Report - rosequake.com/PageCMS/NewsLetter

Report Overview

Submitted URL
rosequake.com/PageCMS/NewsLetter_Click.aspx?edmID=51
IP
188.114.97.1
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-26 20:54:51
Access
public
Website Title
Take you to next level of pleasure | Take you to next level of pleasure
Final URL
www.rosequake.com/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
128

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
we.chatsoftly.com	unknown	2020-10-01	2021-03-08	2024-01-25	3.2 kB	161 kB	172.67.194.34
cdn.shopify.com	2327	2005-03-11	2012-06-22	2024-04-25	1.1 kB	40 MB	23.227.60.200
www.rosequake.com	unknown	2023-10-03	2023-10-15	2024-04-18	35 kB	42 MB	188.114.97.1
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-26	3.2 kB	54 kB	216.58.207.227
nicesis.com	unknown	2023-04-10	2023-06-26	2024-02-22	996 B	0 B	0.0.0.0
img.staticdj.com	53607	2018-11-09	2019-04-04	2024-04-24	36 kB	2.7 MB	104.19.235.103
global.akating.com	unknown	2023-05-01	2023-12-04	2024-03-04	5.9 kB	429 kB	104.21.11.35
img.fantaskycdn.com	unknown	2023-07-04	2023-07-27	2024-04-22	2.7 kB	496 kB	104.18.21.211
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-04-26	1.3 kB	292 kB	142.250.74.168
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-04-25	893 B	42 kB	104.17.25.14
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-25	561 B	6.1 kB	142.250.74.106
web.cbdcdn.com	unknown	2020-11-14	2023-08-28	2024-03-07	464 B	350 kB	104.21.15.17
rosequake.com	unknown	2023-10-03	2023-10-03	2024-04-18	506 B	867 B	188.114.97.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	nicesis.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed
2024-04-26	medium	nicesis.com	Sinkholed
2024-04-26	medium	rosequake.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (35)

	URL	Size	First Seen	Last Seen
	www.googletagmanager.com/gtag/js?id=G-B1QS3P765Z	302 kB	2024-04-26	2024-04-26
Pretty URL www.googletagmanager.com/gtag/js?id=G-B1QS3P765Z IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 22:54:55 Last Seen2024-04-26 22:54:57 Times Seen2 Hash 4f1573190eee44ce2a4e19acc13ca6c8 073c9ed3a0058f243519e4467aece6b24bf67db0 7a388470baf729c054a163620c70f6e5c48437786f492a4b7468b2678d49c5fa Loading...

	www.rosequake.com/	523 B	2024-01-26	2024-04-30
Pretty URL www.rosequake.com/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-26 08:07:04 Last Seen2024-04-30 05:11:24 Times Seen89 Hash bf8f17a72cb12959948f897752946452 e03bad0638c2acb1d5988e69882a75d3c4b24ed4 e3a1b5d855d305d9b1d76ecb0845b48bcd4418327759e034bb68a4eef7043f16 Loading...

	www.rosequake.com/static/lib/jquery.elevateZoom/jquery.elevateZoom.min.js?v=cac22025232-20240427	3.3 kB	2023-12-04	2024-04-30
Pretty URL www.rosequake.com/static/lib/jquery.elevateZoom/jquery.elevateZoom.min.js?v=cac22025232-20240427 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 05:12:13 Last Seen2024-04-30 05:11:24 Times Seen110 Hash c4ab6fa36490a0cccc26ac7bbdd04c89 84c2e019f93a8db7c1607d6d9a74e3f2f9f11e00 f83b8845cc1020d205c0e74e9d68882bdda292334a8d4e4c9cddf5d7ce07e3d7 Loading...

	global.akating.com/files/ExchangeRate.js?v=cac22025232-20240427	11 kB	2023-11-28	2024-04-30
Pretty URL global.akating.com/files/ExchangeRate.js?v=cac22025232-20240427 IP 104.21.11.35 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 17:07:54 Last Seen2024-04-30 05:11:25 Times Seen197 Hash fc715516fb030cd6858f16981ad2650c 9dc67c87ac8e4933d978c9b11a57b61d0755c6a2 c17ded04681c173e9e34c83d8666542405c276bf078da5ec06adf12ac815bbe7 Loading...

	global.akating.com/static/js/pixel2023.js?v=cac22025232-20240427	15 kB	2024-04-14	2024-04-30
Pretty URL global.akating.com/static/js/pixel2023.js?v=cac22025232-20240427 IP 104.21.11.35 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-14 17:07:33 Last Seen2024-04-30 05:11:24 Times Seen7 Hash 55caa443ca265ca0fb1ae279f2a1424a 910a9db14412df58603904d833221539e97f49a9 2d2cc3835eafb7da2b1e9f081a829ebaedd3884fec4678c0f959240f0148259a Loading...

	www.rosequake.com/static/lib/imagesloaded/imagesloaded.pkgd.min.js?v=cac22025232-20240427	5.5 kB	2023-03-07	2024-05-05
Pretty URL www.rosequake.com/static/lib/imagesloaded/imagesloaded.pkgd.min.js?v=cac22025232-20240427 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:53:01 Last Seen2024-05-05 17:15:41 Times Seen202 Hash 919bcd36ba45f4ae408e47ad200e0cc9 de12adeba034b0e200f9a13623852f1e2cdadb4a 86dacb15f649eafe6e74e1bede434b20d20a87682fa0aab01211d87d34cc2027 Loading...

	www.rosequake.com/js/shop-section.js?v=cac22025232-20240427	6.2 kB	2024-01-26	2024-04-30
Pretty URL www.rosequake.com/js/shop-section.js?v=cac22025232-20240427 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-26 08:07:04 Last Seen2024-04-30 05:11:24 Times Seen88 Hash f4951f4e71c1c1bb2f827cdf67a8c776 78b2c4dbb590cd7c48631d122811f5771f7aa144 2c48f56878c7993437b89b5301553b57a355d2a78d10189ac741ac863403d2ae Loading...

	www.rosequake.com/js/jquery-ui-1.13.1.custom/jquery-ui.min.js?v=cac22025232-20240427	38 kB	2023-06-05	2024-04-30
Pretty URL www.rosequake.com/js/jquery-ui-1.13.1.custom/jquery-ui.min.js?v=cac22025232-20240427 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-05 01:53:35 Last Seen2024-04-30 05:11:25 Times Seen327 Hash b74c18de0056ed87c5e712eb21074f98 fc1fa797cac8bb89a1416aa2662b2cd74d851d60 4502cf3c096b98c6ed963242ce158fce517d3afd00982d2a8daddce91f30375a Loading...

	we.chatsoftly.com/spa1/im_web_plugins/out_config.aspx?id=9&company_code=RoseQuake&language=en-us&session_key=&callback=udesk_jsonp0	2.9 kB	2024-04-18	2024-04-30
Pretty URL we.chatsoftly.com/spa1/im_web_plugins/out_config.aspx?id=9&company_code=RoseQuake&language=en-us&session_key=&callback=udesk_jsonp0 IP 172.67.194.34 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 08:24:57 Last Seen2024-04-30 05:11:23 Times Seen6 Hash 6c3948ad373d8ae7a243a0e281a54ba4 5dbac628298993c2842f8cbe0af10dabd9eae976 47f52bbc5d89e0fd25786a55e8bfb2907e72afaa00a0ae8f69dc8da30ff324b9 Loading...

	www.rosequake.com/static/lib/jquery.cookie/jquery.cookie.min.js?v=cac22025232-20240427	1.7 kB	2023-12-04	2024-04-30
Pretty URL www.rosequake.com/static/lib/jquery.cookie/jquery.cookie.min.js?v=cac22025232-20240427 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 05:12:13 Last Seen2024-04-30 05:11:24 Times Seen111 Hash c2eb525e61d576ee386ba1adfaf736a7 db0ace78f4a6a2591545eeacb92c02d2022846d3 ab1ee99f22f107c9ae1559c920a1b7fe6cf89ec0c355a27be23669f688bf0350 Loading...

	www.rosequake.com/js/video.min.js	626 kB	2023-10-25	2024-05-02
Pretty URL www.rosequake.com/js/video.min.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-25 18:32:24 Last Seen2024-05-02 19:46:41 Times Seen3202 Hash f50c31011e4900174758bb688253b0b3 f15c8636f7dcd7f25798dd2d4a710f4f5fbcfd1a 0990b905d2a411a8f29c0502458419b91932e740cc66b1aca128179cbede5867 Loading...

	www.rosequake.com/static/lib/bootstrap/popper.min.js?v=cac22025232-20240427	19 kB	2023-12-04	2024-04-30
Pretty URL www.rosequake.com/static/lib/bootstrap/popper.min.js?v=cac22025232-20240427 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 05:12:13 Last Seen2024-04-30 05:11:25 Times Seen177 Hash 777f8a32fe7ad62a6c5f1e649bc3616e 41feeaacdff5f9714848b7bbe55739185462f2ab 7a409fd037337862ad8373afd1e77781984d6961c90c00d901ae04664768b01b Loading...

	www.rosequake.com/static/base.js?v=cac22025232-20240427	84 kB	2024-04-14	2024-04-30
Pretty URL www.rosequake.com/static/base.js?v=cac22025232-20240427 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-14 17:07:32 Last Seen2024-04-30 05:11:23 Times Seen8 Hash b537b42f84d7a25f610f9889a938fa00 e16a71b9a18a348d13436a04171f3e6f65b9a79c be22e743ee67a40014e10f81dbd65e5984bf86f70cedbc73f4f83e194a0de9d5 Loading...

	www.rosequake.com/	139 B	2023-12-04	2024-04-30
Pretty URL www.rosequake.com/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-04 05:12:13 Last Seen2024-04-30 05:11:24 Times Seen84 Hash d888b7dce91313ad0e18328e56ea960e e8dfb007865f0cb0eab1dfcb8c6b26257edfa5d4 77e0e4c16a2b35f0a7914440333d62bc43e022894f01f7eee10b508b41916c5d Loading...

	www.rosequake.com/static/assets/js/theme.js?v=cac22025232-20240427	90 kB	2024-04-14	2024-04-30
Pretty URL www.rosequake.com/static/assets/js/theme.js?v=cac22025232-20240427 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-14 17:07:32 Last Seen2024-04-30 05:11:24 Times Seen8 Hash c5469e9f0e448739e77e540bd0f1d8f5 8527e3f640254d4b9c23d5cc4f9cb205298eec58 dbabd00d3fa2893d1bef0085bc67ddb5624e3cfd72064d07f4b67bd63a011ba0 Loading...

	we.chatsoftly.com/agents/free.aspx?im_web_plugin_id=9&session_key=&callback=udesk_jsonp1	36 B	2023-03-07	2024-04-26
Pretty URL we.chatsoftly.com/agents/free.aspx?im_web_plugin_id=9&session_key=&callback=udesk_jsonp1 IP 172.67.194.34 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:43:54 Last Seen2024-04-26 22:54:56 Times Seen25 Hash a864a7cc3b851f2f3d7bcbedf65c9032 bef225f8ccf9b7552a1286fc7e043b6f0b546bc3 80575b3130cae32b8a6675297ac02840de233c6a83fc91333aa77cc6154f2a4b Loading...

	www.rosequake.com/cdn-cgi/challenge-platform/scripts/jsd/main.js	7.9 kB	2024-04-26	2024-04-26
Pretty URL www.rosequake.com/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 22:54:56 Last Seen2024-04-26 22:54:57 Times Seen2 Hash aa1e55b5d6a9c490a11a59e98ee31b21 430a6899278bd61fbc4130085f1015d5570f3325 ed4bd5e7c52e1753e9af40b9fa313cdac30ed6caf041c9f8c6c45a71b22d142b Loading...

	www.rosequake.com/static/lib/bootstrap/bootstrap.bundle.min.js?v=cac22025232-20240427	78 kB	2023-12-04	2024-04-30
Pretty URL www.rosequake.com/static/lib/bootstrap/bootstrap.bundle.min.js?v=cac22025232-20240427 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 05:12:13 Last Seen2024-04-30 05:11:24 Times Seen90 Hash 7c3370c19aed9766605c93574799e4a7 2d6f25f07abdb7c3cf829c0dbcec6604e62fabb8 26d75c48e2dc074b3250f569868f7ee721ab397202d7f1b0e98783ac29024778 Loading...

	www.rosequake.com/static/lib/slick-carouse/slick.min.js?v=cac22025232-20240427	44 kB	2023-03-07	2024-05-03
Pretty URL www.rosequake.com/static/lib/slick-carouse/slick.min.js?v=cac22025232-20240427 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:48 Last Seen2024-05-03 10:54:13 Times Seen1148 Hash 04f7e97a54f61407f230196b17a3b5c8 e3d1d3bdc40c2e3788e2b83b1cf70084e330eaa3 254d80a49d0c9fced2fd0c272e7b868ca726df8189dc9c5735c56a33e7853dfc Loading...

	www.rosequake.com/js/layer.mobile/layer.js?v=cac22025232-20240427	3.3 kB	2023-03-08	2024-04-30
Pretty URL www.rosequake.com/js/layer.mobile/layer.js?v=cac22025232-20240427 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 08:53:50 Last Seen2024-04-30 05:11:24 Times Seen184 Hash dd2d9abc4f31f7e0b5eadde59641632e 98b28a118b5211190bf368bd437d8a26e752fa63 772e7cd4bcdb897178cadf50cd8a97f99fcfc39027c02fb4ff20b7fe053d2af3 Loading...

	www.rosequake.com/	580 B	2023-12-04	2024-04-30
Pretty URL www.rosequake.com/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-04 05:12:13 Last Seen2024-04-30 05:11:24 Times Seen81 Hash fa21ca3a1077139321e2ec87955b1b37 853d0421f8583fbc3590a811f47c26bb37fa4d30 19d13b8c90c45b4123133652777fd0b8d1587620791fba3e6dade212123a20a1 Loading...

	www.googletagmanager.com/gtag/js?id=G-B1QS3P765Z&l=dataLayer&cx=c	302 kB	2024-04-26	2024-04-26
Pretty URL www.googletagmanager.com/gtag/js?id=G-B1QS3P765Z&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 22:54:56 Last Seen2024-04-26 22:54:57 Times Seen2 Hash ac74ef9c101add7f2511db4ec05a2348 ebb4423f4cc725ffc2eda07934edd50f8ee98503 28599a49851b73cf7f213aada728ac39c7bf68925de2fe36df01adef1aca3f86 Loading...

	www.rosequake.com/	1.1 kB	2024-04-26	2024-04-26
Pretty URL www.rosequake.com/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 22:54:56 Last Seen2024-04-26 22:54:56 Times Seen1 Hash 4b825d988a3eaa74dff6cc2f3fb85b1b bdf9b031cb8672ed4c72b5a1961e9c3cdeb45132 2350c4e53b096bb10a4f57a224b1f1a8d4e0470ab9158eee07badc7577a00cc9 Loading...

	global.akating.com/files/Country_list.js	55 kB	2023-06-05	2024-04-30
Pretty URL global.akating.com/files/Country_list.js IP 104.21.11.35 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-05 16:31:36 Last Seen2024-04-30 05:11:25 Times Seen267 Hash 3dd00c1468c48f40ac11cf9715d34831 98691de8e84697877dfdbf2f9e87149621c64656 0512d7cec7a4d88356a2b50d5254c7884ad61cd7f343c8add98a4c8a4ca77eb2 Loading...

	www.rosequake.com/static/lib/fancybox/fancybox.umd.js?v=cac22025232-20240427	105 kB	2023-03-12	2024-04-30
Pretty URL www.rosequake.com/static/lib/fancybox/fancybox.umd.js?v=cac22025232-20240427 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 08:59:38 Last Seen2024-04-30 05:11:25 Times Seen180 Hash b01da78c5d4905c9961b0f6edfa28c3f e51d3d15baa13e0cda9b2e6637925c74c8655a4c 691ffb9a7ea68f1b92aa89bfd4392bfe7de445a153c28ef4268aa192215d3ef7 Loading...

	global.akating.com/files/js/CBDCurrency.js?v=cac22025232-20240427	44 kB	2024-01-26	2024-04-30
Pretty URL global.akating.com/files/js/CBDCurrency.js?v=cac22025232-20240427 IP 104.21.11.35 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-26 08:07:03 Last Seen2024-04-30 05:11:24 Times Seen88 Hash c73913b780929827b9a190789a20629b 1f3e6c1a79937ad912d7a6eb89ec8ee360b08891 d8e48467b7f74e788ac4ddc0bf5b68c0d84029c0de3f50e3f61b5f9e8fa79045 Loading...

	global.akating.com/files/js/chosen_v1.8.7/chosen.jquery.js?v=cac22025232-20240427	48 kB	2023-06-05	2024-04-30
Pretty URL global.akating.com/files/js/chosen_v1.8.7/chosen.jquery.js?v=cac22025232-20240427 IP 104.21.11.35 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-05 01:53:35 Last Seen2024-04-30 05:11:25 Times Seen327 Hash 89081048f3bf7c9d5985d79e4976f359 50bb8dde91c4f95c98716d7d702617dbea18bbc7 811ec63ebf47f8ccdafdc6c39280dff6c51b980b2a94547a8b78a3e6cc0b853f Loading...

	we.chatsoftly.com/js/im_load.js	6.9 kB	2023-10-18	2024-04-30
Pretty URL we.chatsoftly.com/js/im_load.js IP 172.67.194.34 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-18 00:57:13 Last Seen2024-04-30 05:11:24 Times Seen55 Hash 05370ad5f996d6599c6cffd4c5573b60 e4ff70b8b25df55ce5b59feec6e8ac2ceeb3edb6 c3574b06ff865ce5eee8b5165c241490ec648b4cfc634c44925e8a46dfe2d084 Loading...

	www.googletagmanager.com/gtag/js?id=AW-11401501348	258 kB	2024-04-26	2024-04-26
Pretty URL www.googletagmanager.com/gtag/js?id=AW-11401501348 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 22:54:56 Last Seen2024-04-26 22:54:57 Times Seen2 Hash 15a36d212eee97c084ab8b047ece28b3 73c685fe14afed5c57e4601e0e572b9b9e5ea9c5 4b4749361e10327baba3a187f1bfe1666f24a52e32b925799d717f726e94463f Loading...

	www.rosequake.com/static/lib/jquery/jquery.min.js?v=cac22025232-20240427	90 kB	2023-03-07	2024-05-06
Pretty URL www.rosequake.com/static/lib/jquery/jquery.min.js?v=cac22025232-20240427 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:21 Last Seen2024-05-06 18:08:26 Times Seen6058 Hash 3e4bb227fb55271bfe9c9d4a09147bd8 156837f75f6600ccb602b4efcbd393636c33f35e ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127 Loading...

	cdnjs.cloudflare.com/ajax/libs/Swiper/11.0.5/swiper-bundle.min.js	148 kB	2023-11-22	2024-04-30
Pretty URL cdnjs.cloudflare.com/ajax/libs/Swiper/11.0.5/swiper-bundle.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-22 19:21:36 Last Seen2024-04-30 05:11:24 Times Seen445 Hash 1aba3b60641d8dc579dca329a28d74d8 1a54fa817a49108dfdf2e75ce2ae507f007ac2bd 6942f0873b6a7108e18a983b4192ad469011a8131317f88161d6f0917058da22 Loading...

	unknown	247 B	2024-04-26	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 22:54:56 Last Seen2024-04-26 22:54:56 Times Seen1 Hash 20cea030dfffa69f1facb8fd29927d10 a19bb11fdf87757265d903e202e23e67e515ee2a e68ac77b094f78bed9993455b80d70ea906a69d96b3846145cab7ef982b93b14 Loading...

	www.rosequake.com/theme.js?v=cac22025232-20240427	0 B	2023-03-07	2024-05-07
Pretty URL www.rosequake.com/theme.js?v=cac22025232-20240427 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-07 10:16:59 Times Seen37399636 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.rosequake.com/static/lib/masonry/isotope-masonry.pkgd.min.js?v=cac22025232-20240427	36 kB	2023-03-07	2024-05-05
Pretty URL www.rosequake.com/static/lib/masonry/isotope-masonry.pkgd.min.js?v=cac22025232-20240427 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:38 Last Seen2024-05-05 10:04:44 Times Seen1691 Hash 5fb7c19c9c51cfb99f5ff942629f0f21 14c7f59e73d2a99aa688c2443a9a9b24acbff43c a931e5af561b1f0efaf6cdb96aeac4c035c30756dd6edd1091da1a68747d35bc Loading...

	we.chatsoftly.com/im_client/js/udeskApi.js	122 kB	2023-06-05	2024-04-30
Pretty URL we.chatsoftly.com/im_client/js/udeskApi.js IP 172.67.194.34 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-05 01:53:35 Last Seen2024-04-30 05:11:24 Times Seen110 Hash c3413a3ebda904b58eb82daf145ba474 4b4f909b034b4816e57915560fcd2df55e29885c b7a49d36850d3d1b0602e9be2e7489d109787bd66dc9445ceeb23b7254d73b9a Loading...

