 9dc67c87ac8e4933d978c9b11a57b61d0755c6a2 c17ded04681c173e9e34c83d8666542405c276bf078da5ec06adf12ac815bbe7
GET /files/ExchangeRate.js?v=cac22025232-20240427 HTTP/1.1
Host: global.akating.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: application/javascript
last-modified: Tue, 28 Nov 2023 20:40:27 GMT
etag: W/"f460c31e3b22da1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 6333
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I%2FXlNeWBZ6IRD42Sk1TLPPyQRw02MnSKDL8ymdjm30zXLqZoksfjZ3MZqrqAeQfSHYwjKJDnc64e2Pk1AgMd0duiGR2fZnw8Hy65dAeeJEydZdzW81W6rqz7bz3p4Kchvk1GQ7g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a23f1bb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.rosequake.com/js/jquery-ui-1.13.1.custom/jquery-ui.min.css?v=cac22025232-20240427 | 188.114.97.1 | 200 OK | 17 kB |
URL GET HTTP/3www.rosequake.com/js/jquery-ui-1.13.1.custom/jquery-ui.min.css?v=cac22025232-20240427 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeASCII text, with very long lines (15422) Hashb82ec717898908396b42e0c1a61913aa fc446948bfed0cb2907aed714f9a4babf4a246aa f6414e82ba7213ea861cdc0c5bff7b72a82a5e1fd484ee456dc6d4f8e4e0d795
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/jquery-ui-1.13.1.custom/jquery-ui.min.css?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw; _gcl_au=1.1.1780305057.1714164860
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:20 GMT
content-type: text/css
last-modified: Tue, 05 Apr 2022 13:25:12 GMT
etag: W/"0ec294f048d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2172
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2RmXjV5tSgNkzeqQYKy9k1PrEC3bIl17X7etpjq8XlTfkds3peFMl1L%2FA8ZfpPw0Xa5RenteQqpcZf%2F4c95oJOTe6MQckCU%2BYoL7vmF29A5D%2Bjyp8evEX3QO%2F8mOGt9TK9z1bA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a9fcb156c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/poppins/v21/pxiDyp8kv8JHgFVrJJLmg1hVF9eO.woff2 | 216.58.207.227 | 200 OK | 8.5 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiDyp8kv8JHgFVrJJLmg1hVF9eO.woff2 IP216.58.207.227:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 8504, version 1.0 Hash88042d51a299f20ab0ddf917838fe403 a99a6d584385f86f84e893330f6ae158372b5d63 1ddb074f9963be8f6275c42dbd54d18625da8f91c85803121094ec81649f488b
GET /s/poppins/v21/pxiDyp8kv8JHgFVrJJLmg1hVF9eO.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rosequake.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8504
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 07:15:31 GMT
expires: Wed, 23 Apr 2025 07:15:31 GMT
cache-control: public, max-age=31536000
age: 308330
last-modified: Fri, 22 Mar 2024 00:00:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| img.staticdj.com/8a173242d6b06f7e37d207e9a52fabfe_100x.jpeg | 104.19.235.103 | 200 OK | 7.1 kB |
URL GET HTTP/3img.staticdj.com/8a173242d6b06f7e37d207e9a52fabfe_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash843d4c52ee68e2a33c80d1f765aa9f8f 9dbdcdc3241892b89f0d2c9d15a3af3cd2cb818a 3aa500027d61aebc2c869077a3557c875fa2ce2d8b6e68d06bcfb40053fff457
GET /8a173242d6b06f7e37d207e9a52fabfe_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 7070
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="8a173242d6b06f7e37d207e9a52fabfe.webp"
expires: Wed, 06 Mar 2024 22:17:41 GMT
request-id: 5771b02e-9e4b-4d38-b5db-a5fa40cbd19b
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 5771b02e-9e4b-4d38-b5db-a5fa40cbd19b
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 21:17:41 GMT
cf-cache-status: HIT
age: 1072533
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y25dOqOc%2B9wBUkilbcQnQCmROxQaezK3F6CoeyayRAD0KhjhTuUzPI2a0ZsujK5WsZ2siKL%2FhjvBHGCzFXrEUq5j3Hyk65ZB9riTOVZ6QxfG0P9DBzozT85SZvRYcjAocR4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=27.000189
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b6be70b4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/91d1821d40edccaf51b4152aaa2f9700_600x.jpeg | 104.19.235.103 | 200 OK | 26 kB |
URL GET HTTP/2img.staticdj.com/91d1821d40edccaf51b4152aaa2f9700_600x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash5464987d601b9a7d98debf39e0541816 808c496a338e30f1511ab043c57242314f4d1c1c 9666dbf0e6e11fa8dca6eae8a3af9d0340328fdcd6d557332e03c2b0220ef62a
GET /91d1821d40edccaf51b4152aaa2f9700_600x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/webp
content-length: 25536
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="91d1821d40edccaf51b4152aaa2f9700.webp"
expires: Wed, 06 Mar 2024 20:01:53 GMT
request-id: 63a8eb1d-fcd0-4526-99ce-6b2ff54f5cad
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 63a8eb1d-fcd0-4526-99ce-6b2ff54f5cad
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 19:01:53 GMT
cf-cache-status: HIT
age: 1072531
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0E8LJW%2BTYWKuBb1hfT775%2Fb%2FYLPUsTpEAa9%2FfuE7uVHMoC5IBuohXXx11nv9PaEIgVTiWbD5orTb8OSTAaiMkTGzRgbA1wyO6XUpDwwlbly%2Fnfj0Py6DRYBljLw9mV1c2Ic%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=33.999920
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977a43860b4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| we.chatsoftly.com/im_client/js/udeskApi.js | 172.67.194.34 | 200 OK | 122 kB |
URL GET HTTP/3we.chatsoftly.com/im_client/js/udeskApi.js IP172.67.194.34:443
Requested byhttps://www.rosequake.com/ CertificateIssuerLet's Encrypt Subjectchatsoftly.com FingerprintB5:CE:E5:95:0F:6B:BB:E2:D4:E0:32:34:86:00:B8:EB:C8:3F:A6:E5 ValidityWed, 06 Mar 2024 04:41:15 GMT - Tue, 04 Jun 2024 04:41:14 GMT
Size122 kB (122466 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /im_client/js/udeskApi.js HTTP/1.1
Host: we.chatsoftly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:30 GMT
content-type: application/javascript
last-modified: Fri, 13 May 2022 16:02:26 GMT
etag: W/"095cfd6e266d81:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5631
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D5cWKqEErHcGvgrJlP4NhA0MfwXZ1GZPHmQl6xNF2rJCwr%2F0n4oMjsyS5S2WBEkDbBC6AS7L0fk7TlV2V3lfQ96pQZRjjscpRjq%2Fj1zV%2B%2Frns%2FgdFcDqFfYLLOmarZxt46gNuA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977e87be2b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| global.akating.com/files/css/countryFlag_s.css?v=cac22025232-20240427 | 104.21.11.35 | 200 OK | 25 kB |
URL GET HTTP/2global.akating.com/files/css/countryFlag_s.css?v=cac22025232-20240427 IP104.21.11.35:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectakating.com FingerprintA8:7E:17:08:6D:10:CF:53:D4:98:D4:CE:50:7C:4A:15:9B:62:1D:62 ValidityFri, 19 Apr 2024 10:57:59 GMT - Thu, 18 Jul 2024 10:57:58 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /files/css/countryFlag_s.css?v=cac22025232-20240427 HTTP/1.1
Host: global.akating.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: text/css
last-modified: Sun, 03 Jul 2022 14:40:24 GMT
etag: W/"03c23d4ea8ed81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 6333
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hZDsv69GoQL2Uea8Rgr3Oue2ADlksaYCZfKYDcnmHFuEB79Zi0T5MtJc8EgGZYZceCc16vYyt5kAKQoU7zu62KcCNW2ywLkYbiJD3UJUe3TagSjm%2Bu0wzr7U7GGCH44bYl5M7Fc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a23f1eb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| global.akating.com/files/js/CBDCurrency.js?v=cac22025232-20240427 | 104.21.11.35 | 200 OK | 44 kB |
URL GET HTTP/2global.akating.com/files/js/CBDCurrency.js?v=cac22025232-20240427 IP104.21.11.35:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectakating.com FingerprintA8:7E:17:08:6D:10:CF:53:D4:98:D4:CE:50:7C:4A:15:9B:62:1D:62 ValidityFri, 19 Apr 2024 10:57:59 GMT - Thu, 18 Jul 2024 10:57:58 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /files/js/CBDCurrency.js?v=cac22025232-20240427 HTTP/1.1
Host: global.akating.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: application/javascript
last-modified: Wed, 20 Dec 2023 13:12:33 GMT
etag: W/"4ecd3314633da1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 6333
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GN%2FyoQmU94Nyekfw5TPe7R30%2BBx%2BtSBraek5k01Q8iSIh0rPfdHBuvwP1O8I9cH9sDVEoY%2FYVnX3x5kIqGqiJEOoaYf4bj54BF7D8hBNxN%2B0JL0k3KKgpeM9s8DszoSXImTLq84%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a23f18b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/poppins/v21/pxiDyp8kv8JHgFVrJJLmy15VF9eO.woff2 | 216.58.207.227 | 200 OK | 8.6 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiDyp8kv8JHgFVrJJLmy15VF9eO.woff2 IP216.58.207.227:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 8596, version 1.0 Hash858549c2cb50c37c733cfa191fdb07ea 50900cbabf4ae9e1e174162f091404e343585c65 4b0864712c6e7ca75f8c003f7bc1a9270af33d6becd4119463771593274c48d2
GET /s/poppins/v21/pxiDyp8kv8JHgFVrJJLmy15VF9eO.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rosequake.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8596
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 Apr 2024 20:43:57 GMT
expires: Tue, 22 Apr 2025 20:43:57 GMT
cache-control: public, max-age=31536000
age: 346224
last-modified: Fri, 22 Mar 2024 00:00:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| nicesis.com/cdn/shop/files/preview_images/5c4e8ab37b8f49b5823ee2567a37a3e0.thumbnail.0000000000.jpg | 0.0.0.0 | | 0 B |
URL GET nicesis.com/cdn/shop/files/preview_images/5c4e8ab37b8f49b5823ee2567a37a3e0.thumbnail.0000000000.jpg IP0.0.0.0:0
Requested byhttps://www.rosequake.com/
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn/shop/files/preview_images/5c4e8ab37b8f49b5823ee2567a37a3e0.thumbnail.0000000000.jpg HTTP/1.1
Host: nicesis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| we.chatsoftly.com/im_client/css/ui/emotion.css | 172.67.194.34 | 200 OK | 8.1 kB |
URL GET HTTP/3we.chatsoftly.com/im_client/css/ui/emotion.css IP172.67.194.34:443
Requested byhttps://www.rosequake.com/ CertificateIssuerLet's Encrypt Subjectchatsoftly.com FingerprintB5:CE:E5:95:0F:6B:BB:E2:D4:E0:32:34:86:00:B8:EB:C8:3F:A6:E5 ValidityWed, 06 Mar 2024 04:41:15 GMT - Tue, 04 Jun 2024 04:41:14 GMT
File typeASCII text, with very long lines (8088), with no line terminators Hash0601a7fa15320d262c32d050937ab498 3ae94833f07968a04db7bcd6cbc4b4ea337dbaac fb81e6ff71af364456416500277a0179fef4e3ca52d5d4aa0e3db0675ee61725
GET /im_client/css/ui/emotion.css HTTP/1.1
Host: we.chatsoftly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:30 GMT
content-type: text/css
cf-bgj: minify
etag: W/"f655cfa28c5ed61:0"
last-modified: Mon, 20 Jul 2020 11:55:17 GMT
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5630
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bUSas5CghpHsa3qXSouPzsj0cMS253ZOSo3M95L9YeNWXJg7ketsI9JAsLY8pyv4I0q2xIxnQEB2v%2FtyuGR93fyp2HrUnoPb5G0te1HM4f3oBagfuYutglOWNrRqNX6QfxQURg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977ea8ed6b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdn.shopify.com/videos/c/o/v/8deef709fc1e4f858ae6e3cd945ff6d3.mp4 | 23.227.60.200 | 206 Partial Content | 37 MB |
URL GET HTTP/2cdn.shopify.com/videos/c/o/v/8deef709fc1e4f858ae6e3cd945ff6d3.mp4 IP23.227.60.200:443