HTTP Transactions (182)

URL IP Response Size

rosequake.com/PageCMS/NewsLetter_Click.aspx?edmID=51

188.114.97.1

301 Moved Permanently

167 B

URL User Request GET HTTP/2
rosequake.com/PageCMS/NewsLetter_Click.aspx?edmID=51
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
0104c301c5e02bd6148b8703d19b3a73
7436e0b4b1f8c222c38069890b75fa2baf9ca620
446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /PageCMS/NewsLetter_Click.aspx?edmID=51 HTTP/1.1
Host: rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Fri, 26 Apr 2024 20:54:17 GMT
content-type: text/html
content-length: 167
location: https://www.rosequake.com/PageCMS/NewsLetter_Click.aspx?edmID=51
cache-control: max-age=3600
expires: Fri, 26 Apr 2024 21:54:17 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r3Jg3IVZnl197HMoIkUqq0KDZBizH0EH3REPIzeYq57RTaejrZoLTE%2FU52Gku%2BEilfkcHYTK0WhsbERUwrVqBmC292WdxnRZ%2BsFU0vaEWE6e7V0mXp873QPckoNoB2Sw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a9779a1de75688-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/Swiper/11.0.5/swiper-bundle.min.js

104.17.25.14

200 OK

36 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/Swiper/11.0.5/swiper-bundle.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65278)
Size
36 kB (35885 bytes)
Hash
1aba3b60641d8dc579dca329a28d74d8
1a54fa817a49108dfdf2e75ce2ae507f007ac2bd
6942f0873b6a7108e18a983b4192ad469011a8131317f88161d6f0917058da22

HTTP Headers

GET /ajax/libs/Swiper/11.0.5/swiper-bundle.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: application/javascript; charset=utf-8
content-length: 35885
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "655ecea0-8c2d"
last-modified: Thu, 23 Nov 2023 04:01:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 265008
expires: Wed, 16 Apr 2025 20:54:19 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BUqXkzqDRUY3oJs0fnIKZJndSRAqyIV9te0WGaQHU7%2BKzjrbZpW4opU2ghd4z29jDclGNMIbRfaL01BycchoQxwedpnZnCImn27mBCS2xdFJzVZMWLdkWrwAjJPkiOG9juRnwQiS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87a977a21ef256b1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/Swiper/11.0.5/swiper-bundle.css

104.17.25.14

200 OK

4.6 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/Swiper/11.0.5/swiper-bundle.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (2240)
Size
4.6 kB (4646 bytes)
Hash
dedb655afa22e72add3bc9f46bdbed8c
da69cab8478bbc98bd3f8cd3a75b8ca99ea2ff31
587a037b9ee024fa8e83e1a90c05cc0dcc4359c47a93173ea657f25d0480129c

HTTP Headers

GET /ajax/libs/Swiper/11.0.5/swiper-bundle.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: text/css; charset=utf-8
content-length: 4646
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "655ecea0-1226"
last-modified: Thu, 23 Nov 2023 04:01:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3689744
expires: Wed, 16 Apr 2025 20:54:19 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mfgHG7qUs5su0uK4IJVsTG80fRo6BdLua1c0nPvirvlumNqjw71lTu6CFtnSQYzEScNZ9QYNyfsuxiMwcJSXxdb3TTrbKuz14TnjVzwWCffOJL3MYFM0teGLU3wlEaVfSA3MQz7U"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87a977a22f1556b1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=AW-11401501348

142.250.74.168

200 OK

89 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=AW-11401501348
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52
ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT

File type
JavaScript source, ASCII text, with very long lines (4179)
Size
89 kB (88706 bytes)
Hash
15a36d212eee97c084ab8b047ece28b3
73c685fe14afed5c57e4601e0e572b9b9e5ea9c5
4b4749361e10327baba3a187f1bfe1666f24a52e32b925799d717f726e94463f

HTTP Headers

GET /gtag/js?id=AW-11401501348 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 20:54:19 GMT
expires: Fri, 26 Apr 2024 20:54:19 GMT
cache-control: private, max-age=900
last-modified: Fri, 26 Apr 2024 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 88706
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.rosequake.com/images/RoseQuake.png

188.114.97.1

200 OK

114 kB

URL GET HTTP/3
www.rosequake.com/images/RoseQuake.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
PNG image data, 540 x 410, 8-bit/color RGBA, non-interlaced
Size
114 kB (113985 bytes)
Hash
b997cd9eaa87e5814d06814c9b8dff7a
20769ae44e304fde943d84b3cbc8c6137630a6ec
75a534c6e3aacab57d49bc39fe6abc0f96b6e71461da7c9337e7d9b49967d916

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/RoseQuake.png HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/png
content-length: 113985
last-modified: Sat, 07 Oct 2023 23:46:41 GMT
etag: "b2b35f8578f9d91:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5623
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nbQmmKb7nGfQQf%2FuOkGCQYh5pcy2FGOhfAGcb0GfMtddHGOByeORkhbrpn8%2BjN2BdVspUnLQWkbd%2FwEo71kuKJQL7xfzBvfwTVkxK%2FmHmzSC%2FyUxKHqb2Pmsyl5tbc0c4rbl9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977a25c7856c4-OSL
alt-svc: h3=":443"; ma=86400

www.googletagmanager.com/gtag/js?id=G-B1QS3P765Z

142.250.74.168

200 OK

101 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-B1QS3P765Z
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52
ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT

File type
JavaScript source, ASCII text, with very long lines (5945)
Size
101 kB (100603 bytes)
Hash
4f1573190eee44ce2a4e19acc13ca6c8
073c9ed3a0058f243519e4467aece6b24bf67db0
7a388470baf729c054a163620c70f6e5c48437786f492a4b7468b2678d49c5fa

HTTP Headers

GET /gtag/js?id=G-B1QS3P765Z HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 20:54:19 GMT
expires: Fri, 26 Apr 2024 20:54:19 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 100603
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.rosequake.com/images/banner/ForHim.jpg

188.114.97.1

200 OK

16 kB

URL GET HTTP/3
www.rosequake.com/images/banner/ForHim.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
JPEG image data, progressive, precision 8, 250x370, components 3
Size
16 kB (16225 bytes)
Hash
0bcb0688e586ccd6e854a96e1a6d3735
fab6cdd1c8a300cca54be5949e81be0f7a8d1240
ec731030ef100326fa916f2d77806ff11285cd9568ae227c160b207709ff5f4e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/banner/ForHim.jpg HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/jpeg
content-length: 16225
last-modified: Wed, 06 Dec 2023 18:13:34 GMT
etag: "b6d238ed6f28da1:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5623
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JFzaDzrX1cEm8W%2Bl1n%2F%2BK2SJU%2FcR6MLS11boa866hhtx0ON6n%2BwfkdHz46zOQFEbAtpfSVlN3UJ3TqzLJg2eTVp%2B6V7kgqkQ6MUmA8MxLHdv957E5KSY6WOktdEjZGJCkjs7Og%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977a26c8256c4-OSL
alt-svc: h3=":443"; ma=86400

www.rosequake.com/images/banner/Couple.jpg

188.114.97.1

200 OK

16 kB

URL GET HTTP/3
www.rosequake.com/images/banner/Couple.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
JPEG image data, progressive, precision 8, 250x370, components 3
Size
16 kB (16499 bytes)
Hash
ec033fa43120a42803c965454f25ddea
6d4779f8b929123af1a8984271093b3c3e43a091
f4de491f8f691d2554bbbfb1aa7fd479aa50fdcb133486889cfe4776f57e54df

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/banner/Couple.jpg HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/jpeg
content-length: 16499
last-modified: Wed, 06 Dec 2023 18:14:19 GMT
etag: "6e7f1387028da1:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 6333
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hZ7jTgwNNgNo0hwJb%2F%2F1bi6b4uzKgrEJqnAzt4beCrrPP9vvu%2BEIKVTzG%2B8SRMJM7lEIw3Kg%2FRbk6ZoNCYiYSRgH%2Fos71BmYPRHeIS9WpyPw3NG63GF0H4AtwZuNBgUQxyxnTw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977a31d5756c4-OSL
alt-svc: h3=":443"; ma=86400

www.rosequake.com/static/lib/jquery.cookie/jquery.cookie.min.js?v=cac22025232-20240427

188.114.97.1

200 OK

17 kB

URL GET HTTP/3
www.rosequake.com/static/lib/jquery.cookie/jquery.cookie.min.js?v=cac22025232-20240427
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
JavaScript source, ASCII text, with very long lines (406), with CRLF line terminators
Size
17 kB (16580 bytes)
Hash
c2eb525e61d576ee386ba1adfaf736a7
db0ace78f4a6a2591545eeacb92c02d2022846d3
ab1ee99f22f107c9ae1559c920a1b7fe6cf89ec0c355a27be23669f688bf0350

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/lib/jquery.cookie/jquery.cookie.min.js?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2022 06:06:42 GMT
etag: W/"0858e306db0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hT5UeaEH4LZWSSiVjVg8YdcMGOqLY2E1PWTpWc5DUUsfGbiVHTHh%2FMl4MR%2BtQ%2Fm3pjNseXQt0AiwIE9hKRYdGV17opFPtsCaqlgXYx3TMLl672cO8cslYwIyeHsJvOYHIp7F2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a19b7256c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.rosequake.com/static/lib/bootstrap/bootstrap.min.css?v=cac22025232-20240427

188.114.97.1

200 OK

52 kB

URL GET HTTP/3
www.rosequake.com/static/lib/bootstrap/bootstrap.min.css?v=cac22025232-20240427
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
Unicode text, UTF-8 text, with very long lines (65302), with CRLF line terminators
Size
52 kB (51809 bytes)
Hash
c4d1ceed37c00ce45e73ad3eff7b3b11
8b02ab01b53a5cac0461a2fe0c0737e88691f5a5
096047f56d97ec5b954f7488aed28f752fb2b71edd8808e28ab1a5f2fe68b3d9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/lib/bootstrap/bootstrap.min.css?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: text/css
last-modified: Mon, 15 Aug 2022 06:06:20 GMT
etag: W/"09671236db0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eEz4So2pfFfLfVhjJ0JdHJ0Lz3Cc1oRqUwDzp5GmQ4bFLGXVEQ%2BCQBUhijIhss5VUQLrfKv8YU3czWsd6UZFe%2B673scKpUs7OY%2F6KUye53wTnIPhKxA0fwgPFR5Ks%2Fa8wed6DQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a15b0b56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.rosequake.com/PageCMS/NewsLetter_Click.aspx?edmID=51

188.114.97.1

302 Found

16 kB

URL User Request GET HTTP/3
www.rosequake.com/PageCMS/NewsLetter_Click.aspx?edmID=51
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
data
Size
16 kB (15487 bytes)
Hash
bb9cb59d372b768700d6382d7ec8a36a
100ef9ddfef760b01202ed652a0791637d94406d
3aeb6f04d83f8597a7f4d9b61b9ba18be225b0f242598e46907de741a86a54f6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /PageCMS/NewsLetter_Click.aspx?edmID=51 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Fri, 26 Apr 2024 20:54:18 GMT
content-type: text/html; charset=utf-8
cache-control: private
location: /
set-cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw; path=/; HttpOnly; SameSite=Lax
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L0pcmXoCQa%2FEE5bEZhADi6AXtYFudSG%2FvAtLeY31ayMVzGVyjYWF%2F0oERtDkVg01EESePBXyomdM%2BD2iUGjJsYV2L6IpNU9f2C3qShr9%2B2U83oaX1N0iHAGflh923aO3l7KMnw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a9779a8bc156c4-OSL
alt-svc: h3=":443"; ma=86400

www.rosequake.com/theme.js?v=cac22025232-20240427

188.114.97.1

200 OK

0 B

URL GET HTTP/3
www.rosequake.com/theme.js?v=cac22025232-20240427
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /theme.js?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: application/x-javascript
content-length: 0
cache-control: private
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: BYPASS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3vslo4jzhEoDUXFzurldm8CAuQlt6cXdSJWzDEOhF33zdttxPzdAodHYp99pKFpgSTwACPyidd2yC3tf%2BnjwrPje5LGJWjv1tx3ZPfUlPdcdX%2FL3BJXOQavvvCepEdqZNDE%2FWA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977a24c6956c4-OSL
alt-svc: h3=":443"; ma=86400

img.staticdj.com/8934b67cc260820841e7be002b01cd49_600x.png

104.19.235.103

200 OK

74 kB

URL GET HTTP/2
img.staticdj.com/8934b67cc260820841e7be002b01cd49_600x.png
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
74 kB (73656 bytes)
Hash
c7570af852efb7133595f308a6872439
af2ce68b2810dd3cf0a23353dbc9eb98590e548b
aea29da31a42756938af836c3b07607b8c0312d954c29d8408c6fa4b6047f747

HTTP Headers

GET /8934b67cc260820841e7be002b01cd49_600x.png HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/webp
content-length: 73656
cache-control: public, max-age=31557600, max-age=3600, public
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=148581
content-disposition: inline; filename="8934b67cc260820841e7be002b01cd49_600x.webp"
expires: Wed, 03 Apr 2024 19:59:54 GMT
request-id: 125d14c5-15d3-4843-b8c2-4b0325a3f4e5
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 125d14c5-15d3-4843-b8c2-4b0325a3f4e5
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Apr 2024 18:59:54 GMT
cf-cache-status: HIT
age: 1328494
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0DVQVlLI6tkqBUVTjwxV8vtxwYI2%2BtNdGNyuaAZ1Nu6ueSKsYkyjz0yLyDL7WkvOnY0RXoeYrN%2F%2BEghp94qEOTc%2BO1pn8kA2z3ImY8W%2BEgGCQQq1es3R0Nfq2H%2FJtaZMoC8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=18.999815
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977a4486bb4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img.staticdj.com/83044eeea07045d893abc99643a74f88_600x.gif

104.19.235.103

200 OK

163 kB

URL GET HTTP/2
img.staticdj.com/83044eeea07045d893abc99643a74f88_600x.gif
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
163 kB (162852 bytes)
Hash
83044eeea07045d893abc99643a74f88
fec1a9e1c4cd5099082aeab137b5197134bb1a05
8f9054814ffaaa62d81e5b5b753f8c4f9865caec4abf2f4885d064d9e6a4ee3e

HTTP Headers

GET /83044eeea07045d893abc99643a74f88_600x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/gif
content-length: 162852
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: status=format_not_supported
request-id: bd8a0901-e1a5-443a-9b2a-fe883e19e11a
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Sat, 27 Jan 2024 13:20:41 GMT
cf-cache-status: HIT
age: 4958775
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NZmlDQ7PmLy1QUqhVKpfF1P8xIOmkLVf6iTMfhNXwSuC2D1OUx3x6pJMzYk4mKdlNya8Vz1Ys047H67dNwI4whl4Cv49NUu7%2FYcjTGO6pa4k2f5GyRkPDE6HrxhHsJXnZC0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=20.999908
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977a4486db4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.rosequake.com/static/lib/slick-carouse/slick.min.css?v=cac22025232-20240427

188.114.97.1

200 OK

18 kB

URL GET HTTP/3
www.rosequake.com/static/lib/slick-carouse/slick.min.css?v=cac22025232-20240427
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
ASCII text, with CRLF line terminators
Size
18 kB (18264 bytes)
Hash
cbd721a56cee571b7894b4432b1644ff
64b55d078a6ff3ac9d916ab31017b22ad4cae4cc
051c156fd95c71e48fb3d4c69a131617be06758a4302f4d63f259ab32ced32ea

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/lib/slick-carouse/slick.min.css?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: text/css
last-modified: Mon, 15 Aug 2022 06:06:14 GMT
etag: W/"0fde1f6db0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=feblZAufEAe3IJs4OCUJjpoI2fATmuDgHq7WUT95c8jmVp64AoA6NKJNrdEaV6l6p0TOm6ZalbOpSjJDHqh7%2Fz9wGY8BNek51AzIR9t7a8GHDdS%2BPDooTLTl4ERBLQgAl%2FZZrA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a16b1c56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.rosequake.com/static/lib/fancybox/fancybox.css?v=cac22025232-20240427

188.114.97.1

200 OK

169 kB

URL GET HTTP/3
www.rosequake.com/static/lib/fancybox/fancybox.css?v=cac22025232-20240427
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
ASCII text, with very long lines (474), with CRLF line terminators
Size
169 kB (168878 bytes)
Hash
8934fc2cc6952be05b710c87d7476178
f305054afdaf4c1df87f57a53724754cd0bc052f
1a9d522b9594ba76d8def2c0e4a6d26b6497cbce380c7ac87b51dd5548153c98

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/lib/fancybox/fancybox.css?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: text/css
last-modified: Mon, 15 Aug 2022 06:06:14 GMT
etag: W/"0fde1f6db0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6lSf0ahOO5z6ICBBU57wGtHv%2Bz4o93hqIhbQWBP8PHQsbNYdDOFFD%2B0rjZLARjplLLMhfdnBld%2BtV3F2RaeT2k%2FQX4ypD5NpTQc2BBYVV1FV2sQPOVwT2FY%2FjZ3EIZK%2FOFZyVg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a18b5256c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.rosequake.com/static/lib/jquery.elevateZoom/jquery.elevateZoom.min.js?v=cac22025232-20240427

188.114.97.1

200 OK

68 kB

URL GET HTTP/3
www.rosequake.com/static/lib/jquery.elevateZoom/jquery.elevateZoom.min.js?v=cac22025232-20240427
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
JavaScript source, ASCII text, with very long lines (1299), with CRLF line terminators
Size
68 kB (68252 bytes)
Hash
c4ab6fa36490a0cccc26ac7bbdd04c89
84c2e019f93a8db7c1607d6d9a74e3f2f9f11e00
f83b8845cc1020d205c0e74e9d68882bdda292334a8d4e4c9cddf5d7ce07e3d7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/lib/jquery.elevateZoom/jquery.elevateZoom.min.js?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2022 06:06:44 GMT
etag: W/"0b2bf316db0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CeFsN4%2B%2Bdd3OaPuoLp3AaSYknvOwTXN8yaPNuqYcxvUfGjsi08%2BVup1NOekd6xWMmOJnDYH%2Ff6XC8OAWJ6P5nZZ5PwJJOzbNpU3%2BO1yP7JWCbeYhU%2FKBfsNCYF5nJbsF1OfJqA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a19b8156c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.rosequake.com/static/lib/bootstrap/bootstrap.bundle.min.js?v=cac22025232-20240427

188.114.97.1

200 OK

82 kB

URL GET HTTP/3
www.rosequake.com/static/lib/bootstrap/bootstrap.bundle.min.js?v=cac22025232-20240427
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
JavaScript source, ISO-8859 text, with very long lines (65244), with CRLF line terminators
Size
82 kB (82015 bytes)
Hash
922da84a8e0006cd38b130a4987f6710
6a727fa12390dfb07934d52caffb1c8cc3bf8e17
f6fc102e7f94584f245c3bd6b6b38c4008a1782d7e12d4c663f43cc020190123

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/lib/bootstrap/bootstrap.bundle.min.js?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2022 06:23:40 GMT
etag: W/"0fe548f6fb0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KfjWzoLL4hO1OZk8fMl1OF8Fun3LTzT%2Bxh6%2B1kCItmDclAiA2jm7E1yqRQe00Y%2FUcexPuxLYIIe8%2FIX1hhchDDdgwgZ0wEUEOzeEZyeZEhRQZSR9S5B9ohdQVbjC6%2FG2FDd97Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a19b7456c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

img.staticdj.com/c9253861e40edd923d3ac7749c815e14_600x.gif

104.19.235.103

200 OK

20 kB

URL GET HTTP/2
img.staticdj.com/c9253861e40edd923d3ac7749c815e14_600x.gif
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
20 kB (19630 bytes)
Hash
5ceb632798d21262b562c46b8731325b
15c2e19115d1d84d98ebd93faae96ec5ab66bc2f
f7c6f035c0a34447033bf25c1a0b75b8634a12b329da11e045ec3217b05581c8

HTTP Headers

GET /c9253861e40edd923d3ac7749c815e14_600x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/webp
content-length: 19630
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=57609
content-disposition: inline; filename="c9253861e40edd923d3ac7749c815e14_600x.webp"
request-id: 741bbce0-5b35-43c7-8ebf-d926da1639d6
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Mar 2024 05:14:12 GMT
cf-cache-status: HIT
age: 1328493
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k5W8ZWjE1HQfl9QC8pIR%2Bs9XDNH%2BNQPyDc26%2BR4BTvUbtryPGRaXWyZXfvwdqPwBDqQPJO3ZDkul5ti031RphSXMPbJEgt4MOeJZOTB5q%2BDmn%2BuY9eV%2Bdv0M%2Fhu5O%2FBZVRA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=23.000002
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977a44879b4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img.staticdj.com/0d6e8d0701e53234033de17232ab13c6_600x.gif

104.19.235.103

200 OK

33 kB

URL GET HTTP/2
img.staticdj.com/0d6e8d0701e53234033de17232ab13c6_600x.gif
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
33 kB (33024 bytes)
Hash
c17bb512354bbad0517858a438ecc209
5d5b12c99f9bfb905d44670014a1deba173698b5
4161427620af49b7e95d31529bf41f533bd00854e0b425cc27fa59c4f1879b51

HTTP Headers

GET /0d6e8d0701e53234033de17232ab13c6_600x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/webp
content-length: 33024
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=88577
content-disposition: inline; filename="0d6e8d0701e53234033de17232ab13c6_600x.webp"
request-id: 41fe087b-3e90-4908-a042-de198929d72f
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Tue, 23 Jan 2024 23:13:25 GMT
cf-cache-status: HIT
age: 4958775
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XBCmcA2sd%2Bit5RuPU4IJPtMaByJ%2Bc1bD3oLAFu%2FLxUJm5%2BCcVsh%2F8wozD%2Fnem3C669dTrWofIwHaGU35%2FnRs0vwiTEQUB20vRQQP8vI2HAUKeg3pGmITPe1NZrM0WGo6x8E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=19.000053
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977a45883b4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img.staticdj.com/070d153349c79c7deb2c73960de15682_600x.jpeg

104.19.235.103

200 OK

21 kB

URL GET HTTP/2
img.staticdj.com/070d153349c79c7deb2c73960de15682_600x.jpeg
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
21 kB (20786 bytes)
Hash
5c691090b454f1b36126b4d03ea1bf34
d47cf6b47047b65f231e4f9fa28dd95b0f693d0e
593bcf24ea1da41a5482b63134228ac274d503963897129fa24f268a460eed20

HTTP Headers

GET /070d153349c79c7deb2c73960de15682_600x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/webp
content-length: 20786
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="070d153349c79c7deb2c73960de15682.webp"
expires: Wed, 06 Mar 2024 20:01:56 GMT
request-id: c6fc1e99-4d63-44b5-9e8f-f22db30bda9d
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: c6fc1e99-4d63-44b5-9e8f-f22db30bda9d
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 19:01:56 GMT
cf-cache-status: HIT
age: 735518
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pqBajPCG74DM2N7iBCZKCUoP%2BwrufSKutqQumlM%2FPLqiAbtgWWXYN%2FlRXcbULl19DhektA%2FtCoiNmG8%2FvBSeCg7ppdDKynX0PS6tgCQlWz0jjgnzz7%2FGznQ0z%2F%2F8Y54p1Qw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=27.999878
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977a44874b4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img.staticdj.com/72767f2271b74ee198e09a21d56e3541_600x.gif

104.19.235.103

200 OK

19 kB

URL GET HTTP/2
img.staticdj.com/72767f2271b74ee198e09a21d56e3541_600x.gif
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
19 kB (19084 bytes)
Hash
b27276b892f3c67098c0947293ed666a
435595e3bbfb2e6198331d3ca8eccdb01be2b937
ff19b713d662bd5a49453dd486265f365d5a32d8c50b1c210ce313727940b8d8

HTTP Headers

GET /72767f2271b74ee198e09a21d56e3541_600x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/webp
content-length: 19084
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=63049
content-disposition: inline; filename="72767f2271b74ee198e09a21d56e3541_600x.webp"
request-id: e3676804-8c34-4fdc-9850-38a06ed24b0a
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Thu, 07 Mar 2024 20:44:31 GMT
cf-cache-status: HIT
age: 3583457
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VsTFf7xTd5uadXpkkoWeBxCThyMRKX0YyWWgHD%2BAW4OzP5NAR9o1IAkUcE1sBQlImstVWJ4xhPzhqHDhtDXnalNhN9qKMFJ2whUScl69Y7cSPaPXGwRdEn%2BToR6EE%2BHBiEA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=29.999971
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977a4487eb4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.rosequake.com/static/assets/sass/sidebar/sidebar.css?v=cac22025232-20240427