Requested byhttps://www.rosequake.com/ CertificateIssuerLet's Encrypt Subjectcdn.shopify.com Fingerprint34:CE:56:3A:83:8F:D8:06:E6:52:5C:6D:DE:D5:CD:92:EE:F0:79:DF ValidityTue, 05 Mar 2024 12:27:42 GMT - Mon, 03 Jun 2024 12:27:41 GMT
Size37 MB (37328679 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /videos/c/o/v/8deef709fc1e4f858ae6e3cd945ff6d3.mp4 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
date: Fri, 26 Apr 2024 20:54:21 GMT
content-type: video/mp4
content-length: 37328679
access-control-allow-origin: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/videos/c/o/v/8deef709fc1e4f858ae6e3cd945ff6d3.mp4>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: 5a3f9918-08eb-4bc1-aa0c-fb9e2fa7337a-1709764376
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,gcp-us-east1
last-modified: Wed, 06 Mar 2024 22:32:57 GMT
cf-cache-status: HIT
age: 710354
content-range: bytes 0-37328678/37328679
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h8oKe%2F9eE%2F3aNV4A8SQpLsRJaLKQjZlbbSkIC5ar7bT21vq3GJKoj%2B9i8QDqA5E1gilKCiYcLCXlj1mbw%2FIhMhQD4C6ZMVEe5hQPnrM68O3yBOe38Wdh0Ag0N%2BPhHXylkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server-timing: imagery;dur=469.952, imageryFetch;dur=436.675, cfRequestDuration;dur=21.999836
server: cloudflare
cf-ray: 87a977aeea5556bb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.rosequake.com/ajax/user_view_history.aspx?r=0.970198171219156 | 188.114.97.1 | 200 OK | 0 B |
URL GET HTTP/3www.rosequake.com/ajax/user_view_history.aspx?r=0.970198171219156 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ajax/user_view_history.aspx?r=0.970198171219156 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw; _gcl_au=1.1.1780305057.1714164860; _ga_B1QS3P765Z=GS1.1.1714164861.1.0.1714164861.0.0.0; _ga=GA1.1.379596347.1714164862; cf_clearance=kbCUiwrgr269rrXfQfhT2.QA72LxwNcT_RGTVyI8PZk-1714164861-1.0.1.1-IUuCBYJG.SHnX3ZpoOA4LNplNS2TjQnYKA2dG2IgHVKRUxUTJhzUEMKsgAEL8hgn7cK8R1I.BdEYxFrGMYLejA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: text/html
cache-control: private
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wVKuhhtsH8zQJ9gxdpxB2UvKX4STQP%2BqHSLqu6dGr2hRJKGS7NePnW0FPDPXxxn1AIq0PoFR49EvFXLvASeuBTb1E%2BOczQg19OlG62xXDjJNqiJtWRuIpnitSW0v%2BfH0%2FviKhA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977b39e7c56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/static/lib/imagesloaded/imagesloaded.pkgd.min.js?v=cac22025232-20240427 | 188.114.97.1 | 200 OK | 5.5 kB |
URL GET HTTP/3www.rosequake.com/static/lib/imagesloaded/imagesloaded.pkgd.min.js?v=cac22025232-20240427 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeJavaScript source, ASCII text, with very long lines (5584), with no line terminators Hashfc637ca4d985f346ff994151a22fe36d 563c972a25d1b3333b8773356df193a70322ee3c f2609521a0ca9b5559d7574376bf1083e8259d20313b86f81548d888021fa382
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/lib/imagesloaded/imagesloaded.pkgd.min.js?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: application/javascript
last-modified: Thu, 19 Oct 2023 22:52:02 GMT
etag: W/"095b4dfde2da1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qrRSvSUdqhPmortYmmyHxdYzTZw0hAj%2BHqfgNI7RHzKfHa0OfPufpw60R7pc5I3TdlmH9HMXa%2FkaLAGc6KculL%2FH%2Frj6B0%2BraTiYcKGWxuataNM%2Fq9i5ldDKGUWHRVYfLL3hjA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a23c4c56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/js/shop-section.js?v=cac22025232-20240427 | 188.114.97.1 | 200 OK | 6.2 kB |
URL GET HTTP/3www.rosequake.com/js/shop-section.js?v=cac22025232-20240427 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeJavaScript source, ASCII text, with very long lines (6664), with no line terminators Hash30646f583611251216ba6744265c3b53 3ebf48e6c5d758c2848df18970f2a914cb01f624 7ed4c532b51119ff2c8dc8ffdd31036a1d300070bf16c9abca3816ba5a56157c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/shop-section.js?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: application/javascript
last-modified: Sun, 17 Dec 2023 19:47:57 GMT
etag: W/"8094beee2131da1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=638V%2FyuZf35dJx87%2FCpVmnSsn67DjZkEhxogZHfIVetEPIPktx1YkHDkyjNpTo8be0NLy%2FDVQS12PFOTZJSxaDaoBMgQHs3sxgCRsaAZ7j06RKRSC4nIGzbi62CG7kGaqX9fUw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a24c5a56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js | 188.114.97.1 | 200 OK | 7.9 kB |
URL GET HTTP/3www.rosequake.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeJavaScript source, ASCII text, with very long lines (7897), with no line terminators Hashaa1e55b5d6a9c490a11a59e98ee31b21 430a6899278bd61fbc4130085f1015d5570f3325 ed4bd5e7c52e1753e9af40b9fa313cdac30ed6caf041c9f8c6c45a71b22d142b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw; _gcl_au=1.1.1780305057.1714164860
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:21 GMT
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
vary: accept-encoding
cache-control: max-age=14400, public
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9ELqaWZxFC6SSiMJOR4C0%2FM3K%2Bqxo3rw4DOutMoLHNbT7j0JDO6%2FWEqx5JkSSe1%2Fg73VX9jdptT0Zw2v1JO28faMrseJBFLLfe2SuAzqPy1y8HBGVsMlPUDg8yThwNDHrVzVvw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977b09bd956c4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/8307b2cbbae637fbb0ec9875f97cd77a_100x.jpeg | 104.19.235.103 | 200 OK | 4.6 kB |
URL GET HTTP/3img.staticdj.com/8307b2cbbae637fbb0ec9875f97cd77a_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashc1ad399fbe0d6deefaf527512761101d 17ef3e81913b00955285125c15703712a59f5f5f fce729ffd412787adabd423740ebeeb7ed97bcc5139a84b3c8c569e296bd8748
GET /8307b2cbbae637fbb0ec9875f97cd77a_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 4614
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="8307b2cbbae637fbb0ec9875f97cd77a.webp"
expires: Wed, 06 Mar 2024 23:34:20 GMT
request-id: 651c5c8f-fab6-4b6f-9af9-ca535576ed27
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 651c5c8f-fab6-4b6f-9af9-ca535576ed27
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 22:34:20 GMT
cf-cache-status: HIT
age: 1328496
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f%2FKvoZq6fdj7dQPNbxKOmzrqp5UtT%2FIKxAFCpwe6b8r4RuXg2rRSYuNVsRw2CVVWomTS5tB%2FRgRbt4UWYEE3GrHlFBGw3BYGb6aM%2FZd5szaW32K55hpfV2uBvJlUFCE%2BRYw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=26.000023
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b64de4b4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| we.chatsoftly.com/agents/free.aspx?im_web_plugin_id=9&session_key=&callback=udesk_jsonp1 | 172.67.194.34 | 200 OK | 36 B |
URL GET HTTP/3we.chatsoftly.com/agents/free.aspx?im_web_plugin_id=9&session_key=&callback=udesk_jsonp1 IP172.67.194.34:443
Requested byhttps://www.rosequake.com/ CertificateIssuerLet's Encrypt Subjectchatsoftly.com FingerprintB5:CE:E5:95:0F:6B:BB:E2:D4:E0:32:34:86:00:B8:EB:C8:3F:A6:E5 ValidityWed, 06 Mar 2024 04:41:15 GMT - Tue, 04 Jun 2024 04:41:14 GMT
File typeASCII text, with no line terminators Hashd374e3ed72f03844f3959862df57f07b 12cc12837b6d4c3a79e2bc67bb2e4c3c658d8ee0 c4be6cfb6dd452476fbd6379d0dc0e413170c8307742142f76038077d705f6f2
GET /agents/free.aspx?im_web_plugin_id=9&session_key=&callback=udesk_jsonp1 HTTP/1.1
Host: we.chatsoftly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:30 GMT
content-type: text/javascript; charset=utf-8
cache-control: private
vary: Accept-Encoding
set-cookie: ASP.NET_SessionId=opvieuxy3o00jp2ya3y10zm5; path=/; HttpOnly; SameSite=Lax
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yOC58Q0HF5wPLievh4vQy3ts32MkYIAS7Y0C0fis%2FlukBL%2FzOrs4nBoDK54Jq60adMOMz%2BF3WEH054Wi0peDvZ1qNfKU2NSwTNsmwo3qR08wn8jUaSC34%2FivhwXnIp22u0CRUg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977eaaef5b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/images/banner/ForHer.jpg | 188.114.97.1 | 200 OK | 16 kB |
URL GET HTTP/3www.rosequake.com/images/banner/ForHer.jpg IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeJPEG image data, progressive, precision 8, 250x370, components 3 Hash8781648f65a20f75389e7d4087a1f125 52fa3cd0a42e4817ca66784c6e221da3f812d862 fc7e4d8c9b6226b2c4036191a0e0b154903adfe269086ea2e958d303eb33768e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/banner/ForHer.jpg HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/jpeg
content-length: 15810
last-modified: Wed, 06 Dec 2023 18:14:06 GMT
etag: "8ce12807028da1:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5623
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BDCSIRBVoeLcPR6xrwAgh1KtACg47%2FisYjzoEJiLZnFDxyqUjfzlUquVua06ziboRmiNPYuz4C4DmSJ9jgyvGGuX02ON13pUWAqnTpQuyX2OhJ2nuWoHizuPzMDVP5CByiESIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977a31d5656c4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/74fe3c239d3d8e2f1f3246717a5d9566_600x.gif | 104.19.235.103 | 200 OK | 40 kB |
URL GET HTTP/2img.staticdj.com/74fe3c239d3d8e2f1f3246717a5d9566_600x.gif IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hasha0fad190b47649578af4a67c5bf9a810 f524c161fea8f5097cfb57795303a9c290e5de3c 798cbb05bb969909c65178eaed836dcaca0f8edb5a4d60643c0c42c985a93658
GET /74fe3c239d3d8e2f1f3246717a5d9566_600x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/webp
content-length: 39666
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=297688
content-disposition: inline; filename="74fe3c239d3d8e2f1f3246717a5d9566_600x.webp"
request-id: cd09b5bc-e973-4cfa-b9ab-ed1600dd3a1e
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Wed, 20 Mar 2024 16:31:02 GMT
cf-cache-status: HIT
age: 2724901
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z00o9yslBNc%2Fh9IrVZC6ozBSVZNvgDeKPBAdacpwCQoMSH1h6Y3mR0na2iW%2BB4VkWNkgxz2%2BMjrjkBNwOIqh4j4HVkpVIQBAVpC2AfMbcvXF2X1mpcxMa2V4d0xiesfNusc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=23.999929
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977a4589db4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img.staticdj.com/e4a8e7b7a3e1b362faf130557c5868ae_600x.gif | 104.19.235.103 | 200 OK | 67 kB |
URL GET HTTP/2img.staticdj.com/e4a8e7b7a3e1b362faf130557c5868ae_600x.gif IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash822d70389c3ea912ba3af9d94bac9937 f4a52f67da2b210b2073b06617e230807180999f 62afefba3b77626681c2b25e87cd7411bb661fec04aa8a4d91e024954b278607
GET /e4a8e7b7a3e1b362faf130557c5868ae_600x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/webp
content-length: 66984
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=166102
content-disposition: inline; filename="e4a8e7b7a3e1b362faf130557c5868ae_600x.webp"
request-id: dbebcfda-d5f7-4745-80aa-5b968df514c7
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Thu, 11 Apr 2024 23:14:08 GMT
cf-cache-status: HIT
age: 1072532
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FfYUTShhhPqmAIFOjhECvKLN6EZy4TFh2rexst2QDHYuspVUXjWUpWmfQL0BdhgvW%2F08GOpk%2FFs49Vsv6pNTmU9%2Fq6YvTbXAI0%2FRadlo%2BrVqmllnqlHfUYwnL3mCSyTKtpM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=27.999878