188.114.97.1

200 OK

29 kB

URL GET HTTP/3
www.rosequake.com/static/assets/sass/sidebar/sidebar.css?v=cac22025232-20240427
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
ASCII text, with very long lines (41614), with no line terminators
Size
29 kB (28938 bytes)
Hash
30514b5eb429ab4f3e8b766d6c6ac06c
a5c42cda1bb44a83c4fe9ca5221825ca1d0e53cb
31d5a65ed4f290361fa9f6431b3fda6ec771b90d0f7cc1403576637af527b9bb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assets/sass/sidebar/sidebar.css?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: text/css
last-modified: Mon, 15 Aug 2022 06:06:14 GMT
etag: W/"0fde1f6db0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8ETwcV%2BhfnLwi2izD%2B%2FDhs88mkG0pNNtgNPrp%2Fw7owI3cW5iMCn2PfDZDfTh6NQwxh77SFpMjo5Vk3Yv6AAzvKZ4xElOT9PWMUb8EKwSdkgn8cEeO7RjdDqFEgQd2a3J8fjrCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a17b3556c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.rosequake.com/static/lib/fancybox/fancybox.umd.js?v=cac22025232-20240427

188.114.97.1

200 OK

56 kB

URL GET HTTP/3
www.rosequake.com/static/lib/fancybox/fancybox.umd.js?v=cac22025232-20240427
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
JavaScript source, ASCII text, with very long lines (65501), with CRLF line terminators
Size
56 kB (55674 bytes)
Hash
b01da78c5d4905c9961b0f6edfa28c3f
e51d3d15baa13e0cda9b2e6637925c74c8655a4c
691ffb9a7ea68f1b92aa89bfd4392bfe7de445a153c28ef4268aa192215d3ef7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/lib/fancybox/fancybox.umd.js?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2022 06:06:46 GMT
etag: W/"0dff0326db0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pKnFM6x2%2FdEnQucLuxS4eVjrEvcCFQeRLRBlmUSr3dfh%2FLLuq2oS9U8%2FC3wvAQIKzU7URCcXQLPgZIHvJv1EM0J9pvDXqWKd6gNrh0g%2BxSQ3x3TUbcaiqrOo5CStMDI%2BMKnsWw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a19b7e56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

img.staticdj.com/3245df1dd364f2b1284301de13e1f57a_600x.gif

104.19.235.103

200 OK

32 kB

URL GET HTTP/2
img.staticdj.com/3245df1dd364f2b1284301de13e1f57a_600x.gif
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
32 kB (31462 bytes)
Hash
a6409efe2766bf6ca61a9fbb47b13d19
539281a4af53e949e0758c08acde561cd9b733fc
1ea89e37fd0728b37764328658726f9d3c9e2d81d8d9e4ab4895a77a93ee413f

HTTP Headers

GET /3245df1dd364f2b1284301de13e1f57a_600x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/webp
content-length: 31462
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=92940
content-disposition: inline; filename="3245df1dd364f2b1284301de13e1f57a_600x.webp"
request-id: 3731b15a-11e2-42fc-959d-5e73e776e91f
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Thu, 18 Apr 2024 00:37:28 GMT
cf-cache-status: HIT
age: 710352
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y8L%2BLuu4dkN7Az4oxamvilqnZk%2FAvAOG7XFgbFAA6mArOL193RBHjvPB9Soh6gUKKpEHUuxrzzWvl7D3VRgu8gflZ2pPox3oxYedeZZ14HUxTRqVbcCjD8ku8Y9B8%2FwTNHg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=26.000023
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977a44882b4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.rosequake.com/static/lib/slick-carouse/slick.min.js?v=cac22025232-20240427

188.114.97.1

200 OK

42 kB

URL GET HTTP/3
www.rosequake.com/static/lib/slick-carouse/slick.min.js?v=cac22025232-20240427
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
JavaScript source, ASCII text, with very long lines (32026), with CRLF line terminators
Size
42 kB (42538 bytes)
Hash
04f7e97a54f61407f230196b17a3b5c8
e3d1d3bdc40c2e3788e2b83b1cf70084e330eaa3
254d80a49d0c9fced2fd0c272e7b868ca726df8189dc9c5735c56a33e7853dfc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/lib/slick-carouse/slick.min.js?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2022 06:06:42 GMT
etag: W/"0858e306db0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cF8P%2BDd9y2M5%2BjyBsI%2FtKOlrz2QNrp%2BJudAxUm2RLfj0HrB3hddosQzGHYx171p9yM8E8HhyYyvC2N2Z1%2B1o1oHlowtaCsTqLQgp8o8gOwSAcHLzAiK5Ikad2tpmjTU7pWoPhA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a19b7b56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.rosequake.com/static/lib/bootstrap/popper.min.js?v=cac22025232-20240427

188.114.97.1

200 OK

41 kB

URL GET HTTP/3
www.rosequake.com/static/lib/bootstrap/popper.min.js?v=cac22025232-20240427
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
JavaScript source, ASCII text, with very long lines (18706), with CRLF line terminators
Size
41 kB (41401 bytes)
Hash
777f8a32fe7ad62a6c5f1e649bc3616e
41feeaacdff5f9714848b7bbe55739185462f2ab
7a409fd037337862ad8373afd1e77781984d6961c90c00d901ae04664768b01b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/lib/bootstrap/popper.min.js?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2022 06:06:44 GMT
etag: W/"0b2bf316db0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X2Yxbop3%2FQYBBf3aIIBCuVWPV%2Bhs17mnUOLnZ3hfrbX55llj9raTHAjM8BfKFvFy9WgaMEhfwpUP1ISGLDMf8nspLKzfLsWALdogSin2aHJw1ag0UGYn%2FV%2Fn5E7Zh7Tl5%2F1I0w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a19b7856c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

img.staticdj.com/4aa192c5ff5f15ea00730eeeb2f98e56_600x.gif

104.19.235.103

200 OK

36 kB

URL GET HTTP/2
img.staticdj.com/4aa192c5ff5f15ea00730eeeb2f98e56_600x.gif
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
36 kB (36548 bytes)
Hash
ddf34d8a6ae904b02838324a148d581c
b33cde025e395b28ee2b51968e95fb4a86edd716
440b6848b4f9cdc605eebc75fbbb67e4434fc0d88afea3895ec812e8a4f7b585

HTTP Headers

GET /4aa192c5ff5f15ea00730eeeb2f98e56_600x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/webp
content-length: 36548
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=158108
content-disposition: inline; filename="4aa192c5ff5f15ea00730eeeb2f98e56_600x.webp"
request-id: 9081220b-317a-4b98-996d-ff5695cf5f41
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Wed, 17 Apr 2024 22:52:20 GMT
cf-cache-status: HIT
age: 710352
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S4IJSfSANfbRznT%2B83brdvVXYVL3niRT2ticgwuyQZp43KIn7I21sb20LsmPv9E5M3UL8t%2FasjoC9OxtX8fGvBk6OJlJPZmPZZ2JtHFWljUXR3CkqIGM8BGTR3yvk1cYA8g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=41.999817
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977a44869b4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.rosequake.com/static/CBDStyle.css?v=cac22025232-20240427

188.114.97.1

200 OK

104 kB

URL GET HTTP/3
www.rosequake.com/static/CBDStyle.css?v=cac22025232-20240427
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
ASCII text, with very long lines (1418), with CRLF line terminators
Size
104 kB (103765 bytes)
Hash
2e1858a92856a89908a456f977b96051
c9aa6018b21ba84a69e69159f75d73b41354d3ad
f07cf5076ef90427551f5f5242ce673107a05737e875e9bd845628de102713d6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/CBDStyle.css?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: text/css
last-modified: Wed, 17 Apr 2024 11:40:57 GMT
etag: W/"80eaa91cbc90da1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a9vm311swpHIfkA8JU3qn3KOTPQDvQq%2BJ4gml4FPUgTVtgxTSZvfnvDKyg1tWTyqbLVL3jS%2FOxC%2FT6ShO3Y8h4aSLqSy3zC%2FMZztr%2BD07UXoAWIvckYRm%2BbCSDLrjqGImR2%2FNg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a18b5656c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.rosequake.com/static/assets/sass/base/animation/animation.css?v=cac22025232-20240427

188.114.97.1

200 OK

40 kB

URL GET HTTP/3
www.rosequake.com/static/assets/sass/base/animation/animation.css?v=cac22025232-20240427
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
ASCII text, with very long lines (588), with no line terminators
Size
40 kB (39815 bytes)
Hash
ae3be075920a0f6383941a562ca1d463
f69e0cf75305a350af184bfb68c8a76a4e04241b
a9689c4c62542817e9915a50df62020a909a63b566cd09af80f42bd5d427b33d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assets/sass/base/animation/animation.css?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: text/css
last-modified: Mon, 15 Aug 2022 06:06:14 GMT
etag: W/"0fde1f6db0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8b6GBmB3Kegx9ey5A2Hbvawi%2BKtV8ewNvneUCcAZyPGy4tIaPP73iESkDfps7eXzTKCzpgMMNWhKrlSMSvpjW2ptqecQ5X%2Bqv2i45MebRi57DoE5Cx7m2XL2QENGu%2FstYfneXA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a17b2356c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.rosequake.com/static/assets/sass/index.css?v=cac22025232-20240427

188.114.97.1

200 OK

218 kB

URL GET HTTP/3
www.rosequake.com/static/assets/sass/index.css?v=cac22025232-20240427
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
ASCII text, with very long lines (4799), with CRLF line terminators
Size
218 kB (218493 bytes)
Hash
3443516bacfaa66ae391b88d88e33e6f
37d95a74b0cec5732515056a2c9dae72a838f413
cad23b2d2a92fec9b54dcecf79459459a4d7bc4539bcb8c00b334bb319249038

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assets/sass/index.css?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: text/css
last-modified: Sat, 14 Oct 2023 18:20:10 GMT
etag: W/"029ee10cbfed91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wu7uk2O4j%2BLNjj63ZS%2BJhqZ%2FBedaWMKQSfaIYlSyGnf1RUrIbYWP1osQ2dMHK0sXd%2FGMs6j6Ik5Szqe8frbx1Urt5zT0TLi6xdpJsOFDclpBQydZcSZ%2FTSu%2FxaWyArLOtYKEEw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a16b1656c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

img.staticdj.com/0bdfb387111342c9f79a5ed0a000e259_600x.gif

104.19.235.103

200 OK

112 kB

URL GET HTTP/2
img.staticdj.com/0bdfb387111342c9f79a5ed0a000e259_600x.gif
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
112 kB (112056 bytes)
Hash
8e61e01c5c384a45493c35b8b67f25db
ba74d4f3df6bb2c7f2d99bb5c4d3867f62588ea2
19be3c58378444aefd764cf358a68d5b91291c46a4e98f1bb1d04bc8d6a8f25e

HTTP Headers

GET /0bdfb387111342c9f79a5ed0a000e259_600x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/webp
content-length: 112056
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=155876
content-disposition: inline; filename="0bdfb387111342c9f79a5ed0a000e259_600x.webp"
request-id: 549646a7-189d-4877-9b90-150cfb5bf043
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Wed, 31 Jan 2024 08:06:01 GMT
cf-cache-status: HIT
age: 4958774
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S7xI90jx5KvCSUErrFNfYxzYyfZVTFq9%2F%2F8tjoqmK0%2F7gM3PWCJzTGm6VAxTBWCXg5fnF6VRQ4QWMBh4FF9hscuXjck7263hK5IoTmXXs9l9P5dOpZ7JI9lCXOmPkQIlpxE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=33.999920
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977a4486eb4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.rosequake.com/static/lib/jquery/jquery.min.js?v=cac22025232-20240427

188.114.97.1

200 OK

166 kB

URL GET HTTP/3
www.rosequake.com/static/lib/jquery/jquery.min.js?v=cac22025232-20240427
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
JavaScript source, ASCII text, with very long lines (65446), with CRLF line terminators
Size
166 kB (166174 bytes)
Hash
3e4bb227fb55271bfe9c9d4a09147bd8
156837f75f6600ccb602b4efcbd393636c33f35e
ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/lib/jquery/jquery.min.js?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2022 06:06:42 GMT
etag: W/"0858e306db0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4G0hicMTcgvnIvQ9UlGuftRZkvaOBqX2pBwYYLKh75Xub14Cn%2B6t1NBiRBjLgnAZ4ObwdDFo0canxX6TftFVvuw1FluDgKFYP9SYaKNBmzu%2B%2FhcxFMnJQ9nE59zo2mROMotyIg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a19b6f56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.rosequake.com/static/assets/sass/base/product/component-product.css?v=cac22025232-20240427

188.114.97.1

200 OK

158 kB

URL GET HTTP/3
www.rosequake.com/static/assets/sass/base/product/component-product.css?v=cac22025232-20240427
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
ASCII text, with very long lines (39193), with no line terminators
Size
158 kB (158292 bytes)
Hash
1044c3cef197bf3574a60b7f321c86f5
be9c4ea7b19a183eec748eae25808d6e1d4b7289
c236d51685d99df1c5646a27f259badae7c284190dcff88487a6e63ff89578b2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assets/sass/base/product/component-product.css?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: text/css
last-modified: Mon, 15 Aug 2022 06:06:14 GMT
etag: W/"0fde1f6db0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ISQa1MjRnWEW3rSadwW0FejbMYvT5PwaqBw%2F6fkSSQGVGrymIZBgF1P3LzpTgtkzpZWeTJJRqQOxPZWntPSkHl6OR%2FFLd1bU0zfhssXIqQxcGuarXX63hmBaEVi9aGyb4iFNsw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a17b2b56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.rosequake.com/static/assets/sass/popup/popup.css?v=cac22025232-20240427

188.114.97.1

200 OK

262 kB

URL GET HTTP/3
www.rosequake.com/static/assets/sass/popup/popup.css?v=cac22025232-20240427
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
ASCII text, with very long lines (10522), with CRLF line terminators
Size
262 kB (262042 bytes)
Hash
482bbe70e21e778f2c511a467d994090
5ac17271181cc9bb17adc708b7645208b11c532f
ada0ffd438f67248313dce1f0f7e7c391e48d0f1089a06900892f827b721dc17

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assets/sass/popup/popup.css?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: text/css
last-modified: Sat, 28 Oct 2023 21:20:33 GMT
etag: W/"8066b995e49da1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A95e1D5z%2Bbddm3xruB1pDFW8NEKvDkP%2BP%2B0vIlOmAh5%2Fv5o5sU0bmtu4aoXWJH65w20DKQm6J0MP%2FMaicgD%2FUlfU0t5z7tf3BvVL7DLPk%2BhhYu40B0cd2mLztZ8CmBq6i8wqkg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a17b3456c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.rosequake.com/theme.css?v=cac22025232-20240427

188.114.97.1

200 OK

0 B

URL GET HTTP/3
www.rosequake.com/theme.css?v=cac22025232-20240427
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /theme.css?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:20 GMT
content-type: text/css
content-length: 0
cache-control: private
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: BYPASS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YAi%2FGc6cAFBDyUR1zsdkR75U02hHeEF1TWyJstDSXYHz6mSg4rGYOZgNuiGzw22%2FpVmGg5MyXNN1OkSxFO4dfD9N7KOzbFViQ0JHUC8d4Huj%2BTdO68%2FEjpaVVIT6QOLBUKVd3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977a24c6756c4-OSL
alt-svc: h3=":443"; ma=86400

img.staticdj.com/8c6a27ad6c0d760d145addd96253ebaa_600x.png

104.19.235.103

200 OK

204 kB

URL GET HTTP/2
img.staticdj.com/8c6a27ad6c0d760d145addd96253ebaa_600x.png
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
204 kB (204004 bytes)
Hash
79466905c32ff2a6d0c347b5e9515642
aa715ae401bdbc2e5778f3edc476b6438ffdba98
d62d135e95ca264042e19e4f9b50a106879d046a403e34847a13c4911d2f3a63

HTTP Headers

GET /8c6a27ad6c0d760d145addd96253ebaa_600x.png HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/webp
content-length: 204004
cache-control: public, max-age=31557600, max-age=3600, public
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=375970
content-disposition: inline; filename="8c6a27ad6c0d760d145addd96253ebaa_600x.webp"
expires: Thu, 11 Apr 2024 23:25:02 GMT
request-id: 9b4c627f-8025-435f-a73f-81a840b575bd
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 9b4c627f-8025-435f-a73f-81a840b575bd
x-xss-protection: 1; mode=block
last-modified: Thu, 11 Apr 2024 22:25:02 GMT
cf-cache-status: HIT
age: 1072530
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b%2BnAtsaBAwEvEFlzhHtzpg8gOcj%2FQdeLGFngGbQVa4Pq4ZwHs76bxCeSu4JlYeucAagW0ie1I2xB6NW8kdIZmh5TnrE%2F1BuFnoOMZGLummH1C1tQpcQ6MgOllx7Z9YOPp20%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=84.999800
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977a4486cb4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.rosequake.com/images/loading4.gif

188.114.97.1

200 OK

6.6 kB

URL GET HTTP/3
www.rosequake.com/images/loading4.gif
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
GIF image data, version 89a, 60 x 60
Size
6.6 kB (6581 bytes)
Hash
ee3e67267342c680d45aa26e7a766e0a
456c0413f2d2d7b41218ecc02207c05c31ab4737
ddaf92bbcc4785ceb3b77454898fae6603a82a75ff1b646dd8c387e9bbeb9922

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/loading4.gif HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw; _gcl_au=1.1.1780305057.1714164860
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:20 GMT
content-type: image/gif
content-length: 6581
last-modified: Wed, 13 May 2015 02:06:07 GMT
etag: "7c219c5f218dd01:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5623
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ANazlqPtlQn8xZVIczgnxg0bLm22HarNwFWLDQ3j4d%2FPZgcEaORn5%2FuPRP9i1UKHTqEvwRM5gFbxcogN%2BxjEWARQ4EoSwXNctl0ysqdAyQnr6QaUG0HOzwZ1SaT6RX0z%2BqHbTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977a9fca456c4-OSL
alt-svc: h3=":443"; ma=86400

www.rosequake.com/static/assets/js/theme.js?v=cac22025232-20240427

188.114.97.1

200 OK

13 kB

URL GET HTTP/3
www.rosequake.com/static/assets/js/theme.js?v=cac22025232-20240427
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators
Size
13 kB (12687 bytes)
Hash
c5469e9f0e448739e77e540bd0f1d8f5
8527e3f640254d4b9c23d5cc4f9cb205298eec58
dbabd00d3fa2893d1bef0085bc67ddb5624e3cfd72064d07f4b67bd63a011ba0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assets/js/theme.js?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw; _gcl_au=1.1.1780305057.1714164860
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:20 GMT
content-type: application/javascript
last-modified: Tue, 05 Mar 2024 22:04:51 GMT
etag: W/"80c34d25496fda1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2172
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ucbNPx%2B0KC2zoru3hg35PYnttmzDWoDdiJJZjpO9ziWCKmQFmDciLjTdv4Do9eCphezFFzjwdVg1yXAIE8BJm%2FrSAOlui45sAep6IEk0T9f%2BGOcAo1mSdrleSKunRaL7bzgs8g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a9fca956c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

142.250.74.106

200 OK

5.5 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50
ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT

File type
gzip compressed data, max compression
Size
5.5 kB (5514 bytes)
Hash
f7e1a96ecc17bb8274fbcbe020e61eb4
ddd26febbc0abdb2e90ce871e1d0ea63bb5c6dc0
8d1b7c6ff71876bc5843116e8b9204d3aed8c4870f4fc8350dfbbb1e39362623

HTTP Headers

GET /css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 20:54:20 GMT
date: Fri, 26 Apr 2024 20:54:20 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.rosequake.com/js/jquery-ui-1.13.1.custom/jquery-ui.min.js?v=cac22025232-20240427

188.114.97.1

200 OK

19 kB

URL GET HTTP/3
www.rosequake.com/js/jquery-ui-1.13.1.custom/jquery-ui.min.js?v=cac22025232-20240427
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
JavaScript source, ASCII text, with very long lines (37264)
Size
19 kB (18623 bytes)
Hash
b74c18de0056ed87c5e712eb21074f98
fc1fa797cac8bb89a1416aa2662b2cd74d851d60
4502cf3c096b98c6ed963242ce158fce517d3afd00982d2a8daddce91f30375a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/jquery-ui-1.13.1.custom/jquery-ui.min.js?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw; _gcl_au=1.1.1780305057.1714164860
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:20 GMT
content-type: application/javascript
last-modified: Tue, 05 Apr 2022 21:33:12 GMT
etag: W/"05c40c03449d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2172
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j%2B9ql43yBd2opaWlkr6G5xeHwI3Pw%2Bq4DjfcTLMY%2FcGwUJRb3m8aFEyPpH6JoBSlF7Aix2RpZNNOSPGYEN7HgwB7tcfAqjvCL8LNi4IsesVdF5y5x17uNfwqwWq8vX2JRFsidw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a9fcb056c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

we.chatsoftly.com/js/im_load.js

172.67.194.34

200 OK

10 kB

URL GET HTTP/2
we.chatsoftly.com/js/im_load.js
IP
172.67.194.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerLet's Encrypt
Subjectchatsoftly.com
FingerprintB5:CE:E5:95:0F:6B:BB:E2:D4:E0:32:34:86:00:B8:EB:C8:3F:A6:E5
ValidityWed, 06 Mar 2024 04:41:15 GMT - Tue, 04 Jun 2024 04:41:14 GMT

File type
JavaScript source, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
10 kB (10113 bytes)
Hash
cc1080d492f422ebfdcc091aa525580d
249685a9d4bec1dd1c3f7761254ef9d23265fad4
9c4416858603f97c66642e57c2a727280558f897be9cd9e52bee4e631ad48671

HTTP Headers

GET /js/im_load.js HTTP/1.1
Host: we.chatsoftly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:20 GMT
content-type: application/javascript
last-modified: Wed, 13 Sep 2023 15:41:56 GMT
etag: W/"07a42d358e6d91:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2172
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=reBamseatjDagbTwLqCuVsk9fDTPsdZoQRnMP0PQIDAFodoISNDbBfY2Obbaem8kUvk7bF4mpfRZlKyZSvhxDs5itR%2Bf9M7mnQ0Cc73%2BqowcvMfuGfVXiG0997tslk%2BmzoFyZw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977aa581256a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.rosequake.com/images/bg.png