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977a43862b4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| global.akating.com/files/js/chosen_v1.8.7/chosen.css?v=cac22025232-20240427 | 104.21.11.35 | 200 OK | 12 kB |
URL GET HTTP/2global.akating.com/files/js/chosen_v1.8.7/chosen.css?v=cac22025232-20240427 IP104.21.11.35:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectakating.com FingerprintA8:7E:17:08:6D:10:CF:53:D4:98:D4:CE:50:7C:4A:15:9B:62:1D:62 ValidityFri, 19 Apr 2024 10:57:59 GMT - Thu, 18 Jul 2024 10:57:58 GMT
Hashf9e4f602d90605d2dae0d32979c69029 d8c7700cbf92f6100c9aa5de69ac6d4390802ee7 89945fcb95372714ec719cfed9a0ad20f35bc6f0d1d471662dba38c6f46b0f75
GET /files/js/chosen_v1.8.7/chosen.css?v=cac22025232-20240427 HTTP/1.1
Host: global.akating.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: text/css
last-modified: Sat, 25 Jun 2022 10:07:28 GMT
etag: W/"0f0f95f7b88d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 6333
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MjlVNYeepLDwUEDqn%2F5icHox%2BlTL%2BAv7KFpkM5PgbEzD7X40WubcOuFZpiaUE96xfpkqcNJOL9XHfvQNmUMZjKTTcJaEwWllkBiD5%2FDWruxEPA%2BlhdfNHT1bLVykAXLdvDtct%2Fw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a23f14b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img.staticdj.com/a490a4aae32ab920c55ea29a95a3c93e_600x.jpg | 104.19.235.103 | 200 OK | 22 kB |
URL GET HTTP/2img.staticdj.com/a490a4aae32ab920c55ea29a95a3c93e_600x.jpg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash85e43fa9eed31501d449149402e27c77 234edf7948507cdf44b09508900b289781e5f109 c94b828ebc167235cc6e2aa554f43970534139f2792a8cbb0b862ab435589b55
GET /a490a4aae32ab920c55ea29a95a3c93e_600x.jpg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/webp
content-length: 21920
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="a490a4aae32ab920c55ea29a95a3c93e.webp"
expires: Wed, 06 Mar 2024 21:09:36 GMT
request-id: daa19743-3de5-4531-ae5d-1c08cfcf6880
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: daa19743-3de5-4531-ae5d-1c08cfcf6880
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 20:09:36 GMT
cf-cache-status: HIT
age: 1328495
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fuPMkA4q118GhYS0aPFl539Wxhr7jumatC53llp%2BdtpmraorG4ujfUwObvvgQgFdxcqh17P4fzU%2FLpWjV2%2BqL1L4%2FqrkCuSzfV6ecKvFU1z%2FyzDe2pSZ0ichl19gAdP6ZhQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=23.999929
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977a4589eb4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.rosequake.com/images/banner/Lubes.jpg | 188.114.97.1 | 200 OK | 26 kB |
URL GET HTTP/3www.rosequake.com/images/banner/Lubes.jpg IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=370, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=250], progressive, precision 8, 250x370, components 3 Hasha9b60d0957a594aef6c5308ee1a7e7a3 7e8cf1b57078bd4a4ea67f9d6c9d6e6e71eab8c7 27850d7149f91cb4d4ddc03826a99af23ad2d111023d3cf6627f4c652a035d63
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/banner/Lubes.jpg HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/jpeg
content-length: 26501
last-modified: Wed, 06 Dec 2023 18:28:52 GMT
etag: "22fd64107228da1:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5623
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VxV3Q%2BIugWUWA5fLPGktTImJgM2mCGaECgXkKg55EG06H5AouX0p1x9jGdKbHZTq1zUqr8eoS23oVEcqYO1TwclcRxWxUuJcophTsnqiGufo91AoCd4wuhBzdJVoea%2By7Niqtw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977a31d5956c4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/static/extra.css?v=cac22025232-20240427 | 188.114.97.1 | 200 OK | 650 B |
URL GET HTTP/3www.rosequake.com/static/extra.css?v=cac22025232-20240427 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeASCII text, with very long lines (650), with no line terminators Hashc99be612fbce82182d83923efc718b6a 6ad887b258ec267c4bb6ce6e73b496cd825b37a6 437a0cfa54d982b2fe6090623a98b8084d4591565cf0104767e7ca42f35f3628
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/extra.css?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: text/css
last-modified: Sat, 29 Jul 2023 10:11:15 GMT
etag: W/"e2944125c2d91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r1pfFHaqCKiXDQ8eVtDJMRXxCzpJOsA6z%2FhsJ6X5s3UKrxACnrNMQm8NDp1POUe3IHUsrcLhI6imuLdehUxuM0Hs%2FNMPApES8%2FYYrOquZCdkoJbVm1ueLNIM5Svq1BQUoyfzPw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a21c1e56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| img.fantaskycdn.com/827b999bb490bb551615f723ad42c609.png | 104.18.21.211 | 200 OK | 48 kB |
URL GET HTTP/2img.fantaskycdn.com/827b999bb490bb551615f723ad42c609.png IP104.18.21.211:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectfantaskycdn.com Fingerprint72:FB:90:36:3F:60:4D:C3:71:A5:77:4E:63:A8:50:5B:B3:2D:0C:6E ValidityThu, 25 Apr 2024 11:02:19 GMT - Wed, 24 Jul 2024 11:02:18 GMT
File typeRIFF (little-endian) data, Web/P image Hasha77a437fff004d66111aa4e5d3ec78bf 6c78397103079d3cc58c5097b6a3ad1cb349f9e1 22d17248e9743be6da4f957f531503df1a875eb8091019718bcfd773099a8876
GET /827b999bb490bb551615f723ad42c609.png HTTP/1.1
Host: img.fantaskycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 48354
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=86396
content-disposition: inline; filename="827b999bb490bb551615f723ad42c609.webp"
request-id: 07a7dbd1-0805-4995-beed-13db4da529c0
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Apr 2024 22:54:57 GMT
cf-cache-status: HIT
age: 1328495
expires: Sun, 27 Apr 2025 02:54:22 GMT