188.114.97.1

200 OK

90 kB

URL GET HTTP/3
www.rosequake.com/images/bg.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
PNG image data, 750 x 900, 8-bit/color RGBA, non-interlaced
Size
90 kB (89690 bytes)
Hash
ccf77e016e248189f1010ef460854b41
ba7980d6188a7581acc6e8e38c7bb3d3377af87b
58eab8be48f2cdd0eff40a5c8834dee3df3295020cc35104611ea2d0346357f9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/bg.png HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/static/CBDStyle.css?v=cac22025232-20240427
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw; _gcl_au=1.1.1780305057.1714164860
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:20 GMT
content-type: image/png
content-length: 89690
last-modified: Mon, 16 Oct 2023 18:33:27 GMT
etag: "82b653415f0da1:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5623
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=40%2Bf03fwNHfuop0PNe6yqEPMsjgyUOCukZ0whcvnZSQLNEO1qYxO3IxnYK2LzrIDjEF4lUhM1bT9kOndLT1qvVS0TVCE3joprUup5imNvyr%2BSuT5NKpFFaEZDzEYcc7vrgMmBA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977acbfb956c4-OSL
alt-svc: h3=":443"; ma=86400

global.akating.com/Images/country_list_bg.png?v=d

104.21.11.35

200 OK

73 kB

URL GET HTTP/3
global.akating.com/Images/country_list_bg.png?v=d
IP
104.21.11.35:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectakating.com
FingerprintA8:7E:17:08:6D:10:CF:53:D4:98:D4:CE:50:7C:4A:15:9B:62:1D:62
ValidityFri, 19 Apr 2024 10:57:59 GMT - Thu, 18 Jul 2024 10:57:58 GMT

File type
PNG image data, 20 x 5477, 8-bit/color RGBA, non-interlaced
Size
73 kB (72595 bytes)
Hash
6c82c39a53d564744f41787731157fe9
c1ed91eb19f49725887d7b8b5d72607500744b5a
0584c02871ac6487ab8a93f4d6a5c1d1b8100061d7485cae1de3e7dcab8ad347

HTTP Headers

GET /Images/country_list_bg.png?v=d HTTP/1.1
Host: global.akating.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://global.akating.com/files/css/countryFlag_s.css?v=cac22025232-20240427
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:20 GMT
content-type: image/png
content-length: 72595
last-modified: Sun, 03 Jul 2022 14:09:02 GMT
etag: "0d36072e68ed81:0"
x-powered-by: ASP.NET
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 5623
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M%2FvWkvrWJyBmqrwMAt24196mrDKEOXR2RwlQkaWZm35ovllMaVKuIY9U%2BL72df3zsjB2I7m6dVLloJg6hpQplGg%2FmAOonBT4OwkAlPt6aMjZfBSs5NwIcIjetN2cujsukOuYup4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977acbf205694-OSL
alt-svc: h3=":443"; ma=86400

www.rosequake.com/Images/country_list.png?v=dw11211221

188.114.97.1

200 OK

151 kB

URL GET HTTP/3
www.rosequake.com/Images/country_list.png?v=dw11211221
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
PNG image data, 48 x 9428, 8-bit/color RGBA, non-interlaced
Size
151 kB (151317 bytes)
Hash
161094bc7dd657d7e721cb097797d48b
46239a5b5d7a4c0c0139e75389356d9a72cc0928
6f97ccec9e464f5cf66d78ad6713a62bb949d02ec98ba7fa4cfcf4587dae7ae5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /Images/country_list.png?v=dw11211221 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/css/country-flag.css?v=cac22025232-20240427
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw; _gcl_au=1.1.1780305057.1714164860
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:20 GMT
content-type: image/png
content-length: 151317
last-modified: Fri, 04 Aug 2023 21:08:11 GMT
etag: "fe4e7dc617c7d91:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5623
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hSHECLDh9NMB4%2FIZDosi2upSMgVND5FoSJjsG%2FR3wnC2uF3%2F3p8Gi%2F3GlR9klYbXnmhjcxjgl%2FwT9F%2FOV2UFYREpAk4zMvi1EvUwafNyRmUIKsVUWWLXAWrNNCbQ22oEOT%2FULg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977acbfcc56c4-OSL
alt-svc: h3=":443"; ma=86400

www.rosequake.com/images/loading.gif

188.114.97.1

200 OK

781 B

URL GET HTTP/3
www.rosequake.com/images/loading.gif
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
GIF image data, version 89a, 16 x 16
Size
781 B (781 bytes)
Hash
21ab0717cf57aea00e222e6570678b35
d76c0624c7598ffa603475a1ece2ba4e18355879
82d0c69a839a750eeb6bd5d94b7a94ab87b006924e97479ce8c55dc13b39ee11

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/loading.gif HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/static/CBDStyle.css?v=cac22025232-20240427
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw; _gcl_au=1.1.1780305057.1714164860
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:20 GMT
content-type: image/gif
content-length: 781
last-modified: Wed, 13 May 2015 02:03:29 GMT
etag: "c16ee41218dd01:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 6332
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Edijb9gNWucav5OZa6gf5kJNM7XUnXPLF80ofKRXzUprKLXznNEqt16JxfqHXOoDNq24Bf0FW0U0xywIFyfU5cqsy4BE0E5GBRaxjrhLd1ZDGvB2GCGfvSFgfoQGFT050bpBRw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977acbfce56c4-OSL
alt-svc: h3=":443"; ma=86400

www.googletagmanager.com/gtag/js?id=G-B1QS3P765Z&l=dataLayer&cx=c

142.250.74.168

200 OK

100 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-B1QS3P765Z&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52
ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT

File type
JavaScript source, ASCII text, with very long lines (5945)
Size
100 kB (100495 bytes)
Hash
ac74ef9c101add7f2511db4ec05a2348
ebb4423f4cc725ffc2eda07934edd50f8ee98503
28599a49851b73cf7f213aada728ac39c7bf68925de2fe36df01adef1aca3f86

HTTP Headers

GET /gtag/js?id=G-B1QS3P765Z&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 20:54:20 GMT
expires: Fri, 26 Apr 2024 20:54:20 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 100495
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

216.58.207.227

200 OK

7.8 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7816, version 1.0
Size
7.8 kB (7816 bytes)
Hash
25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

HTTP Headers

GET /s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rosequake.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 05:54:37 GMT
expires: Sat, 26 Apr 2025 05:54:37 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:00:32 GMT
content-type: font/woff2
age: 53984
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

216.58.207.227

200 OK

7.7 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7748, version 1.0
Size
7.7 kB (7748 bytes)
Hash
a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

HTTP Headers

GET /s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rosequake.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 03:25:26 GMT
expires: Wed, 23 Apr 2025 03:25:26 GMT
cache-control: public, max-age=31536000
age: 322135
last-modified: Fri, 22 Mar 2024 00:01:14 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

216.58.207.227

200 OK

8.0 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 8000, version 1.0
Size
8.0 kB (8000 bytes)
Hash
72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

HTTP Headers

GET /s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rosequake.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 05:53:26 GMT
expires: Sat, 26 Apr 2025 05:53:26 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:00:59 GMT
content-type: font/woff2
age: 54055
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.rosequake.com/js/layer.mobile/need/layer.css?v=cac22025232-20240427

188.114.97.1

200 OK

11 kB

URL GET HTTP/3
www.rosequake.com/js/layer.mobile/need/layer.css?v=cac22025232-20240427
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
ASCII text, with very long lines (5260), with no line terminators
Size
11 kB (11148 bytes)
Hash
633915e62d14a714594b95b974ee0836
e11ebb64a70272c4f35b92fea064f27c4b87efad
eecc7effcae5f246e6212c30c525cee9e11cadedc7d32aa6def213f1a90d98f6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/layer.mobile/need/layer.css?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: text/css
last-modified: Fri, 26 Aug 2016 09:35:36 GMT
etag: W/"024e0327dffd11:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uUqeql845e3yoigOAzGVm%2Bn2pH1TzC1RXoDWaaA2DTKpKGJQQpvFbVq4k1%2BLsp0tIGowO8%2BSV9PMGU%2FSAJKRInFrq3dzkjpBUjVJ2MztWa8gonTIAMjh%2BwxURkTTlvG5emZXSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a21c1956c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

216.58.207.227

200 OK

7.9 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7884, version 1.0
Size
7.9 kB (7884 bytes)
Hash
9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

HTTP Headers

GET /s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rosequake.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 05:53:15 GMT
expires: Sat, 26 Apr 2025 05:53:15 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
content-type: font/woff2
age: 54066
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.rosequake.com/css/iconfont/iconfont.woff2?t=1657020896111

188.114.97.1

200 OK

38 kB

URL GET HTTP/3
www.rosequake.com/css/iconfont/iconfont.woff2?t=1657020896111
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
Web Open Font Format (Version 2), TrueType, length 37788, version 1.0
Size
38 kB (37788 bytes)
Hash
fda53bb64e7c76c9fd7a3feece87baf9
85ea2d508fa5da02d79f393b5779d61e1f3e0d46
868fa7e9273b2874aaa642ace965973f6ec2fba27d5da30211d42f299e54ea74

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/iconfont/iconfont.woff2?t=1657020896111 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/static/CBDStyle.css?v=cac22025232-20240427
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw; _gcl_au=1.1.1780305057.1714164860
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:21 GMT
content-type: application/font-woff2
content-length: 37788
last-modified: Sun, 31 Jul 2022 07:35:49 GMT
etag: "80b86b27b0a4d81:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 6335
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TTXcZQBnMdjH5UBosAXKZUor4sXoVPuT3P8y%2Bd%2FL8XYryhzRmyCLPgQnVAW1e9vHNi9eyBlsS%2Fv7zxg01tSY%2FFxEw0NN3cvTQgv1JT5txKxohN7popOVu4EVtH%2BkBsllrxMX5A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977ae090d56c4-OSL
alt-svc: h3=":443"; ma=86400

www.rosequake.com/static/image/loading-0.gif

188.114.97.1

200 OK

5.8 kB

URL GET HTTP/3
www.rosequake.com/static/image/loading-0.gif
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
GIF image data, version 89a, 60 x 24
Size
5.8 kB (5793 bytes)
Hash
a72011ccdc2bcd23ba440f104c416193
ba81388bbac5bc223f94489b97a95a13f3c78e47
07236f6814a40623bab43f2043860c97678bc7deedbf06feff92f0d6e6673bf5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/image/loading-0.gif HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/static/CBDStyle.css?v=cac22025232-20240427
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw; _gcl_au=1.1.1780305057.1714164860
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:21 GMT
content-type: image/gif
content-length: 5793
last-modified: Tue, 05 Dec 2017 03:57:25 GMT
etag: "5ac952297d6dd31:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5624
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dFSvp0Guulvj1a%2FCnRmONK6XDZLb0TcKJm9SC0Zxu%2Fe1j11sHDu1L0gBVHMR3oYn0Pl5P%2Bu7M8aBrHMfRwlNBvyvjxRjuHMNwCjwY8i8AkXyfL8jjm28HbgC%2BYU4Df3rBsYFBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977ae191156c4-OSL
alt-svc: h3=":443"; ma=86400

www.rosequake.com/static/lib/masonry/isotope-masonry.pkgd.min.js?v=cac22025232-20240427

188.114.97.1

200 OK

19 kB

URL GET HTTP/3
www.rosequake.com/static/lib/masonry/isotope-masonry.pkgd.min.js?v=cac22025232-20240427
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
JavaScript source, ASCII text, with very long lines (32019), with CRLF line terminators
Size
19 kB (18819 bytes)
Hash
5fb7c19c9c51cfb99f5ff942629f0f21
14c7f59e73d2a99aa688c2443a9a9b24acbff43c
a931e5af561b1f0efaf6cdb96aeac4c035c30756dd6edd1091da1a68747d35bc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/lib/masonry/isotope-masonry.pkgd.min.js?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw; _gcl_au=1.1.1780305057.1714164860
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:20 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2022 06:06:48 GMT
etag: W/"0c22346db0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2172
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gxQtSmkbK476oGUO59Mx3aXhIzCSQ4k70oY%2FOPJe4qs7bkGaHld8tqiJmK6xZaB6oOwnU0cUJ19o5rU97z0hdC6SxP5fIaXG88sZVqzniUTo561hUZUWct%2BWtqvp6vmMw7ahSw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a9fca756c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cdn.shopify.com/videos/c/vp/5c4e8ab37b8f49b5823ee2567a37a3e0/5c4e8ab37b8f49b5823ee2567a37a3e0.HD-1080p-4.8Mbps-19618712.mp4

23.227.60.200

206 Partial Content

3.2 MB

URL GET HTTP/2
cdn.shopify.com/videos/c/vp/5c4e8ab37b8f49b5823ee2567a37a3e0/5c4e8ab37b8f49b5823ee2567a37a3e0.HD-1080p-4.8Mbps-19618712.mp4
IP
23.227.60.200:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerLet's Encrypt
Subjectcdn.shopify.com
Fingerprint34:CE:56:3A:83:8F:D8:06:E6:52:5C:6D:DE:D5:CD:92:EE:F0:79:DF
ValidityTue, 05 Mar 2024 12:27:42 GMT - Mon, 03 Jun 2024 12:27:41 GMT

File type
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]
Size
3.2 MB (3205331 bytes)
Hash
fd5e187806b02991081a2c8489f00301
b645a0b0b6e16013fbb595ce978300c38c57da22
115e483747fd69f0c0258846c9ec198896819a2853d5367a789b00de108a60de

HTTP Headers

GET /videos/c/vp/5c4e8ab37b8f49b5823ee2567a37a3e0/5c4e8ab37b8f49b5823ee2567a37a3e0.HD-1080p-4.8Mbps-19618712.mp4 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
date: Fri, 26 Apr 2024 20:54:21 GMT
content-type: video/mp4
content-length: 3205331
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Range, Access-Control-Allow-Origin
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/videos/c/vp/5c4e8ab37b8f49b5823ee2567a37a3e0/5c4e8ab37b8f49b5823ee2567a37a3e0.HD-1080p-4.8Mbps-19618712.mp4>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: 281143b7-4155-48b6-b2bf-cd9d30ba97d1-1709760439
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,gcp-us-east1
last-modified: Wed, 06 Mar 2024 21:27:19 GMT
cf-cache-status: HIT
age: 2060870
content-range: bytes 0-3205330/3205331
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mslYrg6a10GVigSeLnJaCNFvlsb1PitwqKiX7AbaUMz1jdUYDNmsdqq9GjhPKC%2F6mXENS%2B1L%2BpNLb0hsled9lmcHOnGkB8qkXTNDnJXxh%2FxRkVOnJbVM1UGv4spKPyoh6g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server-timing: imagery;dur=145.663, imageryFetch;dur=145.133, cfRequestDuration;dur=13.999939
server: cloudflare
cf-ray: 87a977aeca3856bb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.rosequake.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

188.114.97.1

302 Found

0 B

URL GET HTTP/3
www.rosequake.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw; _gcl_au=1.1.1780305057.1714164860
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Fri, 26 Apr 2024 20:54:21 GMT
content-length: 0
cache-control: max-age=300, public
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bbbNQVt7K5fl9LnbvnAwIxk3o4ETmlN8u9s5NtZFRj6lpq9%2Fe%2BBGNEa6Nh%2BrkBLJtDMGybMOyqyo7TiWq%2BWREss%2FX7LT9KMaqX7kvDTZuFJfrwahFdQMwGy6AYR8PSwir6rrYg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977b04b5e56c4-OSL
alt-svc: h3=":443"; ma=86400

web.cbdcdn.com/file/2024/03/10/6af5f59f3be2493b978f6183f82438ab.jpg

104.21.15.17

200 OK

349 kB

URL GET HTTP/2
web.cbdcdn.com/file/2024/03/10/6af5f59f3be2493b978f6183f82438ab.jpg
IP
104.21.15.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerLet's Encrypt
Subjectcbdcdn.com
FingerprintBF:02:F6:35:4B:B4:AA:9C:11:18:17:94:E4:5F:36:DE:60:E1:F5:D0
ValiditySat, 06 Apr 2024 06:43:03 GMT - Fri, 05 Jul 2024 06:43:02 GMT

File type
JPEG image data, progressive, precision 8, 1920x667, components 3
Size
349 kB (348684 bytes)
Hash
b5bf33f28c5fa82e80a08995f1c53d71
6d153ffd7cb82c18d4a6494295bf0276ff67d6f5
3b35651386715db3ce846c2af57dbc88e9861691886944711b31bbe8e9880766

HTTP Headers

GET /file/2024/03/10/6af5f59f3be2493b978f6183f82438ab.jpg HTTP/1.1
Host: web.cbdcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:21 GMT
content-type: image/jpeg
content-length: 348684
x-oss-request-id: 65FE1F60F1151CBBDD422DC0
etag: "B5BF33F28C5FA82E80A08995F1C53D71"
last-modified: Sun, 10 Mar 2024 12:39:54 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 2898822139854134682
x-oss-storage-class: Standard
content-md5: tb8z8oxfqC6AoImV8cU9cQ==
x-oss-server-time: 233
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fv5nzp567LzWdPO8u5AsaKzLYuxUkU%2BnEdlbOHeUl%2FaXlYFO43K324WjEI1C6GKLHOBLjLamm6vpYc6AudSC3i6LsWuEJmhbJdowuO2MAK5ynKlpNot%2BMhuOHU37xNzLJw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977af3c990b59-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.rosequake.com/cdn-cgi/challenge-platform/h/b/jsd/r/87a9779c6dc856c4

188.114.97.1

200 OK

0 B

URL POST HTTP/3
www.rosequake.com/cdn-cgi/challenge-platform/h/b/jsd/r/87a9779c6dc856c4
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/jsd/r/87a9779c6dc856c4 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12151
Origin: https://www.rosequake.com
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw; _gcl_au=1.1.1780305057.1714164860; _ga_B1QS3P765Z=GS1.1.1714164861.1.0.1714164861.0.0.0; _ga=GA1.1.379596347.1714164862
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:21 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: cf_clearance=kbCUiwrgr269rrXfQfhT2.QA72LxwNcT_RGTVyI8PZk-1714164861-1.0.1.1-IUuCBYJG.SHnX3ZpoOA4LNplNS2TjQnYKA2dG2IgHVKRUxUTJhzUEMKsgAEL8hgn7cK8R1I.BdEYxFrGMYLejA; path=/; expires=Sat, 26-Apr-25 20:54:21 GMT; domain=.rosequake.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cyYvqLxBYBF1xI9rJc5ZxRTE44jK0UtcjkV8mnHRXnjiWG2bxk%2BEYDDP9kgYLKtOADZkIvC%2FwyHue8kIZu%2FenyNhFVDXxddaOnYV0ku0qbBMNCKTaWQYHf0C5ye7RpY5oOBWjw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977b33e2d56c4-OSL
alt-svc: h3=":443"; ma=86400

img.staticdj.com/e33588be6cde09c48fb6e061a2688ebb_100x.gif

104.19.235.103

200 OK

3.8 kB

URL GET HTTP/3
img.staticdj.com/e33588be6cde09c48fb6e061a2688ebb_100x.gif
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
3.8 kB (3810 bytes)
Hash
2f02bb779ddb9bdb398e0fefdd465349
ba99cb7cb9caca4daac8c9da27a6a58a612cf742
fae85899b8b333f33bb0e5a15aea0948f15c27b4a2f8fdd53762ef3b037ff1a2

HTTP Headers

GET /e33588be6cde09c48fb6e061a2688ebb_100x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:21 GMT
content-type: image/webp
content-length: 3810
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=6119
content-disposition: inline; filename="e33588be6cde09c48fb6e061a2688ebb_100x.webp"
request-id: 27a6a0a7-3e31-4fb6-91b7-b2d73c05f98b
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Thu, 11 Apr 2024 22:51:43 GMT
cf-cache-status: HIT
age: 710347
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E483jAgo0H9pd3Ao80y1T%2FAAVYWXBAvrxIk6dxCW6ssykTmRYHhA76xY8wpbgW3ps1jZQJ6NA4tF76Povqiv7zsKYaRQslSN9BadKbo2MuenaEQyx5A53wl3YnHp39wNlSU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=21.999836
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b34ac2b4f1-OSL
alt-svc: h3=":443"; ma=86400

img.staticdj.com/45a2c95a69cd27a85ef342bf2daa3c00_100x.gif

104.19.235.103

200 OK

24 kB

URL GET HTTP/3
img.staticdj.com/45a2c95a69cd27a85ef342bf2daa3c00_100x.gif
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
24 kB (24518 bytes)
Hash
b015fe5843ec4ee5498184ac437d459f
0c4639d22722561f1d9497c59dc566045a8cdb11
a4a6cde65a86e5f12012f31a1e64b958244fc90395346fd43701a4385cfba28a

HTTP Headers

GET /45a2c95a69cd27a85ef342bf2daa3c00_100x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:21 GMT
content-type: image/webp
content-length: 24518
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=26770
content-disposition: inline; filename="45a2c95a69cd27a85ef342bf2daa3c00_100x.webp"
request-id: 162a42e8-c479-4617-a490-bf2e2c869789
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2024 12:51:34 GMT
cf-cache-status: HIT
age: 1328495
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=724QLm4XeMdDinCrzmDbFXmVfW1TAwN3RVKD%2F8Z8CloQhjH6v%2BoC2I6WttPAeSsmzkQPtE6diJ3riZM%2FGp%2Fo5nJGQDFuWkhpq7utNaUiKODdgbBTWH8n0ys6gZRpz5TK0%2F4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=29.999971
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b34ac3b4f1-OSL
alt-svc: h3=":443"; ma=86400

img.staticdj.com/bd2be3f97a8263d0c341798c28f90346_100x.gif

104.19.235.103

200 OK

3.5 kB

URL GET HTTP/3
img.staticdj.com/bd2be3f97a8263d0c341798c28f90346_100x.gif
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
3.5 kB (3460 bytes)
Hash
a54fff23d8193dcb16a5de6ecb236bf2
3eafc61d33c7ad871e5ef7ef10a9a9b69357e250
2b1217d010a990cb46e54c2fb7a92f872332a08b06aa807a2f69992d860580b5

HTTP Headers

GET /bd2be3f97a8263d0c341798c28f90346_100x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:21 GMT
content-type: image/webp
content-length: 3460
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=6844
content-disposition: inline; filename="bd2be3f97a8263d0c341798c28f90346_100x.webp"
request-id: 99328114-fabd-487a-93a0-19541baab3f3
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Fri, 19 Apr 2024 11:35:33 GMT
cf-cache-status: HIT
age: 626325
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=teD8uW22j5Su1KOfeSz5QDfb0tJqZzyfs0q3Bfi8NXR40OOM5d7xpFsswJUNkO%2FU6KRowSIZNc1gj%2FgPqT09CaaNQY%2F33QWNIdKakZDWhRH4JP9UVDVhggPaZpZdT6JfM7k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=30.999899
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b34ac4b4f1-OSL
alt-svc: h3=":443"; ma=86400

img.fantaskycdn.com/75e2af75b44da5f6cd9c193aecb5a548_600x.jpg

104.18.21.211

200 OK

43 kB

URL GET HTTP/2
img.fantaskycdn.com/75e2af75b44da5f6cd9c193aecb5a548_600x.jpg
IP
104.18.21.211:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfantaskycdn.com
Fingerprint72:FB:90:36:3F:60:4D:C3:71:A5:77:4E:63:A8:50:5B:B3:2D:0C:6E
ValidityThu, 25 Apr 2024 11:02:19 GMT - Wed, 24 Jul 2024 11:02:18 GMT