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b3bd680b61-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img.staticdj.com/6e6e2cd33f91cf02e5e31579ecca8e84_600x.gif | 104.19.235.103 | 200 OK | 217 kB |
URL GET HTTP/2img.staticdj.com/6e6e2cd33f91cf02e5e31579ecca8e84_600x.gif IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Size217 kB (217352 bytes) Hash12a0fd6e22a6e645491de99b467e12ba 14d46744882505a0f1e34bb6ec43281047609a11 f9594be2d42e92119f19ac737af442128044f03590681f65766d3e273c64a0d2
GET /6e6e2cd33f91cf02e5e31579ecca8e84_600x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/webp
content-length: 217352
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=796798
content-disposition: inline; filename="6e6e2cd33f91cf02e5e31579ecca8e84_600x.webp"
request-id: 57547f9d-379f-4cf0-a60f-fcea3e13d12b
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Apr 2024 19:29:52 GMT
cf-cache-status: HIT
age: 1328494
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B0J%2BQ%2B5iFvRXZy9uH9ZYKLEcKb5CI1tf%2F%2B1vfc%2Bvo6begOVOXSTqyLH5Z5KISI8fMqGu%2F8%2FXSesXHomRawMcm5PFsPJVWrNogUqC5WAbQca9vIwqSE6HiZ0vIO8r1ThtBCY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=30.999899
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977a43865b4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img.staticdj.com/9d9dbd8ea6715a73d4d5cb2ce1725091_100x.jpeg | 104.19.235.103 | 200 OK | 1.2 kB |
URL GET HTTP/3img.staticdj.com/9d9dbd8ea6715a73d4d5cb2ce1725091_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash1d17aa8bb93899e1ff114b3e6d7cb4f4 03fd77ee47933914aba1bc1372cb4df2f3302e9d 923d4264aa50ec355e4e7588c8c2b433e83cd800ea6fb7a45187572e7203196a
GET /9d9dbd8ea6715a73d4d5cb2ce1725091_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 1168
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="9d9dbd8ea6715a73d4d5cb2ce1725091.webp"
expires: Sat, 23 Mar 2024 09:48:21 GMT
request-id: 0fcdb0ae-b792-4518-b0ff-0be574989c20
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 0fcdb0ae-b792-4518-b0ff-0be574989c20
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Mar 2024 08:48:21 GMT
cf-cache-status: HIT
age: 735520
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mXiUkEo51zSIxoiUSitOHyxycCuXxpSB9Arr86Qjw3507T%2FPqIM6BXiYkUY70jrGxeUEwBC7s%2BxKBghIAVUULgInh73eyiLJfbCrbOHScry5cnzga2oUcq22nK0D6yNvlcU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=18.000126
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b66e14b4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/cd50df597465f45ec895e23f7d2da4ac_600x.jpeg | 104.19.235.103 | 200 OK | 18 kB |
URL GET HTTP/2img.staticdj.com/cd50df597465f45ec895e23f7d2da4ac_600x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash8ac0ba31169a084bebe857941ee19afa 39ed0296f1d595016860a14085a13a5e9c59565a 5cb1ecc53dca7ff47f6b1e054efb5725efb302b4542317e1d2136a978da0ce46
GET /cd50df597465f45ec895e23f7d2da4ac_600x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/webp
content-length: 17734
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="cd50df597465f45ec895e23f7d2da4ac.webp"
expires: Wed, 17 Apr 2024 21:36:32 GMT
request-id: c14b7537-eb26-4dfd-b32c-1784a96682a1
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: c14b7537-eb26-4dfd-b32c-1784a96682a1
x-xss-protection: 1; mode=block
last-modified: Wed, 17 Apr 2024 20:36:32 GMT
cf-cache-status: HIT
age: 52393
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=glGqUTCVbMg6k5DMBxiiWRCevUE8vsQuX%2B8zlrtKwGtCMAswqpf%2Fjlrs9DcVWpscfNQm6mYQ9vd%2BD6wb1qP13xnuxjpG%2B8DPXOcEidZoyay5wW5bBxQWZ2AucrhMBk7W4WA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=24.999857
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977a44866b4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.rosequake.com/css/country-flag.css?v=cac22025232-20240427 | 188.114.97.1 | 200 OK | 29 kB |
URL GET HTTP/3www.rosequake.com/css/country-flag.css?v=cac22025232-20240427 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/country-flag.css?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: text/css
last-modified: Fri, 04 Aug 2023 21:08:05 GMT
etag: W/"80e8c4c217c7d91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dbJ6zfx%2B%2BDzQHN1Ib2trfohvTZ5ioUvPtpet1gbN%2BDRE%2B9B1MMb5H7ctG6%2BStbsP6HqHPOFwofkpi09c9yT5R%2FAjj7zrOtXDQ56Y6XGFoEy9ZPoXbryu5qsXtKBfFCFhmoh8kQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a1bba656c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/99cd1036993157257e24ef187691b54b_600x.gif | 104.19.235.103 | 200 OK | 134 kB |
URL GET HTTP/2img.staticdj.com/99cd1036993157257e24ef187691b54b_600x.gif IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Size134 kB (134222 bytes) Hash2010a39646af76e3c478afa4e84d6aec 8f3628babd03ad9efa20a3f63945a26e37f4ac32 cca8f7d3fe8b4431ff1603a7e306f128d9c0d82b8a066b65a6f0cb3d14d6b010
GET /99cd1036993157257e24ef187691b54b_600x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/webp
content-length: 134222
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=333710
content-disposition: inline; filename="99cd1036993157257e24ef187691b54b_600x.webp"
request-id: da2ed250-afa9-4a7e-8047-2f35a3fd843a
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 22:36:30 GMT
cf-cache-status: HIT
age: 710353
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J3LSRcX3tLMvV%2Fe2enlV5V4q22nP0ydluuXF%2FoYMWXLwrCnNMdZT67Un6he4rvyXrMrO%2BZcp8pD2RqgnnU1o1HdjAkA67SsKVOjthoHO5NLLla5QkGuJdsSvtjaltMThRR4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=35.999775