File type
RIFF (little-endian) data, Web/P image
Size
43 kB (43186 bytes)
Hash
1d002d2cceb28edf9f4f802f7e448a21
ce2ef5c9c01a667fac09936fec61a6fe3b81cf0b
549619640a9ba26ec114ededd8af8772d1b554b7d584c3ea15bdd809861d75b9

HTTP Headers

GET /75e2af75b44da5f6cd9c193aecb5a548_600x.jpg HTTP/1.1
Host: img.fantaskycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 43186
cache-control: public, max-age=31557600
content-disposition: inline; filename="75e2af75b44da5f6cd9c193aecb5a548.webp"
expires: Sun, 27 Apr 2025 02:54:22 GMT
request-id: 103ec4cd-2ec2-4f15-a3ed-a542425bd3a2
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 103ec4cd-2ec2-4f15-a3ed-a542425bd3a2
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 22:34:41 GMT
cf-cache-status: HIT
age: 710348
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b3bd6a0b61-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.rosequake.com/js/video-js.min.css

188.114.97.1

200 OK

60 kB

URL GET HTTP/3
www.rosequake.com/js/video-js.min.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
ASCII text, with very long lines (45950), with no line terminators
Size
60 kB (60502 bytes)
Hash
fbc92259a04709e2f8a10960e574e5fc
c03562e5c2c407426076f7f844f0c634631ea0f0
48876176ecb5cf6cdb8e7d91c8d63b89f6bc3fa8fb4b67a595c0a59940a433a6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/video-js.min.css HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: text/css
last-modified: Thu, 26 Oct 2023 05:20:16 GMT
etag: W/"50afb71acc7da1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5623
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S6IgsVj99PrBh97vXeN7UVnkEEGY9snQVdSgqS3Q9uOjaOlIhDURanrVX08y5NgC9mjh7FgZPoPW2b58arB4qd1nlNSjU3qo%2BwrzCDcoYdswWbVG8Z2MjSZzUUN17TZZL5isPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a24c5c56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

img.staticdj.com/3767a66f878a8bb251fec712221a2809.png

104.19.235.103

200 OK

80 kB

URL GET HTTP/3
img.staticdj.com/3767a66f878a8bb251fec712221a2809.png
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
80 kB (80406 bytes)
Hash
3c450f4f2e8970abb3da014e75c849b4
5778751906436229db18ac23694ee0269b2e9934
e534cf17aecbc3189015e7a225aa82c83be16b57036dc09ece578147ed1b9705

HTTP Headers

GET /3767a66f878a8bb251fec712221a2809.png HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 80406
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=128110
content-disposition: inline; filename="3767a66f878a8bb251fec712221a2809.webp"
request-id: 0763fafa-6c70-4e57-b825-e1dd52692035
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Thu, 08 Feb 2024 17:08:26 GMT
cf-cache-status: HIT
age: 4958777
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cnMnR%2BiOj8Csa8WPxcG80wXheoe%2FELOgD0HMdx%2BVBStCjVV%2FPuiC2vnv1895X8gxSAxBvtqFrMLAmaWyDTi%2FgC2Ki4SGRCJYGeV%2FrCRUcaWNa%2FvzNDskt1id6%2BiwlEhaxx0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=25.000095
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b38af5b4f1-OSL
alt-svc: h3=":443"; ma=86400

img.fantaskycdn.com/f20d99174929d59cbc89e47591902b55.png

104.18.21.211

200 OK

36 kB

URL GET HTTP/2
img.fantaskycdn.com/f20d99174929d59cbc89e47591902b55.png
IP
104.18.21.211:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfantaskycdn.com
Fingerprint72:FB:90:36:3F:60:4D:C3:71:A5:77:4E:63:A8:50:5B:B3:2D:0C:6E
ValidityThu, 25 Apr 2024 11:02:19 GMT - Wed, 24 Jul 2024 11:02:18 GMT

File type
RIFF (little-endian) data, Web/P image
Size
36 kB (35982 bytes)
Hash
607ffd7b5013c25d42ae88442a285ec5
bd682fa1ef03f611bf846baecf1851acfb9fbbd8
adcbd1fbce6030fca678f1ffa9a9e04f2a687cc463bd7387b86421e82d53420c

HTTP Headers

GET /f20d99174929d59cbc89e47591902b55.png HTTP/1.1
Host: img.fantaskycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 35982
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=84309
content-disposition: inline; filename="f20d99174929d59cbc89e47591902b55.webp"
request-id: 3af69a90-131b-4225-af87-6082240606b3
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Wed, 21 Feb 2024 08:49:22 GMT
cf-cache-status: HIT
age: 4958776
expires: Sun, 27 Apr 2025 02:54:22 GMT
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b3ed950b61-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img.staticdj.com/b87aac99bbd03a02888546a08d17b466.png

104.19.235.103

200 OK

69 kB

URL GET HTTP/3
img.staticdj.com/b87aac99bbd03a02888546a08d17b466.png
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
69 kB (69166 bytes)
Hash
59bdb4af411d24221dce1bbf4ca6f3c1
f6fdb8d63aa229a804cb2fe6a4854fa65ea445a3
5a495e6dde820a0f44a974b9986ecdf51626af58b151bd876f76734b63dd933d

HTTP Headers

GET /b87aac99bbd03a02888546a08d17b466.png HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 69166
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=117635
content-disposition: inline; filename="b87aac99bbd03a02888546a08d17b466.webp"
request-id: cfdf9f0a-909e-4f03-9d79-18ad9fc94ff2
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Wed, 21 Feb 2024 07:18:12 GMT
cf-cache-status: HIT
age: 4958778
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8MW4%2BwRzrLTF%2F6kx0UGC3b92vlIkXfbXFYhOiUeizSyzh7gu4yAlOrzTx5A4aCe29u%2BXcnC4PBbf9CCWlVhQKQkD8Ea%2F6ctnSODTJN5UZUNiZBOKVBuCyms3HwoZTLx%2F0Hk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=32.000065
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b39afeb4f1-OSL
alt-svc: h3=":443"; ma=86400

img.staticdj.com/c80e7270b6c98dd3e322f70f9a74991e.png

104.19.235.103

200 OK

49 kB

URL GET HTTP/3
img.staticdj.com/c80e7270b6c98dd3e322f70f9a74991e.png
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
49 kB (48948 bytes)
Hash
e27f5f615b5930b51a047d2b0d592000
95c81f53184a61065aece44baaed693a161c39ad
9e45ed2d61fb56cd6e8f178566a794554355408531319f566b78e86fc93d213d

HTTP Headers

GET /c80e7270b6c98dd3e322f70f9a74991e.png HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 48948
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=83317
content-disposition: inline; filename="c80e7270b6c98dd3e322f70f9a74991e.webp"
request-id: 12589264-0535-4c27-8114-f9699de3d2f2
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Wed, 13 Mar 2024 20:29:12 GMT
cf-cache-status: HIT
age: 2724903
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4CV6iv%2F7qFSZG0UDVM0MQ2TYEQ2vnDx1DkOUVQTqxvk9eiCBzXqeNH4%2B7KimODidsxt4CcAkWq9XeYxgPJm9B7dK07E0PDSQ2LFvrAFvuu3OeS6LQxVX1NMio9YOfLq%2B0GM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=28.000116
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b39b03b4f1-OSL
alt-svc: h3=":443"; ma=86400

img.fantaskycdn.com/d7d3c1935ec493796e9ea29c1c72fa35.png

104.18.21.211

200 OK

36 kB

URL GET HTTP/2
img.fantaskycdn.com/d7d3c1935ec493796e9ea29c1c72fa35.png
IP
104.18.21.211:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfantaskycdn.com
Fingerprint72:FB:90:36:3F:60:4D:C3:71:A5:77:4E:63:A8:50:5B:B3:2D:0C:6E
ValidityThu, 25 Apr 2024 11:02:19 GMT - Wed, 24 Jul 2024 11:02:18 GMT

File type
RIFF (little-endian) data, Web/P image
Size
36 kB (36064 bytes)
Hash
15fba0b1d6e41d214d7ab9031a2516a1
260d5b5e284d6e69f2b774c298d7a9eb6044fa3a
67722342495e164a8f4eeb967474d8f1a56e21b5aa2012af6d9a7ee904bf8a42

HTTP Headers

GET /d7d3c1935ec493796e9ea29c1c72fa35.png HTTP/1.1
Host: img.fantaskycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 36064
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=78274
content-disposition: inline; filename="d7d3c1935ec493796e9ea29c1c72fa35.webp"
request-id: a2280487-077a-43e8-b5d7-f5471b674033
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Wed, 17 Apr 2024 21:36:52 GMT
cf-cache-status: HIT
age: 626326
expires: Sun, 27 Apr 2025 02:54:22 GMT
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b3fda60b61-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.rosequake.com/static/lib/bootstrap/bootstrap-grid.min.css?v=cac22025232-20240427

188.114.97.1

200 OK

241 kB

URL GET HTTP/3
www.rosequake.com/static/lib/bootstrap/bootstrap-grid.min.css?v=cac22025232-20240427
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
ASCII text, with CRLF line terminators
Size
241 kB (240974 bytes)
Hash
7dbc3c16a7a1e0d4941608290b1cb218
d9fcde029ae22c446ced020bd143bc4c47eb7d9c
871f218ccbc29aea08acee4ff6164888af936d0b6f604c1658e3b19094660e9a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/lib/bootstrap/bootstrap-grid.min.css?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: text/css
last-modified: Mon, 15 Aug 2022 06:06:14 GMT
etag: W/"0fde1f6db0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l%2BUbdehoZEu6M5Q8Ze6iMfeFzebMiGxiKizSG7rhRcHdWashfWjBjcPL6xWJypKkPZJ9j2yqM21kwlg2Q2mkqhnlwFCalcP5mrqGaBOW8iZ1O8YYieIYf0pQDd92r4iicvehAA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a15b0e56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.rosequake.com/ajax/index.aspx?action=UserInfo

188.114.97.1

200 OK

15 B

URL GET HTTP/3
www.rosequake.com/ajax/index.aspx?action=UserInfo
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
JSON text data
Size
15 B (15 bytes)
Hash
00d746e4b7a743d7815f126764dbf5c0
46247b4f29333cdfdf067dc2c5d449fffab7f77c
786a593906565372853a05afa202cc6228dd70e479befba3096965a06682529a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ajax/index.aspx?action=UserInfo HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw; _gcl_au=1.1.1780305057.1714164860; _ga_B1QS3P765Z=GS1.1.1714164861.1.0.1714164861.0.0.0; _ga=GA1.1.379596347.1714164862
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: application/json; charset=utf-8
content-length: 15
cache-control: private
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ffYlaqxIo3JG1rMr67j4ihtRj0Dh7ynMiU7I6VhDAXCxZz1EKQAxg5nQGuaNhWo6aCrH2Wg275O8I4wIIteNeAUSeRfXMrTbByEF7ujlObs44fVqGNqU5i%2Bw02rUv%2BpK2Qg8wg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977b34e3d56c4-OSL
alt-svc: h3=":443"; ma=86400

img.staticdj.com/2374bf3561a464876edb3bc32113e8c2.png

104.19.235.103

200 OK

105 kB

URL GET HTTP/3
img.staticdj.com/2374bf3561a464876edb3bc32113e8c2.png
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
105 kB (105384 bytes)
Hash
b8a9a8b11cfa4355c2bd061448263df7
f6973877a03918c6370afba48675782b124a35b2
27f93e215aaf90d8d6a44707b508dd79356b3f291d7ec1b0a11799a9f2c2c650

HTTP Headers

GET /2374bf3561a464876edb3bc32113e8c2.png HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 105384
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=135462
content-disposition: inline; filename="2374bf3561a464876edb3bc32113e8c2.webp"
request-id: e60920f5-bb2f-42bb-b2cb-bddb5ba7c591
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 20:09:37 GMT
cf-cache-status: HIT
age: 3583459
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NwbBQGAibDbBiNE393DhYyAMfVNLuDFZaF12EKKtBxoR6O3Nv9qJErKnNrx7Ujn2kPNcAb%2BNkBWJ%2FHcDdOXdih395Id8PiQltnTMJSKdduZLD4sKPabvEg%2ByRWgeVOCjcKY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=21.000147
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b39b04b4f1-OSL
alt-svc: h3=":443"; ma=86400

img.fantaskycdn.com/13ed9a20da4686310481089ced22245c_600x.JPG

104.18.21.211

200 OK

98 kB

URL GET HTTP/2
img.fantaskycdn.com/13ed9a20da4686310481089ced22245c_600x.JPG
IP
104.18.21.211:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfantaskycdn.com
Fingerprint72:FB:90:36:3F:60:4D:C3:71:A5:77:4E:63:A8:50:5B:B3:2D:0C:6E
ValidityThu, 25 Apr 2024 11:02:19 GMT - Wed, 24 Jul 2024 11:02:18 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], progressive, precision 8, 600x1059, components 3
Size
98 kB (98074 bytes)
Hash
b9ad1f4b7fb9840363a9b893856d6a28
aa28392d4f8c3dfa7fa459ea34152c0d53f05dcd
d8e9545e688f68cca472e98e8b61042f122feb10e4b4900e1a4f5f357048ae41

HTTP Headers

GET /13ed9a20da4686310481089ced22245c_600x.JPG HTTP/1.1
Host: img.fantaskycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/jpeg
content-length: 98074
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origSize=98176
content-disposition: inline; filename="13ed9a20da4686310481089ced22245c.jpg"
expires: Sun, 27 Apr 2025 02:54:22 GMT
request-id: 176dab8e-88d1-418d-89d4-5e7f2db14a2b
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 176dab8e-88d1-418d-89d4-5e7f2db14a2b
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2024 14:24:27 GMT
cf-cache-status: HIT
age: 626326
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b40db40b61-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

global.akating.com/static/images/country/RU.png

104.21.11.35

200 OK

339 B

URL GET HTTP/3
global.akating.com/static/images/country/RU.png
IP
104.21.11.35:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectakating.com
FingerprintA8:7E:17:08:6D:10:CF:53:D4:98:D4:CE:50:7C:4A:15:9B:62:1D:62
ValidityFri, 19 Apr 2024 10:57:59 GMT - Thu, 18 Jul 2024 10:57:58 GMT

File type
PNG image data, 120 x 80, 8-bit/color RGBA, non-interlaced
Size
339 B (339 bytes)
Hash
793e22ff1f1919260bf5dfbfa4f49536
380584aaae3e07373545f567609e2dd3b0da1399
3155f1bcf967e2d240cdf21dab23ed98c92c2a4e9b77ccf3dbe9418c3ba053ca

HTTP Headers

GET /static/images/country/RU.png HTTP/1.1
Host: global.akating.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/png
content-length: 339
last-modified: Sat, 16 May 2020 04:28:08 GMT
etag: "8ed0c2663a2bd61:0"
x-powered-by: ASP.NET
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 5624
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BXEKnilxWOQPUZGRq7tpx%2FD9Xj3A8IEElyCfnx1kDtqJQU3lLk3fGKuraOAcXPujFxpWZNBk66x73kfuE8MasXQK8I3clGQc%2BxxyBuZwqbGPq5QwEJ%2BmLWrYoPAlikXBKIt4n2k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977b638dc5694-OSL
alt-svc: h3=":443"; ma=86400

global.akating.com/static/images/country/GB.png

104.21.11.35

200 OK

1.7 kB

URL GET HTTP/3
global.akating.com/static/images/country/GB.png
IP
104.21.11.35:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectakating.com
FingerprintA8:7E:17:08:6D:10:CF:53:D4:98:D4:CE:50:7C:4A:15:9B:62:1D:62
ValidityFri, 19 Apr 2024 10:57:59 GMT - Thu, 18 Jul 2024 10:57:58 GMT

File type
PNG image data, 120 x 80, 8-bit/color RGBA, non-interlaced
Size
1.7 kB (1674 bytes)
Hash
7395045bdbb57b20e5aa639f1ab3c0f7
4b26239d94e6e14a41bc7cec5d7f2064ecbb3e47
78516cab66e3a8dfa9b964b4c397fecd1ccd9d6b7322380d1bc39760c0f43e1a

HTTP Headers

GET /static/images/country/GB.png HTTP/1.1
Host: global.akating.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/png
content-length: 1674
last-modified: Sat, 16 May 2020 04:28:12 GMT
etag: "9e97ce683a2bd61:0"
x-powered-by: ASP.NET
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 5624
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3dgen3Nas9IwfVxK8xfjzyLKASmFrp1nMZjyV0mq66y36qEzntANl%2FzkiUpGasv8LERQchkr0Y9hkwJTaGiAaIxFwg9MHQ18xljMGCikGHxF%2FejUy0K80VQIYC45A%2FxBzXAcEvw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977b648f95694-OSL
alt-svc: h3=":443"; ma=86400

img.staticdj.com/f8e07c16204b3275d317716ba745c3cb_100x.jpeg

104.19.235.103

200 OK

3.9 kB

URL GET HTTP/3
img.staticdj.com/f8e07c16204b3275d317716ba745c3cb_100x.jpeg
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
3.9 kB (3870 bytes)
Hash
e152e1ef0f56a2cdcc94c35f82e65e39
2799d8ae9f98950cbb9b483b008c00cca0261f1a
6a24447bb7aeac36ea1f562d25991e8391ff58f622522da6c967a7c903bbb497

HTTP Headers

GET /f8e07c16204b3275d317716ba745c3cb_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 3870
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="f8e07c16204b3275d317716ba745c3cb.webp"
expires: Wed, 06 Mar 2024 20:06:11 GMT
request-id: 08561db1-25ba-4ce8-aa0e-dd4306916683
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 08561db1-25ba-4ce8-aa0e-dd4306916683
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 19:06:11 GMT
cf-cache-status: HIT
age: 735520
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TLz46bjM9XowhKOLImUXhMbSMvqZkm1pBaHGF28gLe%2BBAxF5R45VCTSfATg2v1Yh7WDzONtIYMsHx%2B7hmSNX07MQl2UcPVfkgyP8zuV9WmZUKj0v%2Bg0eJhj5AR6r6xHGKSE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=24.000168
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b63dd6b4f1-OSL
alt-svc: h3=":443"; ma=86400

www.rosequake.com/Apis/Reviews.aspx?pageSize=8&pageIndex=1

188.114.97.1

200 OK

7.6 kB

URL GET HTTP/3
www.rosequake.com/Apis/Reviews.aspx?pageSize=8&pageIndex=1
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
JSON text data
Size
7.6 kB (7633 bytes)
Hash
b78649165192b13a47ed346f880ec210
54341ed793694d7f0710344d91bee65e18c8118c
7aff79a2c12432917c9853e4480e1fc2dfa328e1b24a24ed6f1d9350569d67f3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /Apis/Reviews.aspx?pageSize=8&pageIndex=1 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw; _gcl_au=1.1.1780305057.1714164860; _ga_B1QS3P765Z=GS1.1.1714164861.1.0.1714164861.0.0.0; _ga=GA1.1.379596347.1714164862; cf_clearance=kbCUiwrgr269rrXfQfhT2.QA72LxwNcT_RGTVyI8PZk-1714164861-1.0.1.1-IUuCBYJG.SHnX3ZpoOA4LNplNS2TjQnYKA2dG2IgHVKRUxUTJhzUEMKsgAEL8hgn7cK8R1I.BdEYxFrGMYLejA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: application/json; charset=utf-8
cache-control: private
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TZV7lxFf%2FvbOsxU0nj9R%2BD3atC2Y7uQZhic%2Bf%2Fnfaui3%2Fgc0GFqIpK4OChs%2B8u%2FM1I%2F3XCYcTeG6PBSxp0Fb64aU8JjGZ6tj7OxbNxHYHYGvZ6fUx%2FcQBWgEGxPT8FQqzp5ZQg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977b3be9056c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

global.akating.com/static/images/country/US.png

104.21.11.35

200 OK

1.7 kB

URL GET HTTP/3
global.akating.com/static/images/country/US.png
IP
104.21.11.35:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectakating.com
FingerprintA8:7E:17:08:6D:10:CF:53:D4:98:D4:CE:50:7C:4A:15:9B:62:1D:62
ValidityFri, 19 Apr 2024 10:57:59 GMT - Thu, 18 Jul 2024 10:57:58 GMT

File type
PNG image data, 120 x 80, 8-bit/color RGBA, non-interlaced
Size
1.7 kB (1662 bytes)
Hash
8d4c6abfb5a2710d832c9ccefe0aee40
fdb1f9fe27953b701fbd8c37b201c99e33910d77
4a22c5ebceef499edbb389f78c5d81fd3b1fcb43528adf5fb00fc40e2d9205bc

HTTP Headers

GET /static/images/country/US.png HTTP/1.1
Host: global.akating.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/png
content-length: 1662
last-modified: Sat, 16 May 2020 04:28:09 GMT
etag: "2afc4673a2bd61:0"
x-powered-by: ASP.NET
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 5624
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VeaZvL0rjIEDQdugvHXsiA%2FFdG5z0%2B2qc%2Bxeh%2Fx%2FXrBvWU45i%2B2scmETZs4p3Ru0nT%2B2HT0yNlewa87qVMYWrnnYxjHYL4ttmcIkl37UjUhLTlZYN5kNdX5uRrtHfduVXwBLFos%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977b6590d5694-OSL
alt-svc: h3=":443"; ma=86400

img.staticdj.com/859b076550ebcc4204818a464b0e76d1_100x.jpeg

104.19.235.103

200 OK

5.0 kB

URL GET HTTP/3
img.staticdj.com/859b076550ebcc4204818a464b0e76d1_100x.jpeg
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
5.0 kB (5026 bytes)
Hash
fe7359946541eae7f72fc32fb9a8647e
9a842bc5c44da6841d3de24a2bc4f3eb59d0fb11
251cb6002ca819e00a40ee07169c137d113f6eea202dcd480cf3d463d9ec5f7d

HTTP Headers

GET /859b076550ebcc4204818a464b0e76d1_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 5026
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="859b076550ebcc4204818a464b0e76d1.webp"
expires: Fri, 08 Mar 2024 06:51:30 GMT
request-id: 8d3d0442-ee35-4251-8a02-9d12f670b57a
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 8d3d0442-ee35-4251-8a02-9d12f670b57a
x-xss-protection: 1; mode=block
last-modified: Fri, 08 Mar 2024 05:51:30 GMT
cf-cache-status: HIT
age: 3583459
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EHbfRVHCbkQIxWr%2FLuPiJRO6U7YxvYc5rGfmWvI4pizNHrszCqaCWtxNB1Ww1oJDxlP2knQi8Cjx907RDPWI1JkeLcvsNDKt7eSSxWQvDTlb8rPSL1tVzdmL9tsuf2TUvR4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=23.000002
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b64de1b4f1-OSL
alt-svc: h3=":443"; ma=86400

img.staticdj.com/d4a340ce46744f358a4d324fe7dffc27_100x.jpeg

104.19.235.103

200 OK

4.0 kB

URL GET HTTP/3
img.staticdj.com/d4a340ce46744f358a4d324fe7dffc27_100x.jpeg
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
4.0 kB (3998 bytes)
Hash
1d1cc3259f964e63a095acd3d0d2d3fc
ad510ac4bbed99617c82f067b4ca0319c2dc792a
d7f6a4632b5fdd255e7360c4dba402fab4a87ee8ec97afe519872eda47937065

HTTP Headers

GET /d4a340ce46744f358a4d324fe7dffc27_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 3998
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="d4a340ce46744f358a4d324fe7dffc27.webp"
expires: Wed, 10 Apr 2024 15:24:27 GMT
request-id: 48869618-ef5b-41ce-abb6-04bf991914bb
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 48869618-ef5b-41ce-abb6-04bf991914bb
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2024 14:24:27 GMT
cf-cache-status: HIT
age: 1072533
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XKnxK6XJC3AK1XBe3eAoWr7mS5ekSlpx3W8NNw8ajxZpie2%2FcJHzSjMaXMrJpqCUsvxdlws1Fh4TeBiqP17dkHViqIkeLQquE0WShY2uQfmz3R9PE%2FYNiZiH%2BFbfV3y6c%2BA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=19.999981
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b64de8b4f1-OSL
alt-svc: h3=":443"; ma=86400

img.staticdj.com/dd2f847011f9155460b01f52deeed91d_100x.jpeg

104.19.235.103

200 OK

7.1 kB

URL GET HTTP/3
img.staticdj.com/dd2f847011f9155460b01f52deeed91d_100x.jpeg
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
7.1 kB (7094 bytes)
Hash
1128c40e76cd48449ad772f6e19089ac
2d8d89e3b76cae4f2035e8b14ca339d19784ba2e
6a8522e0ed15bebf6fed9dc5256fdc72afbdf6a3e272bd2ccd6f33b7be7b114c

HTTP Headers

GET /dd2f847011f9155460b01f52deeed91d_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 7094
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="dd2f847011f9155460b01f52deeed91d.webp"
expires: Thu, 18 Apr 2024 01:02:55 GMT
request-id: a8d2ba84-a6bb-475c-93b6-9323cd5e219e
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: a8d2ba84-a6bb-475c-93b6-9323cd5e219e
x-xss-protection: 1; mode=block
last-modified: Thu, 18 Apr 2024 00:02:55 GMT
cf-cache-status: HIT
age: 142982
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4qJ3Dqq9b8aaWA3mdQhTx%2B%2Baaj%2BpK%2FMfWztSIjjy6AfHCnYGKhMk6yRLZJVbn1RL7ml632x3OZHTjt%2BdOb9Cqk0FQ%2FeMHVNB9qTZUi6iWNe8kqLyjpB3bHVOYNfsXGqgXkU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=19.999981
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b64debb4f1-OSL
alt-svc: h3=":443"; ma=86400

img.staticdj.com/bab7df84c94a403c00a0e4dc7dba2b59_100x.jpeg

104.19.235.103

200 OK

6.7 kB

URL GET HTTP/3
img.staticdj.com/bab7df84c94a403c00a0e4dc7dba2b59_100x.jpeg
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
6.7 kB (6680 bytes)
Hash
9ea0fedf1d8f2c80fa822762ca4a6eae
c92733b5af62413fcdfa7007ead0f231d690e01e
1d34b017428f695b9583036322927ee0d89e92a3bdd6cebe58c94fb043235563

HTTP Headers

GET /bab7df84c94a403c00a0e4dc7dba2b59_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 6680
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="bab7df84c94a403c00a0e4dc7dba2b59.webp"
expires: Fri, 08 Mar 2024 06:23:51 GMT
request-id: cacd44b8-ab45-4b81-bf1d-09f37840e4c1
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: cacd44b8-ab45-4b81-bf1d-09f37840e4c1
x-xss-protection: 1; mode=block
last-modified: Fri, 08 Mar 2024 05:23:51 GMT
cf-cache-status: HIT
age: 2724903
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hMRfLdTaXiczKOAX9lZL35xfJ4UF4ZOeHt2qnO9hgqRUhPtnmNGmj9lJL0fBBBol9dvRjE4ZGOuAlVQjeB5VbrSy2pIA6N05i1VJTv%2FM4izszBNJ87fGy4mOuN8NOsTvTVk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=19.000053
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b64deeb4f1-OSL
alt-svc: h3=":443"; ma=86400

www.rosequake.com/images/favicon_RoseQuake/favicon.ico

188.114.97.1

200 OK

11 kB

URL GET HTTP/3
www.rosequake.com/images/favicon_RoseQuake/favicon.ico
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Size
11 kB (11278 bytes)
Hash
f033c0b4ab01e492fb3fadb6ca951f06
33e214cc88ca96bb5ab7e5bab69ff93f0f67aa43
26b0ccd197318f6eafe8f4edb28a004830152274194774fe6821c6c3abdb38b3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/favicon_RoseQuake/favicon.ico HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw; _gcl_au=1.1.1780305057.1714164860; _ga_B1QS3P765Z=GS1.1.1714164861.1.0.1714164861.0.0.0; _ga=GA1.1.379596347.1714164862
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:21 GMT
content-type: image/x-icon
last-modified: Tue, 03 Oct 2023 09:59:06 GMT
etag: W/"091d83ee0f5d91:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 3129
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7NWAsc7pRt9AfAQRReTbRC%2Ft0IzIjGh8G1RI34GuqRt7%2Fwj9wJhpfHrQt1RyTs72ixdWUX4LiP8D4qepFbFvI7PCeQDMP%2Ftsp%2FcR3V6tlBJhMVTM969zi2NvFblEuQud6XfX8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977b33e2c56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

img.staticdj.com/b63ef38ff60cb0522be49f9cb061aaa9_100x.jpeg

104.19.235.103

200 OK

7.9 kB

URL GET HTTP/3
img.staticdj.com/b63ef38ff60cb0522be49f9cb061aaa9_100x.jpeg
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
7.9 kB (7886 bytes)
Hash
ecbaf1b4d3c71b95ddae6fd5fe22043d
2fe54209b696f37c0487e58e81c0e66d717aef9c
986a8f15245e0a37283c7d0cd57318ef01120a17d974f4e34f3dbc09b98cb50c

HTTP Headers

GET /b63ef38ff60cb0522be49f9cb061aaa9_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 7886
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="b63ef38ff60cb0522be49f9cb061aaa9.webp"
expires: Wed, 06 Mar 2024 21:09:38 GMT
request-id: c13116fa-f8f4-46c7-8df1-b5360a7d9752
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: c13116fa-f8f4-46c7-8df1-b5360a7d9752
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 20:09:38 GMT
cf-cache-status: HIT
age: 735520
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qCFUsfrJLR77d5KmJazKA%2BgWvKusUer%2FCrYseGTTZ4gu1FKIOL6S5I3DAuE8ZnPAbavyQUZBjyvqoTdySACeNuD5T%2B9q6cIp8sfkxZDqkQ1AqDJ658wilIBq2Eai%2Ftkn9lI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=29.999971
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b64decb4f1-OSL
alt-svc: h3=":443"; ma=86400

img.staticdj.com/27779eaff6b7a7c50edbe7e82f0ad420_100x.jpeg

104.19.235.103

200 OK

5.1 kB

URL GET HTTP/3
img.staticdj.com/27779eaff6b7a7c50edbe7e82f0ad420_100x.jpeg
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
5.1 kB (5056 bytes)
Hash
5705c377831b7547072fc32420d24220
d1f3502312f4fdb33b50608dbde7cd68e3c5d20e
057dea6dbb5dfbe45fd2e8c18e2cb44737e363a390142a2730bb0deb28ce5799

HTTP Headers

GET /27779eaff6b7a7c50edbe7e82f0ad420_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 5056
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="27779eaff6b7a7c50edbe7e82f0ad420.webp"
expires: Thu, 29 Feb 2024 06:04:02 GMT
request-id: b63c18da-eb6e-403c-993b-cf15787dae64
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: b63c18da-eb6e-403c-993b-cf15787dae64
x-xss-protection: 1; mode=block
last-modified: Thu, 29 Feb 2024 05:04:02 GMT
cf-cache-status: HIT
age: 4958777
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hA5XIlcfG8EGTwgcN1LyPoiMtFGjbzIfANjxSLERf1%2FBDCFedxWA5Q1iQwUfXpHpC593dxPhhTzsce%2F1i%2BpruqqphnZ6mubuxsuDvxZERKSi2yL7VHQGy6MspGXpxGNPFiU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=19.999981
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b65e07b4f1-OSL
alt-svc: h3=":443"; ma=86400

img.staticdj.com/06492e93ca2119d0630f802a7e1ff44f_100x.gif

104.19.235.103

200 OK

4.8 kB

URL GET HTTP/3
img.staticdj.com/06492e93ca2119d0630f802a7e1ff44f_100x.gif
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
4.8 kB (4790 bytes)
Hash
b6f2cf67555c16d87455ae59d30772db
aa5335a17b64cf596791f2212f6b38181ed870e2
efdd757999715a9a87df5aa50e8bec49252c4278d34779a911ffe5697ac957ed

HTTP Headers

GET /06492e93ca2119d0630f802a7e1ff44f_100x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 4790
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=8611
content-disposition: inline; filename="06492e93ca2119d0630f802a7e1ff44f_100x.webp"
request-id: 46cf847a-596c-4725-bbb9-31c6f19098f4
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 22:44:04 GMT
cf-cache-status: HIT
age: 1328496
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eIfrwNRAMbLeZ4%2BNGmt85eb9jCRxOGpnoaSXXhqEeq1qjUBMhL6d2m8PtVe6iECZYiBUHTjCu3R%2B1bQSikTTeJAsfud0zqTANvBA62joQKydsjaRWGLbxSBuoYU14CNtWww%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=20.999908
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b65e03b4f1-OSL
alt-svc: h3=":443"; ma=86400

img.staticdj.com/f6ff1ab35c2b89fc58a2bf4e809179da_100x.jpeg

104.19.235.103

200 OK

2.2 kB

URL GET HTTP/3
img.staticdj.com/f6ff1ab35c2b89fc58a2bf4e809179da_100x.jpeg
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
2.2 kB (2234 bytes)
Hash
f4e47c1bab71137930bee821d12ec9d2
78de080f41c8c2e96cc3c8b53446df6d0523562e
b688a8cd498558db5d55fdcbefe1c1d1cac13119b0eeba82ea9643390ba4fc70

HTTP Headers

GET /f6ff1ab35c2b89fc58a2bf4e809179da_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 2234
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="f6ff1ab35c2b89fc58a2bf4e809179da.webp"
expires: Mon, 18 Mar 2024 20:54:13 GMT
request-id: 36c1f59e-428e-4905-a39f-6795cc028d9c
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 36c1f59e-428e-4905-a39f-6795cc028d9c
x-xss-protection: 1; mode=block
last-modified: Mon, 18 Mar 2024 19:54:13 GMT
cf-cache-status: HIT
age: 735520
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m2BxNNKkTMAJOJM%2FqUgkiRfKZsx5gHekmkvk5Ip3xQoYZVn4zS5kE80r0Z3%2FQhASho3hAHpNRH9PZmBJz%2BeqFe5xvHt1tKSe0Ehl6NIjBWTgcovxAL1shFXQp3movh9KlgM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=13.000011
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b66e18b4f1-OSL
alt-svc: h3=":443"; ma=86400

www.rosequake.com/static/base.js?v=cac22025232-20240427

188.114.97.1

200 OK

23 kB

URL GET HTTP/3
www.rosequake.com/static/base.js?v=cac22025232-20240427
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (1635), with CRLF line terminators
Size
23 kB (22983 bytes)
Hash
b537b42f84d7a25f610f9889a938fa00
e16a71b9a18a348d13436a04171f3e6f65b9a79c
be22e743ee67a40014e10f81dbd65e5984bf86f70cedbc73f4f83e194a0de9d5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/base.js?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: application/javascript
last-modified: Sat, 06 Apr 2024 09:48:33 GMT
etag: W/"80ee6196788da1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7saH%2BiusxBY%2FYMvs9EYTHq0bKFqPMqBAmkwe15TOEWWQs2WYupWN2PG77QgWdM7tfjpwdtJ4CE2%2FKSzHxfhiCtT4cjpu9ouJZvaMEGVxpf0q%2FvoCVSKhIFPmmS5DHRwtJvHL9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a1ebd456c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

img.staticdj.com/41b845def7e42bc7961689e9013d6eec_100x.jpeg

104.19.235.103

200 OK

8.3 kB

URL GET HTTP/3
img.staticdj.com/41b845def7e42bc7961689e9013d6eec_100x.jpeg
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
8.3 kB (8294 bytes)
Hash
43fe7306dba178012b0dd66f571c08da
1101a6dc7beac9b33ac596fdac099426c2a2fadc
86c72c75bc10c29a434cfee02dcf017dbb7f43ca930d4172bdae036eff2d465c

HTTP Headers

GET /41b845def7e42bc7961689e9013d6eec_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 8294
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="41b845def7e42bc7961689e9013d6eec.webp"
expires: Wed, 10 Apr 2024 15:24:27 GMT
request-id: 6d91a8f6-6132-438f-b2be-ca5dfdd3da0e
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 6d91a8f6-6132-438f-b2be-ca5dfdd3da0e
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2024 14:24:27 GMT
cf-cache-status: HIT
age: 1328496
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f2e1beBLsR%2BeMXMtnkCZTxZWXK%2B8HrSaBIqbiuyHcrnJvG4MaRWkht%2FCnOvtF8PPCbLevT55auHHfQgWL3G44OZTAdvXtWt2U%2FTE%2FvPuGj6sV79%2FmxQ%2Fp5Q8Jqrgomi3wa4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=24.999857
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b65dfdb4f1-OSL
alt-svc: h3=":443"; ma=86400

www.rosequake.com/js/video.min.js

188.114.97.1

200 OK

187 kB

URL GET HTTP/3
www.rosequake.com/js/video.min.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65142)
Size
187 kB (187251 bytes)
Hash
f50c31011e4900174758bb688253b0b3
f15c8636f7dcd7f25798dd2d4a710f4f5fbcfd1a
0990b905d2a411a8f29c0502458419b91932e740cc66b1aca128179cbede5867

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/video.min.js HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: application/javascript
last-modified: Thu, 26 Oct 2023 05:20:34 GMT
etag: W/"e255b25cc7da1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5623
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bxGotpw4KtugE1tYDWUJyVy8Idd7jHJQ%2B1cQBpXxUEzdqsRWa7CmaAF0vskeeZTGqTJX3mClf4VUfDe7dtXMz5fdSz2tQXhbktjz%2Fh6f6Y9hoCetzDlAAkLwiHU7NB%2FP5fSuqg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a24c5d56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

img.staticdj.com/eb1c5479ebc24fcab7025b76859a14ae_100x.jpeg

104.19.235.103

200 OK

2.4 kB

URL GET HTTP/3
img.staticdj.com/eb1c5479ebc24fcab7025b76859a14ae_100x.jpeg
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
2.4 kB (2412 bytes)
Hash
e0352f0066966ca91244aa5df1800f63
0784e3930264c7dec58feb8bc79ac7978bd41495
2803c73fe763d464c634a1b2a6e0daf9f021578eb8c98819972e0930f799af1e

HTTP Headers

GET /eb1c5479ebc24fcab7025b76859a14ae_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 2412
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="eb1c5479ebc24fcab7025b76859a14ae.webp"
expires: Fri, 22 Mar 2024 09:22:58 GMT
request-id: c84f91b1-f923-41b8-bda2-0f16a08eb483
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: c84f91b1-f923-41b8-bda2-0f16a08eb483
x-xss-protection: 1; mode=block
last-modified: Fri, 22 Mar 2024 08:22:58 GMT
cf-cache-status: HIT
age: 2724902
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A7Boz6rJFk8mSCM5BvOe8sg2RWO4l8jBTiKeY8ZHHiQ8D5ybMmB1T5JCKbJpSRcGALdmPQOR3gPHF1qb6qifO%2Bi5nua8BSKH5PeCM%2FYyRCeMQjY9eT8w34%2FNu9hO4G1EWVE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=17.000198
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b66e15b4f1-OSL
alt-svc: h3=":443"; ma=86400

img.staticdj.com/de5a984e245ee620a2f7c425177d3d4b_100x.jpeg

104.19.235.103

200 OK

5.3 kB

URL GET HTTP/3
img.staticdj.com/de5a984e245ee620a2f7c425177d3d4b_100x.jpeg
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
5.3 kB (5296 bytes)
Hash
9d1b45ee034353742e39192622718559
bc2436642677db17d3832e4fa7b8e0a4422bbbc1
14a610e1f8e437b27b40ced462fd8d895c8dfe222f18b759025349d2a09e06f1

HTTP Headers

GET /de5a984e245ee620a2f7c425177d3d4b_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 5296
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="de5a984e245ee620a2f7c425177d3d4b.webp"
expires: Wed, 06 Mar 2024 22:17:41 GMT
request-id: 8be29516-538c-438d-b26c-69e3d41ea6b9
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 8be29516-538c-438d-b26c-69e3d41ea6b9
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 21:17:41 GMT
cf-cache-status: HIT
age: 2724902
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NwujQCfU%2BaocaHmhTUIPC41VvwtZgU6qJWlM%2BXVFJep4ff58A4SSEHnJ8oriH9y2c2haZSBCv3EmB3%2FtMPIzlOvY2S0QvqHvJc%2F6TTUSkotvKEmv9ntSgNbUg1EetIUvY3s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=23.999929
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b65e08b4f1-OSL
alt-svc: h3=":443"; ma=86400

img.staticdj.com/509669b0dcedb24946c68f508b7d15b5_100x.jpg

104.19.235.103

200 OK

2.0 kB

URL GET HTTP/3
img.staticdj.com/509669b0dcedb24946c68f508b7d15b5_100x.jpg
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
2.0 kB (1966 bytes)
Hash
9da0c50c4f73310154a41d291b29e96e
4d00ccf2f146b253300004924818e182e9c1fe39
4ef972704c40f6af71e86ff5e3d7beb1562430de320bb3e749d083efe4d67032

HTTP Headers

GET /509669b0dcedb24946c68f508b7d15b5_100x.jpg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 1966
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="509669b0dcedb24946c68f508b7d15b5.webp"
expires: Fri, 22 Mar 2024 14:00:33 GMT
request-id: 585b675f-aeeb-46df-b84a-8006e16277cc
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 585b675f-aeeb-46df-b84a-8006e16277cc
x-xss-protection: 1; mode=block
last-modified: Fri, 22 Mar 2024 13:00:33 GMT
cf-cache-status: HIT
age: 735520
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8mOSPCvW45spEuUuVLrBES6iudbfaYTQqpIQLsZpsZFTCZSTdB99aDtZRVNiGAmu0tvawiMDcntIWyRi3mJnXOu%2F9XamKzHy96a3ZFKQPl11Ko53WtgOor5FIhzI1EvDeC4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=39.000034
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b64deab4f1-OSL
alt-svc: h3=":443"; ma=86400

img.staticdj.com/b7ac1b47d7f7fc902a851d7f23e3dd77_100x.jpeg

104.19.235.103

200 OK

5.4 kB

URL GET HTTP/3
img.staticdj.com/b7ac1b47d7f7fc902a851d7f23e3dd77_100x.jpeg
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
5.4 kB (5432 bytes)
Hash
9d0002b9d6279b0cd8aba311f21ad1c9
15ae4708187a343dd72d70b4891f676f0695ac75
42c7b978aac7e579e40943d18a132e2f33ab902d4d042eb0433254cb50c920b5

HTTP Headers

GET /b7ac1b47d7f7fc902a851d7f23e3dd77_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 5432
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="b7ac1b47d7f7fc902a851d7f23e3dd77.webp"
expires: Wed, 06 Mar 2024 21:09:38 GMT
request-id: f9b05066-3cd7-4765-8590-cedeabdd4f41
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: f9b05066-3cd7-4765-8590-cedeabdd4f41
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 20:09:38 GMT
cf-cache-status: HIT
age: 735520
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CnbXoMdk3W6%2BmT056efmuyfoE3keU6thFVjM471Hq6H59Pl3SGE8QTDr8pCKnLd7Kf0cR%2F2ZWE19EQgknNy7PME%2Fk0ICDbcre8vItj2L43JqQplc4trRb8pBZ4PGST%2F%2FrOo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=23.999929
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b65e09b4f1-OSL
alt-svc: h3=":443"; ma=86400

img.staticdj.com/a3cda8b10a3f1c83bbf760b52726d866_100x.gif

104.19.235.103

200 OK

1.9 kB

URL GET HTTP/3
img.staticdj.com/a3cda8b10a3f1c83bbf760b52726d866_100x.gif
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
1.9 kB (1894 bytes)
Hash
da5ad54473a7f27739e5ec1143faac0d
0f2fd05b65b04156154580bd264d2c94a3b6b90f
5f8a052bf202c49f27bd28c076cbf4a77554d45011911898e22a59ee2c23c4a7

HTTP Headers

GET /a3cda8b10a3f1c83bbf760b52726d866_100x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 1894
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=6250
content-disposition: inline; filename="a3cda8b10a3f1c83bbf760b52726d866_100x.webp"
request-id: 9e3b3106-e8c3-4a20-b571-36b6a88fcb23
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Mon, 11 Mar 2024 18:48:13 GMT
cf-cache-status: HIT
age: 3583459
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UdiVSiQ0Ob52TwUobFm%2F9NebdEKa6ywkCTLAOApitFUgoFwaYn9OFnu1woG7hJfOripHF4G%2FY9aovLa5%2Fi3xU%2Fuvh%2BV6WzIKTxhIUO68ekLDaZ3D4KGUCgN3rbMhD1tY0SQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=17.999887
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b66e19b4f1-OSL
alt-svc: h3=":443"; ma=86400

global.akating.com/files/Country_list.js

104.21.11.35

200 OK

11 kB

URL GET HTTP/2
global.akating.com/files/Country_list.js
IP
104.21.11.35:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectakating.com
FingerprintA8:7E:17:08:6D:10:CF:53:D4:98:D4:CE:50:7C:4A:15:9B:62:1D:62
ValidityFri, 19 Apr 2024 10:57:59 GMT - Thu, 18 Jul 2024 10:57:58 GMT

File type
ASCII text, with very long lines (55293), with no line terminators
Size
11 kB (11422 bytes)
Hash
3dd00c1468c48f40ac11cf9715d34831
98691de8e84697877dfdbf2f9e87149621c64656
0512d7cec7a4d88356a2b50d5254c7884ad61cd7f343c8add98a4c8a4ca77eb2