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977a45885b4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| global.akating.com/files/css/CBDCurrency.css?v=cac22025232-20240427 | 104.21.11.35 | 200 OK | 12 kB |
URL GET HTTP/2global.akating.com/files/css/CBDCurrency.css?v=cac22025232-20240427 IP104.21.11.35:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectakating.com FingerprintA8:7E:17:08:6D:10:CF:53:D4:98:D4:CE:50:7C:4A:15:9B:62:1D:62 ValidityFri, 19 Apr 2024 10:57:59 GMT - Thu, 18 Jul 2024 10:57:58 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /files/css/CBDCurrency.css?v=cac22025232-20240427 HTTP/1.1
Host: global.akating.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: text/css
last-modified: Sat, 23 Sep 2023 14:39:28 GMT
etag: W/"09068c12beed91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 6333
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z6ls9wFS%2FSS0CMJ%2FAxx7OwcMVGcQXVKSaPx5CvGkBzktmN0T6Z3gEZ52vcOy5QcBcz2RHH1IMz%2B%2F6aHn7kbHmQavq6QFTqs3X%2FCcYTweOWD8UtgqMFQiF3%2FnwAg%2Bcs9tGEmk5j8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a22f11b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img.staticdj.com/45e7cca5d661d046ffdadf61719de7f1_600x.png | 104.19.235.103 | 200 OK | 91 kB |
URL GET HTTP/2img.staticdj.com/45e7cca5d661d046ffdadf61719de7f1_600x.png IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash89d1a07d57b4a15346840cf07fb457d7 a7680bbb10f0fde0102d4a2c68c7eb8b5cfc96aa 75d2b3f1d1e690e7ce0b1b7af3d361737522a2343a8fb56f72561d996ca98621
GET /45e7cca5d661d046ffdadf61719de7f1_600x.png HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/webp
content-length: 91204
cache-control: public, max-age=31557600, max-age=3600, public
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=186954
content-disposition: inline; filename="45e7cca5d661d046ffdadf61719de7f1_600x.webp"
expires: Tue, 19 Mar 2024 16:00:20 GMT
request-id: 119ae4dc-511e-4420-b9a8-9ff669b3032d
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 119ae4dc-511e-4420-b9a8-9ff669b3032d
x-xss-protection: 1; mode=block
last-modified: Tue, 19 Mar 2024 15:00:20 GMT
cf-cache-status: HIT
age: 2724900
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EkRnzaqtMELCdQvad29%2By41BVqBhgC87Pswy2Us7iZhHNLd7EGonBILboNW%2BF1i%2BLHwZbYYMax4R%2Bckgg8%2FFAAttWQEYA1ItNmS9YwUBywxs8i2Aj%2FSK4JHVXG6gdpYRP%2FU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=35.000086
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977a43864b4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img.fantaskycdn.com/320c89a9b737fb5846663b47a6adb4e4_600x.png | 104.18.21.211 | 200 OK | 230 kB |
URL GET HTTP/2img.fantaskycdn.com/320c89a9b737fb5846663b47a6adb4e4_600x.png IP104.18.21.211:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectfantaskycdn.com Fingerprint72:FB:90:36:3F:60:4D:C3:71:A5:77:4E:63:A8:50:5B:B3:2D:0C:6E ValidityThu, 25 Apr 2024 11:02:19 GMT - Wed, 24 Jul 2024 11:02:18 GMT
File typeRIFF (little-endian) data, Web/P image Size230 kB (229610 bytes) Hash82d3cd9af783dc2a08b87f5069922b8b 9b3c3cefc8677a2254ac01e1751256888ec15275 dce44ec6dd6e2783bcf642d98f0c07d23c4f5ce7ef4a31de1f7216e90625e4b1
GET /320c89a9b737fb5846663b47a6adb4e4_600x.png HTTP/1.1
Host: img.fantaskycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 229610
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=537694
content-disposition: inline; filename="320c89a9b737fb5846663b47a6adb4e4_600x.webp"
expires: Sun, 27 Apr 2025 02:54:22 GMT
request-id: 3d381144-fe18-4443-8312-1e27d1060c06
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 3d381144-fe18-4443-8312-1e27d1060c06
x-xss-protection: 1; mode=block
last-modified: Thu, 18 Apr 2024 11:54:05 GMT
cf-cache-status: HIT
age: 710348
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b3ed930b61-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| | 188.114.97.1 | 200 OK | 516 kB |
URL User Request GET HTTP/3IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
Size516 kB (515609 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:18 GMT
content-type: text/html; charset=utf-8
cache-control: private
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xOv760CZeef75XFSkfH6UO0ovvrbVQqq1NIm3CPswAUMKOKG7UClXOZIu195X%2BdGoWzVSu2dQp%2F3cpevITWsCaQa7eczLPiqD56nULN113bdm3b3mbfddLeZk7LMl5m4mbJrDw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a9779c6dc856c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/7d4637f42da9f26b0e94393645ca4f3a_100x.jpeg | 104.19.235.103 | 200 OK | 2.8 kB |
URL GET HTTP/3img.staticdj.com/7d4637f42da9f26b0e94393645ca4f3a_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashb8f3269a332fede9bb5f20b820297bb3 dce9378a49941c0a3406c312123779c87ee44f3d 7b90577cb4fa5037984994ace576984e96e26871816cb1663eae7a771923adbf
GET /7d4637f42da9f26b0e94393645ca4f3a_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 2780
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="7d4637f42da9f26b0e94393645ca4f3a.webp"
expires: Thu, 04 Apr 2024 20:19:31 GMT
request-id: acce577c-3680-4691-8d5f-34af43b5db59
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: acce577c-3680-4691-8d5f-34af43b5db59
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Apr 2024 19:19:31 GMT
cf-cache-status: HIT
age: 1072533
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wDH53mOnvXAjVNRGPbatCdX3grwqq1rz6eYoz5xN09LIaaEQ3BzxgaFKK6jVTrGmnnH2%2Fhcm7TWn8LfQYaf42M4ee%2FBcZQYjsO3hw9LU0H92V48YyTVYZt4YVg3bvO9sAeI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=21.000147