HTTP Headers

GET /files/Country_list.js HTTP/1.1
Host: global.akating.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: application/javascript
last-modified: Tue, 28 Nov 2023 20:39:55 GMT
etag: W/"e08f8ab3b22da1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 2171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7ryTrsFodcfQDPzX4relZR1QTh5a95QCypPPdRvAW1hYvzYMicNM%2FmnrZDwNzGH3Ywr4AUHAFbOQZPGCsPABgx0wuggFodrhM%2FbPQHn7CetZuw6iJNHxFvQPPHcJrc8bdanMHT0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a23f19b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img.staticdj.com/0bca6197e2f237c278b094fbf18ce611_100x.jpeg

104.19.235.103

200 OK

2.3 kB

URL GET HTTP/3
img.staticdj.com/0bca6197e2f237c278b094fbf18ce611_100x.jpeg
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
2.3 kB (2348 bytes)
Hash
4931fc397659b100726fa8468f144f8f
3a1eb1ce848c415578bbb343c507d990230bf3c0
aa252b2ee479b70900739c527fd08ace6585df0d0c6f58b4dabaea18b75d1713

HTTP Headers

GET /0bca6197e2f237c278b094fbf18ce611_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 2348
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="0bca6197e2f237c278b094fbf18ce611.webp"
expires: Wed, 06 Mar 2024 23:33:57 GMT
request-id: 8a1c6abb-c6aa-4ba2-874e-3343a53532b1
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 8a1c6abb-c6aa-4ba2-874e-3343a53532b1
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 22:33:57 GMT
cf-cache-status: HIT
age: 2724903
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LsQU%2BG9rSzybfafC1vCZIa3Grq3wezmRtdTgDdI6V7TzU6NAfC5CMZcy0J3mOWrel%2F%2F6SIpG%2BhF2xIBNRQdNbxOyU%2FNqTEsSzA%2FLdSmrpyOCyzME1Xv80UoOi6negveARdg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=29.000044
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b65e01b4f1-OSL
alt-svc: h3=":443"; ma=86400

img.staticdj.com/2be646a2364d0fd4ada1c0df823e96e6_100x.jpeg

104.19.235.103

200 OK

2.2 kB

URL GET HTTP/3
img.staticdj.com/2be646a2364d0fd4ada1c0df823e96e6_100x.jpeg
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
2.2 kB (2214 bytes)
Hash
500eb6360bf696f982722d078af4f7b0
8a8da7948e09aa85a5f9295070000b4951b35c70
a073b9f4ff059d81451655d61a79f76de5c9d1d5fbca61fbfb70cd8095c25fee

HTTP Headers

GET /2be646a2364d0fd4ada1c0df823e96e6_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 2214
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="2be646a2364d0fd4ada1c0df823e96e6.webp"
expires: Mon, 18 Mar 2024 21:49:24 GMT
request-id: 5e4ab6f5-c2b0-4a14-a5db-0bb55f28a9a2
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 5e4ab6f5-c2b0-4a14-a5db-0bb55f28a9a2
x-xss-protection: 1; mode=block
last-modified: Mon, 18 Mar 2024 20:49:24 GMT
cf-cache-status: HIT
age: 2724902
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hFukDmSlnJZcMfTYx%2FwqFXkPQQxYYoDWYTfCf%2FGAWwHy2wrIahhBjLffqTM1V0HybPc4DpVRHQEdvLObfKr5qMAXudh5TEciHBiMIt8YKVe%2FW5CUpNdQWlphpqRSZr8k%2FLM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=17.999887
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b66e1eb4f1-OSL
alt-svc: h3=":443"; ma=86400

img.staticdj.com/84cc7e684561de314cde018b6a020908_100x.jpeg

104.19.235.103

200 OK

2.6 kB

URL GET HTTP/3
img.staticdj.com/84cc7e684561de314cde018b6a020908_100x.jpeg
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
2.6 kB (2578 bytes)
Hash
b79df0caa544f5f6dd9109393e98b81b
fc9af4731ac7003396090d5b9452df202d66de51
6e1dbf2a2d6374ae56638eb40ab6fa2008585d6b9497293f90acc02824e7640c

HTTP Headers

GET /84cc7e684561de314cde018b6a020908_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 2578
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="84cc7e684561de314cde018b6a020908.webp"
expires: Fri, 01 Dec 2023 12:54:38 GMT
request-id: 12b9e180-b02a-41df-9722-6125d9734dea
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 12b9e180-b02a-41df-9722-6125d9734dea
x-xss-protection: 1; mode=block
last-modified: Fri, 01 Dec 2023 11:54:38 GMT
cf-cache-status: HIT
age: 4958777
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xCZGXWMBqVP3Mxc9sX2jX2VD0%2F7VBpHNz8sqEMgt9ybKVgWV2kcpd%2FjUoJQE1dxTiCikY5j%2B4OOTuFFPAzqxtcU2e6aooDuR8U4JFwAYaVm4Md5RRDRWysTkcUr1I0RqTdU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=13.999939
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b67e25b4f1-OSL
alt-svc: h3=":443"; ma=86400

img.staticdj.com/de4fef1b05b5f0293d6da27bf9e0b08d_100x.gif

104.19.235.103

200 OK

10 kB

URL GET HTTP/3
img.staticdj.com/de4fef1b05b5f0293d6da27bf9e0b08d_100x.gif
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
10 kB (10206 bytes)
Hash
f2380f44185ac131e1c0006431820336
70cc1a582645574994f4c8ab0ee5dadd439a68a8
7abc9aea7d80701fd38d241fb1a79863a900a2abad12bbb4a969642b3f6d25eb

HTTP Headers

GET /de4fef1b05b5f0293d6da27bf9e0b08d_100x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 10206
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=15145
content-disposition: inline; filename="de4fef1b05b5f0293d6da27bf9e0b08d_100x.webp"
request-id: 41f84ad3-12b9-4cfe-891e-7be0fc0f448b
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Apr 2024 21:57:08 GMT
cf-cache-status: HIT
age: 142980
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1Z8KePkGTdHJ6swEhw8h7bqjNgMgIC6KVbkp9LERADQiwPB0pGEnan5UflBU4krYge63n23CqJDADVxxEX7XMTQiO2LiRkAL0NeqJuCGvCwwbER9GRY2TQqe32KgI00Sey0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=20.999908
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b66e10b4f1-OSL
alt-svc: h3=":443"; ma=86400

img.staticdj.com/ff4edc9f8feb23fad74ef845533b1046_100x.jpeg

104.19.235.103

200 OK

3.1 kB

URL GET HTTP/3
img.staticdj.com/ff4edc9f8feb23fad74ef845533b1046_100x.jpeg
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
3.1 kB (3142 bytes)
Hash
aea58abc1821b06e732cbf48902b0d3e
fdc8d79a2c906037af1eb76bc3291c52356c12c7
f935a617dde7953226058623b60e00f0b3fd5041c12a10e440378868d5bbc441

HTTP Headers

GET /ff4edc9f8feb23fad74ef845533b1046_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 3142
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="ff4edc9f8feb23fad74ef845533b1046.webp"
expires: Sat, 23 Mar 2024 09:13:55 GMT
request-id: 4191f7d8-81e0-4791-a9bf-5c0941007ec4
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 4191f7d8-81e0-4791-a9bf-5c0941007ec4
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Mar 2024 08:13:55 GMT
cf-cache-status: HIT
age: 735520
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NJz9PKR6dydPM8z2xJGs6p53yINGpnpTWkkR9fXweWA4nPaSxKHlAabbmmrbkBvEYnHmF7UUbn6%2FEFGOmgoT12HszC%2FkrWxDBfNIKhk8XM2yftnGd11D9ulpb%2FXZOt2pmGE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=25.000095
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b66e16b4f1-OSL
alt-svc: h3=":443"; ma=86400

img.staticdj.com/706b0aab69dd77b0c961cf8dbb30c37e_100x.gif

104.19.235.103

200 OK

5.5 kB

URL GET HTTP/3
img.staticdj.com/706b0aab69dd77b0c961cf8dbb30c37e_100x.gif
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
5.5 kB (5474 bytes)
Hash
d3ac7e59e47e3e859f675b70f56ef667
fa71cd2b734a7a4748c30b30f995a80c765280f7
b15b7e1e98284d3c2234947b8934d974e0740992c0ec3b2a07bf92c72fa23a0c

HTTP Headers

GET /706b0aab69dd77b0c961cf8dbb30c37e_100x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 5474
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=9718
content-disposition: inline; filename="706b0aab69dd77b0c961cf8dbb30c37e_100x.webp"
request-id: 2efa763e-d085-4a5e-8312-9a5296da1f6e
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Wed, 17 Apr 2024 17:47:38 GMT
cf-cache-status: HIT
age: 142979
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rY7a1Byx%2FXS8%2Fdph6FaNNbh4iP9oiypbKMg%2FZDNk5wuloCeiO8ngE5Qxicki0Fa%2FntHgw7TiaccEh4lxZhlipwZgNQrOUZDz5pN3MNAz0%2FVsx%2FZqts5Jhl%2B9SNx6e70v5vk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=13.000011
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b67e30b4f1-OSL
alt-svc: h3=":443"; ma=86400

img.staticdj.com/dd51b3cbd397fca23e13c19abea4b9ff_100x.jpeg

104.19.235.103

200 OK

5.5 kB

URL GET HTTP/3
img.staticdj.com/dd51b3cbd397fca23e13c19abea4b9ff_100x.jpeg
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
5.5 kB (5476 bytes)
Hash
5a7decf8f4229f976e0140f63c42c3c9
8fed3d8f86165021156bee40a499d58b0f7f783e
083cd65b8a726ca0b91db7d07ab3199f2a5509363270f788adaa2068941a6768

HTTP Headers

GET /dd51b3cbd397fca23e13c19abea4b9ff_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 5476
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="dd51b3cbd397fca23e13c19abea4b9ff.webp"
expires: Sat, 23 Mar 2024 10:43:57 GMT
request-id: 70eacc54-d9cf-48cb-b85f-803d469a64ae
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 70eacc54-d9cf-48cb-b85f-803d469a64ae
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Mar 2024 09:43:57 GMT
cf-cache-status: HIT
age: 52393
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K8iDukFz0LULHDLQzWxajvPMhSg%2B44s5XCTT9ymKnW8LBgJX0RahTtifdi7Yb7COXRWGi0SNbmVYuNObCOq5m6jj7jqhD%2Fkz0XwYLx44qzC20ukX8d2cGeGvEM3m11WGMl0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=16.000032
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b67e27b4f1-OSL
alt-svc: h3=":443"; ma=86400

img.staticdj.com/8da1e1a7efc32d52933797747822caad_100x.jpeg

104.19.235.103

200 OK

5.5 kB

URL GET HTTP/3
img.staticdj.com/8da1e1a7efc32d52933797747822caad_100x.jpeg
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
5.5 kB (5468 bytes)
Hash
b8d6601b5dd6fced248d5ae1b3908f2c
c7c69ff0ba15031f2054e75af3a5c64d0bbecce9
c488c65d3ca13fa9098c13f23f090838176968ccf0e4e5158a9943a6188fc864

HTTP Headers

GET /8da1e1a7efc32d52933797747822caad_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 5468
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="8da1e1a7efc32d52933797747822caad.webp"
expires: Wed, 06 Mar 2024 20:02:02 GMT
request-id: 71063f1c-84a3-486f-93bc-6a350396ead9
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 71063f1c-84a3-486f-93bc-6a350396ead9
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 19:02:02 GMT
cf-cache-status: HIT
age: 735520
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wmNupwX6dnzXhfrpTpt8S6cpNUR0NSlWqSm97nx%2FsjiILyc8E1n5OiJiHWcZUvhWPOLuQqnoL58fEt%2FP5ejxy5XIUScBtjwNrwcVL2yDakq7YQ9XtDhr3iSjJQj8sUtJ9hE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=32.000065
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b66e0ab4f1-OSL
alt-svc: h3=":443"; ma=86400

img.staticdj.com/debfb8e4dacf20f6c4af762c205ab1e5_100x.jpeg

104.19.235.103

200 OK

3.1 kB

URL GET HTTP/3
img.staticdj.com/debfb8e4dacf20f6c4af762c205ab1e5_100x.jpeg
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
3.1 kB (3102 bytes)
Hash
22e1aa1d218c8b6ed19fbac3879737e9
09b90ce6e7ea66d455f65a0bce5f98e33d1e2732
a58dfee137102ebbdf58f3d24b1565616c46adf0d47cf7dc034dd5a1ec9ab1fa

HTTP Headers

GET /debfb8e4dacf20f6c4af762c205ab1e5_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 3102
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="debfb8e4dacf20f6c4af762c205ab1e5.webp"
expires: Wed, 06 Mar 2024 20:02:05 GMT
request-id: 4410643d-c9a2-4c3c-bb3d-8fc78711e4dc
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 4410643d-c9a2-4c3c-bb3d-8fc78711e4dc
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 19:02:05 GMT
cf-cache-status: HIT
age: 1072533
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=md8pBPtFJd321bkfp4IfN%2BGC%2Fud79n%2B1OtZng3NPyjsd1ZjphdU1qH1XwAy8dcMucYYBG4Inv7EAZSQi6LhnHosT%2FGB%2BgFUXBC8VL1p%2F5lzSdY3OF%2FI%2F6gje1zy3U%2BDElng%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=23.000002
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b66e20b4f1-OSL
alt-svc: h3=":443"; ma=86400

img.staticdj.com/b2439535bc4d1194f5e3698c8beffa37_100x.jpeg

104.19.235.103

200 OK

6.1 kB

URL GET HTTP/3
img.staticdj.com/b2439535bc4d1194f5e3698c8beffa37_100x.jpeg
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
6.1 kB (6056 bytes)
Hash
00ec29b63d622a98dd7cc28600480349
7489431bd7be61d351cd4e8f1d635aa70074b9c6
7f40e82134f1f1cbe7a47a2911c5d13d3fe65fec874f3e6e2ce7dc5cf8d1603d

HTTP Headers

GET /b2439535bc4d1194f5e3698c8beffa37_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 6056
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="b2439535bc4d1194f5e3698c8beffa37.webp"
expires: Tue, 19 Mar 2024 12:01:08 GMT
request-id: 7375877b-f21a-4430-a92a-e6751d248376
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 7375877b-f21a-4430-a92a-e6751d248376
x-xss-protection: 1; mode=block
last-modified: Tue, 19 Mar 2024 11:01:08 GMT
cf-cache-status: HIT
age: 2724902
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wmqQGH0Er7Jr6fJkl4wxxbTeznue2nyDsx6qi%2FAkCmOj5wOipCUU%2B7zpatrqIRRBdU0pJtmZS70lkzBWmeAq%2BBwy6sIqaANeVQvUyaH93%2BDSfeeBgz2vqQUVLd9xBrWz9SE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=23.000002
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b67e28b4f1-OSL
alt-svc: h3=":443"; ma=86400

img.staticdj.com/390237f8831322dc5db1f4a87c8d4cb4_100x.jpeg

104.19.235.103

200 OK

2.4 kB

URL GET HTTP/3
img.staticdj.com/390237f8831322dc5db1f4a87c8d4cb4_100x.jpeg
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
2.4 kB (2370 bytes)
Hash
309e70a7e11577476a73c203935caa99
d702149af3fa2dffc6f697e2cdb9ea265cb630b9
ff535ef033b0e906e7fabcb17346c61b1018068b4f358a71c345bb67fa0ac5dc

HTTP Headers

GET /390237f8831322dc5db1f4a87c8d4cb4_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 2370
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="390237f8831322dc5db1f4a87c8d4cb4.webp"
expires: Wed, 06 Mar 2024 23:34:19 GMT
request-id: 2ca2ae89-7d89-4074-b3c9-d1f6bc901230
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 2ca2ae89-7d89-4074-b3c9-d1f6bc901230
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 22:34:19 GMT
cf-cache-status: HIT
age: 1072533
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VigJclj48E3yPLKGV4IEg5CwQM2Q0XTFbvgUf9H0tCvjRVwc%2FxHFWyLEoGlgVGVvYqGIMfeE9BsewXnkFSebGda2YIgzSscZVxwfzcUDs1pqYQ1LO1RLXkN6WxKdx3WLwlo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=24.999857
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b67e24b4f1-OSL
alt-svc: h3=":443"; ma=86400

img.staticdj.com/c07c90db188eb5558686d6e3cba11863_100x.jpeg

104.19.235.103

200 OK

2.3 kB

URL GET HTTP/3
img.staticdj.com/c07c90db188eb5558686d6e3cba11863_100x.jpeg
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
2.3 kB (2280 bytes)
Hash
159a287adca47ba28cc23f7007b512de
acf6fa74ab7fea8014fb4464c77f254cda490468
269f0e3ee6df922cd2fc38d9c16a64d4c434224ee5fdd10689befdba2c2b2b70

HTTP Headers

GET /c07c90db188eb5558686d6e3cba11863_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 2280
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="c07c90db188eb5558686d6e3cba11863.webp"
expires: Fri, 08 Mar 2024 06:19:35 GMT
request-id: 8324d96d-0653-4f64-960f-042266a8e765
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 8324d96d-0653-4f64-960f-042266a8e765
x-xss-protection: 1; mode=block
last-modified: Fri, 08 Mar 2024 05:19:35 GMT
cf-cache-status: HIT
age: 2724903
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qEbexxNdaOaoEOHJn%2BRAXbJ4GW9JUkxV29TC2Q24%2F7yrTmdABZ3MWXnnSpnZv63kKKo1318NQ94bkMgDmhBF4k5K1svQxxVAulPR81AtjwHBbfIfc45SM5fPH90Cg1Wn49I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=15.000105
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b68e34b4f1-OSL
alt-svc: h3=":443"; ma=86400

img.staticdj.com/df40a88624b210c98b1d8221f8539b79_100x.jpeg

104.19.235.103

200 OK

5.6 kB

URL GET HTTP/3
img.staticdj.com/df40a88624b210c98b1d8221f8539b79_100x.jpeg
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
5.6 kB (5590 bytes)
Hash
46416c5ba10e11325d905a330124ad6f
32ba931880dc2a4f250d2b25e164b6418153a5f2
231f73b33d461b965eb8aad74a34c69c5dca0b2c27858c7f852bd554aa3d5d77

HTTP Headers

GET /df40a88624b210c98b1d8221f8539b79_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 5590
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="df40a88624b210c98b1d8221f8539b79.webp"
expires: Wed, 06 Mar 2024 23:44:04 GMT
request-id: 3c23a506-97e7-4fb5-8103-dd939a5e9817
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 3c23a506-97e7-4fb5-8103-dd939a5e9817
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 22:44:04 GMT
cf-cache-status: HIT
age: 2724903
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RyBx9tyxaKAGGbXDlnP%2B5LkFm2TijpFohcNE%2FxKInNrsHm%2BxbF67h8nKLIgEJ0S9O%2B915J2BjKVVkujzHGPEJPBaw%2FbG6CmPAJiJFpWZ0E2CyQGaYi4HrZ87uf%2BC2HW46r4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=24.999857
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b67e2ab4f1-OSL
alt-svc: h3=":443"; ma=86400

img.staticdj.com/74ef331e09d70cfa31f8b60255227d84_100x.jpeg

104.19.235.103

200 OK

4.4 kB

URL GET HTTP/3
img.staticdj.com/74ef331e09d70cfa31f8b60255227d84_100x.jpeg
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
4.4 kB (4384 bytes)
Hash
b050e4ba5a7966a4debaee837cea66de
892a45a8ee95cbdebd36b255b333f88468681726
3954ae88fb4fcc818e9f86f16fe903f84261d493e074d4ddaa137d9f5b4c3827

HTTP Headers

GET /74ef331e09d70cfa31f8b60255227d84_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 4384
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="74ef331e09d70cfa31f8b60255227d84.webp"
expires: Mon, 18 Mar 2024 20:54:13 GMT
request-id: c978d044-650a-4502-ae47-a73966d88ec0
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: c978d044-650a-4502-ae47-a73966d88ec0
x-xss-protection: 1; mode=block
last-modified: Mon, 18 Mar 2024 19:54:13 GMT
cf-cache-status: HIT
age: 2724902
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FqWxCd01lYp%2F%2FKcwG5ElKDSHVu%2FnhskR64RdyO%2BQ1DdHPpv3y0OP6IloSW5E7fVelvHp93H3g%2F%2Bx%2FX9XrRVYXHM1Q4fSWJMSeEkRgDXkWgYczqyRG8rg9rZFikCkbk6S1wQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=32.999992
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b66e1cb4f1-OSL
alt-svc: h3=":443"; ma=86400

img.staticdj.com/ca7576731760e11e12dcc5eb9f3744fe_100x.jpeg

104.19.235.103

200 OK

5.3 kB

URL GET HTTP/3
img.staticdj.com/ca7576731760e11e12dcc5eb9f3744fe_100x.jpeg
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
5.3 kB (5300 bytes)
Hash
612cb7dd2d785cb4784a26df05e4b5c7
bae921244322088a1f3d1a48f8074c12beb47de1
2e054dd90deba4cf6fcbf8af70b65216afc754d593a7bf110652141a24303cc3

HTTP Headers

GET /ca7576731760e11e12dcc5eb9f3744fe_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 5300
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="ca7576731760e11e12dcc5eb9f3744fe.webp"
expires: Wed, 06 Mar 2024 20:02:06 GMT
request-id: c91ce225-31a4-4870-b20e-e8d02fb2c2ae
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: c91ce225-31a4-4870-b20e-e8d02fb2c2ae
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 19:02:06 GMT
cf-cache-status: HIT
age: 2434185
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uVv4CmBkLkGUxLSfm5dkqGcfWWpZuwBCzz3%2BqawaEeIM9VstNoUGJOrhq4tWCvuUR0InRhzNOqRM9SFwz1Dht0HpiXyMe4OWl%2BIphNTlD9VwFVogeH0lCrbHGji92VTxCnE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=30.999899
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b67e26b4f1-OSL
alt-svc: h3=":443"; ma=86400

img.staticdj.com/ce1685b8c6ee64f0a6a62616900beaca_100x.jpeg

104.19.235.103

200 OK

5.5 kB

URL GET HTTP/3
img.staticdj.com/ce1685b8c6ee64f0a6a62616900beaca_100x.jpeg
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
5.5 kB (5518 bytes)
Hash
bab263567cbbc100807a7c743527816d
50583c81a6b091a98ec9f13a4ff992be59427fc1
37065fe7a81138315e3f7d1be66f941b4ee1641d1bb15d919601a157d94c44ca