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b66e17b4f1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| we.chatsoftly.com//agents/images/cbdshop/agent_online.png | 172.67.194.34 | 200 OK | 4.8 kB |
URL GET HTTP/3we.chatsoftly.com//agents/images/cbdshop/agent_online.png IP172.67.194.34:443
Requested byhttps://www.rosequake.com/ CertificateIssuerLet's Encrypt Subjectchatsoftly.com FingerprintB5:CE:E5:95:0F:6B:BB:E2:D4:E0:32:34:86:00:B8:EB:C8:3F:A6:E5 ValidityWed, 06 Mar 2024 04:41:15 GMT - Tue, 04 Jun 2024 04:41:14 GMT
File typePNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced Hash1bd1eae9e6e5cee493eb21aeddc18013 e9434fb85ae9d37d6b329fc0b642283d5a7c71c9 98e7b202b3afba0dd5a8363af68bac53edfe327ba1de2142790fbdf7df09cae0
GET //agents/images/cbdshop/agent_online.png HTTP/1.1
Host: we.chatsoftly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:30 GMT
content-type: image/png
content-length: 4789
last-modified: Wed, 14 Apr 2021 15:08:32 GMT
etag: "9c29d084031d71:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2178
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0cLiLAupgqqPWE7JnDRx%2BWoqzTZ8pRsqTindRlwZR8GkH5V82OghZHw0QHCV2iZqwo99lZ3N71HbkUp0ZHQa7kAIcs4efps9X%2Bih5kYQB%2Bh%2FaY1Qkuww8NrCKj1iZFAgmKuYDA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977eb7ff6b523-OSL
alt-svc: h3=":443"; ma=86400
|
|
| nicesis.com/cdn/shop/files/preview_images/5c4e8ab37b8f49b5823ee2567a37a3e0.thumbnail.0000000000.jpg | 0.0.0.0 | | 0 B |
URL GET nicesis.com/cdn/shop/files/preview_images/5c4e8ab37b8f49b5823ee2567a37a3e0.thumbnail.0000000000.jpg IP0.0.0.0:0
Requested byhttps://www.rosequake.com/
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn/shop/files/preview_images/5c4e8ab37b8f49b5823ee2567a37a3e0.thumbnail.0000000000.jpg HTTP/1.1
Host: nicesis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| www.rosequake.com/apis/ImConnectInfo.aspx?guid= | 188.114.97.1 | 200 OK | 931 B |
URL GET HTTP/3www.rosequake.com/apis/ImConnectInfo.aspx?guid= IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeASCII text, with very long lines (1081), with no line terminators Hash801c6d92197312aeff0948c2f04b0386 6306875eb1f843ee163a7213737775a7c6b33729 a3c65164155019a10b8fed46bf1f5107a464e01b788f99c38592f8c640a15923
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /apis/ImConnectInfo.aspx?guid= HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw; _gcl_au=1.1.1780305057.1714164860; _ga_B1QS3P765Z=GS1.1.1714164861.1.0.1714164861.0.0.0; _ga=GA1.1.379596347.1714164862; cf_clearance=kbCUiwrgr269rrXfQfhT2.QA72LxwNcT_RGTVyI8PZk-1714164861-1.0.1.1-IUuCBYJG.SHnX3ZpoOA4LNplNS2TjQnYKA2dG2IgHVKRUxUTJhzUEMKsgAEL8hgn7cK8R1I.BdEYxFrGMYLejA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:25 GMT
content-type: application/json; charset=utf-8
cache-control: private
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BLrcfvZ0sLjWmZjxPLr7V9SlgUvxVRjQqRBd0ah5TFCXpl1jkSmNXJMsK3tzvAn7x7UN0sMAAE2hgGsu4BdZqNm1HHGPXUAR4MR8AN73hPMeoyoV%2FAJieIA%2B6zWlpQXQQejJIg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977c6ea3a56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/bb3de54fb37fda938bcc812e9deb7652_600x.jpeg | 104.19.235.103 | 200 OK | 34 kB |
URL GET HTTP/2img.staticdj.com/bb3de54fb37fda938bcc812e9deb7652_600x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash374cde4a27f801ecf7e81024b92831a9 281794ccf7e3a8a7ca17005db32c1bd8cd432a16 e8201fabdd7291a3e2ae665bbca7ed0f68c1d631f5c9d9767b8a969f616bcc5b
GET /bb3de54fb37fda938bcc812e9deb7652_600x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/webp
content-length: 34478
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="bb3de54fb37fda938bcc812e9deb7652.webp"
expires: Wed, 06 Mar 2024 23:38:43 GMT
request-id: b68a624f-b866-4bad-8b0e-b37a05413959
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: b68a624f-b866-4bad-8b0e-b37a05413959
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 22:38:43 GMT
cf-cache-status: HIT
age: 735518
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BxUuOUFJcpA2d0CfbJdmpdRdXAC9I8ZId5V3ibqSes4m8OI6E1lag33sUkZvnPmSSFgvlEHvom%2FNEn0SVla5K3Prz4iPUr1Q6g9KhHvoKyCQTzo%2FoHv%2FKH%2BO0sVpbkfwnSU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=35.000086
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977a4385fb4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img.staticdj.com/a5313bbad0070d448d3e578dc6b0d156_600x.jpeg | 104.19.235.103 | 200 OK | 31 kB |
URL GET HTTP/2img.staticdj.com/a5313bbad0070d448d3e578dc6b0d156_600x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash9d77ef9cfe6a98a61310d134ede0a24f 562cd04b240d6670be9c2a7f3b7ad67384940a08 2ae4bb88c98b7f9d1249775a98d79b5fce7bf2d4addf09297d73363187a04cb6
GET /a5313bbad0070d448d3e578dc6b0d156_600x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/webp
content-length: 31200
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="a5313bbad0070d448d3e578dc6b0d156.webp"
expires: Thu, 18 Apr 2024 09:33:48 GMT
request-id: 4c33e91b-5a4c-40db-b7d3-1cc6b32b504e
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 4c33e91b-5a4c-40db-b7d3-1cc6b32b504e
x-xss-protection: 1; mode=block
last-modified: Thu, 18 Apr 2024 08:33:48 GMT
cf-cache-status: HIT
age: 735517
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pC5AF0IoZt24QkHMJQ6hbs0BNqEVBjgooR%2B31ILkJ%2FK90ZrBlxm2%2Bvla%2Fox8Yd2JKL4zkkUDn8mINEYZK0T8E25r2ukhBzVtYfX%2F%2FtwCzuE%2BrxxReZFC62tter8PAgb8LWE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=20.999908
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977a458a3b4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|