HTTP Headers

GET /ce1685b8c6ee64f0a6a62616900beaca_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 5518
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="ce1685b8c6ee64f0a6a62616900beaca.webp"
expires: Thu, 21 Mar 2024 09:36:37 GMT
request-id: 5761189e-823d-49fb-a0df-acc0a3e67f2a
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 5761189e-823d-49fb-a0df-acc0a3e67f2a
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Mar 2024 08:36:37 GMT
cf-cache-status: HIT
age: 1072533
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wprOyCFbi%2FOCQwXuEkRn5XL9lE8XUNVJ75%2FpVQlsZmXS%2BtysMezleGal1w1UfMWrNE3gfb2BN35F%2BqWofexcmT4gef%2B2FgRKoJ7ByqaAkJ2ciV8SzfpTuxV58K6TfImHFB8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=29.999971
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b67e2eb4f1-OSL
alt-svc: h3=":443"; ma=86400

img.staticdj.com/54fe4a6cce98f14244804e0c43ff48d0_100x.jpeg

104.19.235.103

200 OK

1.9 kB

URL GET HTTP/3
img.staticdj.com/54fe4a6cce98f14244804e0c43ff48d0_100x.jpeg
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
1.9 kB (1904 bytes)
Hash
c2f88f71eee4da1c3a42c6b7ef72668c
862e9da4023b60dffa58d4e725506240369df751
147c70483c2776c5aeeada3e45e6f07ab92b1bcc68753021e59988e6fa2bdf27

HTTP Headers

GET /54fe4a6cce98f14244804e0c43ff48d0_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 1904
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="54fe4a6cce98f14244804e0c43ff48d0.webp"
expires: Thu, 30 Nov 2023 14:13:56 GMT
request-id: c51b5f37-806a-461e-8cb5-55238ceaf532
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: c51b5f37-806a-461e-8cb5-55238ceaf532
x-xss-protection: 1; mode=block
last-modified: Thu, 30 Nov 2023 13:13:56 GMT
cf-cache-status: HIT
age: 4958777
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XvvbqOMqyHYhisbOM%2BiUG8TxUEjP9aqMAhMbWA8OVtKrh8JDJQTA58AwW7qlOixEDPwxXu5KLdLXwylxYD4aisAun5SmSSC2b4CJ1HU4xiGKJG75i%2BeZaQYU9yeVo6l85Y0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=23.000002
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b68e38b4f1-OSL
alt-svc: h3=":443"; ma=86400

img.staticdj.com/d31eb7a33614c54bc564e6fd60428233_100x.jpeg

104.19.235.103

200 OK

3.4 kB

URL GET HTTP/3
img.staticdj.com/d31eb7a33614c54bc564e6fd60428233_100x.jpeg
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
3.4 kB (3392 bytes)
Hash
9f110dfa3d480cb689b095677850243a
9830750faf525ce0895bb1a05c7dc36f6df31645
3ce3f447f9a267e4d7d9b182ef3a390cb448732e9832bd6048ed1b692e1fbaad

HTTP Headers

GET /d31eb7a33614c54bc564e6fd60428233_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 3392
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="d31eb7a33614c54bc564e6fd60428233.webp"
expires: Fri, 22 Mar 2024 13:20:10 GMT
request-id: 1e31eb3f-bdd5-4ec0-a3cc-aa75dd7ca298
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 1e31eb3f-bdd5-4ec0-a3cc-aa75dd7ca298
x-xss-protection: 1; mode=block
last-modified: Fri, 22 Mar 2024 12:20:10 GMT
cf-cache-status: HIT
age: 1072533
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j2Xyo0HVYiezYPRw4syftjjcCp83%2BCEZQLD86DIfXLAGvCDFjvveAC7n700otmjIoEMX3kgd1SfR0Iy7wvZ0UQ%2F9TYgcpZZdfkjj1XCAEktrQGrwkLomh0lfObg2Sq1dSSA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=27.000189
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b68e39b4f1-OSL
alt-svc: h3=":443"; ma=86400

img.staticdj.com/d4c160624c8818a0376061feb47462ac_100x.jpeg

104.19.235.103

200 OK

5.7 kB

URL GET HTTP/3
img.staticdj.com/d4c160624c8818a0376061feb47462ac_100x.jpeg
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
5.7 kB (5672 bytes)
Hash
a563f0adf30eba05a3ed6048fe85411a
936e77c87224f2a0ea9c1b547f2feba39ec00143
95486c5aecb81d6bf32bc7b71900a4949329a1aeb98e40985a52d41030f63617

HTTP Headers

GET /d4c160624c8818a0376061feb47462ac_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 5672
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="d4c160624c8818a0376061feb47462ac.webp"
expires: Thu, 21 Mar 2024 10:36:40 GMT
request-id: 378762c7-f82b-41f8-a808-70b3e4f19049
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 378762c7-f82b-41f8-a808-70b3e4f19049
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Mar 2024 09:36:40 GMT
cf-cache-status: HIT
age: 2724903
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=raFPsrHCLDL2sKD522hCZLYCX5N4xZKhD8SWSmUE19dvryC6Dr6loyFHOBCHjFqnZgnTyrTNNNtEXQ%2BR0xFFC%2FKcQSo9U7ty8vorpG3qW9qNUl8S65FRYmdITUTw8MYi3z4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=13.000011
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b6be6fb4f1-OSL
alt-svc: h3=":443"; ma=86400

img.staticdj.com/2aa3496fd6f3aa7cf73f523f4eeac087_100x.jpeg

104.19.235.103

200 OK

3.8 kB

URL GET HTTP/3
img.staticdj.com/2aa3496fd6f3aa7cf73f523f4eeac087_100x.jpeg
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
3.8 kB (3788 bytes)
Hash
4238b0b941b556b27d945b8f137fa635
f7df95772c3c8807f8476058e764de4c9d8d5c2e
f7d77298c937ae5c90b3d970f8f2c5e7b723e40bf79de6269bd9229b54918884

HTTP Headers

GET /2aa3496fd6f3aa7cf73f523f4eeac087_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 3788
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="2aa3496fd6f3aa7cf73f523f4eeac087.webp"
expires: Fri, 22 Mar 2024 09:22:58 GMT
request-id: 5859122e-b02d-47b9-9fab-cb93dcc0f697
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 5859122e-b02d-47b9-9fab-cb93dcc0f697
x-xss-protection: 1; mode=block
last-modified: Fri, 22 Mar 2024 08:22:58 GMT
cf-cache-status: HIT
age: 1072533
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NSb3aObCJ8n9wovwe%2BkZh9%2BaZa7zRxOfI56L8NVzhufnI8ma9urFOC%2B0Py2BimgrnC3BBeDk9uquhe2K0k62uja6sc5nWWrBrLTRs2EWIxY40CjYorvBu523kGqml2g5ECI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=15.000105
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b6be6bb4f1-OSL
alt-svc: h3=":443"; ma=86400

img.staticdj.com/dab6e69237c3b8b86ad69740387af70a_100x.jpeg

104.19.235.103

200 OK

3.5 kB

URL GET HTTP/3
img.staticdj.com/dab6e69237c3b8b86ad69740387af70a_100x.jpeg
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
3.5 kB (3504 bytes)
Hash
af0fa7b3c972b176b247e43da921cdf9
d6625b8fa81f90dc54770cb644e78dc5706ec582
53198496bd049832588634b7b28494d029a6e95d2f95cc63a3a315cce1af7cac

HTTP Headers

GET /dab6e69237c3b8b86ad69740387af70a_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 3504
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="dab6e69237c3b8b86ad69740387af70a.webp"
expires: Wed, 06 Mar 2024 22:17:41 GMT
request-id: 4509fb2d-c2be-4abc-bd5a-f88a629cbc33
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 4509fb2d-c2be-4abc-bd5a-f88a629cbc33
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 21:17:41 GMT
cf-cache-status: HIT
age: 2434185
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r5Xh%2FuXdgHlVhtdjV7becjdlc7xkML3Qa4Vnv9GVZDU%2B6e%2FcHYhvSP74QINFrPTGxFwzXYgvDsJYESEa0A6S9Jv9E70XqVRBq7UinV8u68C1%2Fay4yFyo0oWWXH0VMDBGOWg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=15.000105
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b6be6db4f1-OSL
alt-svc: h3=":443"; ma=86400

www.rosequake.com/Ajax/GetMinCart.aspx?type=&r=0.9360356141702216

188.114.97.1

200 OK

7.1 kB

URL POST HTTP/3
www.rosequake.com/Ajax/GetMinCart.aspx?type=&r=0.9360356141702216
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
JSON text data
Size
7.1 kB (7132 bytes)
Hash
52733d7065168773501175b02368ce4f
9fa99e4ae056bba023987252dc227e57980a375a
82e5034b8a158462ac520bc23d5c81b8a93d839c742de19d4059c37df70e390c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /Ajax/GetMinCart.aspx?type=&r=0.9360356141702216 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 11
Origin: https://www.rosequake.com
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw; _gcl_au=1.1.1780305057.1714164860; _ga_B1QS3P765Z=GS1.1.1714164861.1.0.1714164861.0.0.0; _ga=GA1.1.379596347.1714164862
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: application/json; charset=utf-8
cache-control: private
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BtEm1w8shzO%2BwYbJaTrXeRES0KSAljO%2BsGEmTYLUnmnN01qoKN%2F2l99AAVMrMzmLGNGe9itKMapKhg8oFy1kH0Z6t%2B1YKz6Apxz0yCyK5j6kA7ywSgEn0QgVXQuFrzZGTPOoGw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977b34e3f56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

img.staticdj.com/2f931445ef6ce220d149806eec5bfef9_100x.jpeg

104.19.235.103

200 OK

7.9 kB

URL GET HTTP/3
img.staticdj.com/2f931445ef6ce220d149806eec5bfef9_100x.jpeg
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
7.9 kB (7854 bytes)
Hash
57707a103590555bf483df57b1f76bd5
22270f1fbbe3d8ffd8283813126debd748667d7f
2a29004e5c4c66eb954004a01d14307ebaece558236fa7ae06b361a7456b7cc4

HTTP Headers

GET /2f931445ef6ce220d149806eec5bfef9_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 7854
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="2f931445ef6ce220d149806eec5bfef9.webp"
expires: Wed, 06 Mar 2024 20:02:08 GMT
request-id: cd7a1d3b-56f1-4c49-9ef7-d67cc2934875
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: cd7a1d3b-56f1-4c49-9ef7-d67cc2934875
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 19:02:08 GMT
cf-cache-status: HIT
age: 1328496
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3%2BosoKhJnRT7dUF0taqVr3ICCFYv4PGyiOqGEXQ7K4JO9YvJO96IcXSFDfCSB5gTdU0dIFudZvGD29idkXZj0VuXfLa1Zfu4KNc0jb0cNTEP%2FFJyk0hv6Z19XrQne4uK8hs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=25.000095
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b6be71b4f1-OSL
alt-svc: h3=":443"; ma=86400

img.staticdj.com/ee9abcbc18be04ca41d287a786c6eb40_100x.jpeg

104.19.235.103

200 OK

5.8 kB

URL GET HTTP/3
img.staticdj.com/ee9abcbc18be04ca41d287a786c6eb40_100x.jpeg
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
5.8 kB (5776 bytes)
Hash
1b587e71059ad839e608324aca95ccfb
7ff274bd3c3dfb32eee6ec395602642580adb490
49ed4dce56ab4ee84d1e56a3f916c9130a105f3de70738c3df06c8573e25b382

HTTP Headers

GET /ee9abcbc18be04ca41d287a786c6eb40_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 5776
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="ee9abcbc18be04ca41d287a786c6eb40.webp"
expires: Thu, 21 Mar 2024 10:36:40 GMT
request-id: 5602b8ba-2854-4a43-9169-f127ecb861b4
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 5602b8ba-2854-4a43-9169-f127ecb861b4
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Mar 2024 09:36:40 GMT
cf-cache-status: HIT
age: 1072533
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VzCAetfDvx6A1fm%2FiW8NHbQ1jGdJ2%2FJTeYdtITNEiaeSAfbu9ve5lMKOcPf9ZyM72YVlEnb6pfNINjHNfOAZEeMcDsjmA2yBe4c2%2Fh4MnMsbVulP%2BN8SSCXZEn5q8f7P2lg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=22.000074
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b6be72b4f1-OSL
alt-svc: h3=":443"; ma=86400

img.staticdj.com/0d9b5d0e5320655d89515246767e012c_100x.jpeg

104.19.235.103

200 OK

4.6 kB

URL GET HTTP/3
img.staticdj.com/0d9b5d0e5320655d89515246767e012c_100x.jpeg
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
4.6 kB (4580 bytes)
Hash
f5ce53c174243ecfea2bb0f9cc50df71
5d76d76dec34219cc2a10892463e4c68a1a1e109
06bc2fe9ffb45512dfa6700b6d67a69088ca46df624912415e894fdbafec925d

HTTP Headers

GET /0d9b5d0e5320655d89515246767e012c_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 4580
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="0d9b5d0e5320655d89515246767e012c.webp"
expires: Wed, 06 Mar 2024 20:02:08 GMT
request-id: 89d28de3-8ef6-40c3-a2ab-ae320afe6cc5
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 89d28de3-8ef6-40c3-a2ab-ae320afe6cc5
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 19:02:08 GMT
cf-cache-status: HIT
age: 1982998
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L4reKbcIbL1cYUO0OadYWsvfOG%2FDAWb6IkMaFanenlkAtdblEld5krDdP27Er45QvlxNRc9hVjXX3X03Rp1uxhU9%2B12r%2F%2FPGBloMQk8EsbKdQt1sLXSktgYtCrwVMI15O2E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=13.000011
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b6be73b4f1-OSL
alt-svc: h3=":443"; ma=86400

img.staticdj.com/a8ef1b6b0b5bb394bf747c2d7581916e_100x.gif

104.19.235.103

200 OK

9.3 kB

URL GET HTTP/3
img.staticdj.com/a8ef1b6b0b5bb394bf747c2d7581916e_100x.gif
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
9.3 kB (9286 bytes)
Hash
a833a97ba6f247894e9921bac9c2efb9
17e01c550fb24bc7cdba378e9e6e4e247a3bcf5a
db278bfed75528096b3e6e5b4601bf69b6dfed032059472b104e91b0cb274a90

HTTP Headers

GET /a8ef1b6b0b5bb394bf747c2d7581916e_100x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 9286
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=21271
content-disposition: inline; filename="a8ef1b6b0b5bb394bf747c2d7581916e_100x.webp"
request-id: 93ab2e69-4bff-437c-b58a-c9863c0a0d4a
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Fri, 22 Mar 2024 00:11:04 GMT
cf-cache-status: HIT
age: 2724903
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oc%2Fo7Nnibg2p3LWXdUc2zyJrmh6xAlsoaFupA%2FenmwTxqq1n05je5FFrj0EGCFYnFsbrBzeE62TyKO73f9UV2i8fIDk5CRg64ynMd3RA1ZsP5WPvSuvcYyPOMFBHXJoTiO4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=13.999939
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b6be74b4f1-OSL
alt-svc: h3=":443"; ma=86400

www.rosequake.com/images/starIcon.png

188.114.97.1

200 OK

2.8 kB

URL GET HTTP/3
www.rosequake.com/images/starIcon.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
PNG image data, 80 x 96, 8-bit/color RGBA, non-interlaced
Size
2.8 kB (2824 bytes)
Hash
80b32f34f8b4a9310abfc8d91ca5a6f8
29b5f72686bfe80f4f1ed1ad4765645285cc13c2
74c692972ae3c1c83ac74969fc5c7891d5de6abdfb69625a21a2e777739bb16a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/starIcon.png HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/static/CBDStyle.css?v=cac22025232-20240427
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw; _gcl_au=1.1.1780305057.1714164860; _ga_B1QS3P765Z=GS1.1.1714164861.1.0.1714164861.0.0.0; _ga=GA1.1.379596347.1714164862; cf_clearance=kbCUiwrgr269rrXfQfhT2.QA72LxwNcT_RGTVyI8PZk-1714164861-1.0.1.1-IUuCBYJG.SHnX3ZpoOA4LNplNS2TjQnYKA2dG2IgHVKRUxUTJhzUEMKsgAEL8hgn7cK8R1I.BdEYxFrGMYLejA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/png
content-length: 2824
last-modified: Thu, 17 Aug 2023 21:46:57 GMT
etag: "8f436e5854d1d91:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5624
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NUAc%2FnMrZzrgLGtq76ztY5CQoGdHyYhXIt9hZq6YKxWixWHu%2Bt6soOtWTmvUmT4ZnGEWsKne0eBk6V3PgXv57LXLlXqyJ8Bvn2aZLJGvpj7FMsiwXPPuz27v%2FJEbne7ZOPS3gg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977b7baf056c4-OSL
alt-svc: h3=":443"; ma=86400

www.rosequake.com/js/layer.mobile/layer.js?v=cac22025232-20240427

188.114.97.1

200 OK

37 MB

URL GET HTTP/3
www.rosequake.com/js/layer.mobile/layer.js?v=cac22025232-20240427
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (3204)
Size
37 MB (37330158 bytes)
Hash
dd2d9abc4f31f7e0b5eadde59641632e
98b28a118b5211190bf368bd437d8a26e752fa63
772e7cd4bcdb897178cadf50cd8a97f99fcfc39027c02fb4ff20b7fe053d2af3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/layer.mobile/layer.js?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: application/javascript
last-modified: Fri, 19 Mar 2021 17:46:56 GMT
etag: W/"0a886dae71cd71:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IkudUOnuYjmaqC1YoBxwMpBzwgnS%2BlRmEa33Klv2qVcNmaNoVdbGSUjrI02O%2BO0i%2FSghlAwuTTmwYnSkGgwB578CDKs%2BrGYn1E4OB2ouuNCPAe5yyYmh%2BDYjDDfpZiikAhDHoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a21c1356c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

global.akating.com/images/e7324f65a97f479eae35dea57525995b.jpg

104.21.11.35

200 OK

166 kB

URL GET HTTP/3
global.akating.com/images/e7324f65a97f479eae35dea57525995b.jpg
IP
104.21.11.35:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectakating.com
FingerprintA8:7E:17:08:6D:10:CF:53:D4:98:D4:CE:50:7C:4A:15:9B:62:1D:62
ValidityFri, 19 Apr 2024 10:57:59 GMT - Thu, 18 Jul 2024 10:57:58 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 24.7 (Windows), datetime=2023:10:29 15:20:47], baseline, precision 8, 1900x600, components 3
Size
166 kB (165578 bytes)
Hash
93ed4410afe4d281d98ed1fe5f887098
12bee450a2725f1a0441fc8b4c4b80c4d34f7140
736a26f8c9508e3d094d96999cab2845e0389abd9bce3cfd194cfa50dad3727e

HTTP Headers

GET /images/e7324f65a97f479eae35dea57525995b.jpg HTTP/1.1
Host: global.akating.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:25 GMT
content-type: image/jpeg
content-length: 165578
last-modified: Tue, 28 Nov 2023 21:41:01 GMT
etag: "46d99f944322da1:0"
x-powered-by: ASP.NET
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 5625
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ri%2BIt3OEL61U0Gb9JFRhzfwheUqQWS3j3O6jVz%2B%2FGTJEX8HmKAnnYstZ%2B64yYz4NBEgOyhScftE2rpKjeKv5AgbWLG%2FoHvWJ7Ka5HjwRTXbY%2B4Ua7OFd48oP%2F2vhlEwmRNwgYjI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977c6ecea5694-OSL
alt-svc: h3=":443"; ma=86400

www.rosequake.com/images/rose/07b6e3s5debve63c9e9.jpg

188.114.97.1

200 OK

728 kB

URL GET HTTP/3
www.rosequake.com/images/rose/07b6e3s5debve63c9e9.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1900x600, components 3
Size
728 kB (728405 bytes)
Hash
07b6e375a5deb69b6d1aa3be7e63c9e9
4c7993ef917884ffb1f9ecc77b29f12501e6fdcf
bf5f7ca6102bc3c0668bc498a3854136a36d9301bc8a1b7162c386ec04c7f09f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/rose/07b6e3s5debve63c9e9.jpg HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw; _gcl_au=1.1.1780305057.1714164860; _ga_B1QS3P765Z=GS1.1.1714164861.1.0.1714164861.0.0.0; _ga=GA1.1.379596347.1714164862; cf_clearance=kbCUiwrgr269rrXfQfhT2.QA72LxwNcT_RGTVyI8PZk-1714164861-1.0.1.1-IUuCBYJG.SHnX3ZpoOA4LNplNS2TjQnYKA2dG2IgHVKRUxUTJhzUEMKsgAEL8hgn7cK8R1I.BdEYxFrGMYLejA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:30 GMT
content-type: image/jpeg
content-length: 728405
last-modified: Tue, 10 Oct 2023 19:39:16 GMT
etag: "537b5874b1fbd91:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5627
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0sExSOtL13D6R%2FYUQi2xErX36QBcY28tmLqazF5X2yPvcLLH9sZbatUdVyVgV5qcdWQmwpkBPV2iBtcjgjZ5I8xE%2Bi9y7a4it3yfT1kivYFjwSvLCa8BefQbv0tqG7jJINiFww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977e85d2956c4-OSL
alt-svc: h3=":443"; ma=86400

we.chatsoftly.com/agents/images/cbdshop/agent_offline.png

172.67.194.34

200 OK

4.5 kB

URL GET HTTP/3
we.chatsoftly.com/agents/images/cbdshop/agent_offline.png
IP
172.67.194.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerLet's Encrypt
Subjectchatsoftly.com
FingerprintB5:CE:E5:95:0F:6B:BB:E2:D4:E0:32:34:86:00:B8:EB:C8:3F:A6:E5
ValidityWed, 06 Mar 2024 04:41:15 GMT - Tue, 04 Jun 2024 04:41:14 GMT

File type
PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced
Size
4.5 kB (4458 bytes)
Hash
f31b27f2dd78d85a52e0588a7e7698ec
a601d2b2098b159d3ebe1508ff87b76131a691d6
585a9c155c15c0ba3be761b5ea54fa8fa897e888ad1d415edacf1792d7ee2c54

HTTP Headers

GET /agents/images/cbdshop/agent_offline.png HTTP/1.1
Host: we.chatsoftly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:30 GMT
content-type: image/png
content-length: 4458
last-modified: Wed, 14 Apr 2021 15:07:35 GMT
etag: "54f5cbe63f31d71:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5630
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z0Mt1PzV8EZw4MN1SkTGxtJ4K5OSA1WZlWm6q8gOkLu%2FVqIfAajZIhEXpEN8LHWNeA35aqLOf5cZHYLdNlBDSvROi5ULMx94A5Q9bPnFt5psyI%2FXSduRYlcARbOUEJqyLwlZXw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977ea9edfb523-OSL
alt-svc: h3=":443"; ma=86400

we.chatsoftly.com/spa1/im_web_plugins/out_config.aspx?id=9&company_code=RoseQuake&language=en-us&session_key=&callback=udesk_jsonp0

172.67.194.34

200 OK

6.0 kB

URL GET HTTP/3
we.chatsoftly.com/spa1/im_web_plugins/out_config.aspx?id=9&company_code=RoseQuake&language=en-us&session_key=&callback=udesk_jsonp0
IP
172.67.194.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerLet's Encrypt
Subjectchatsoftly.com
FingerprintB5:CE:E5:95:0F:6B:BB:E2:D4:E0:32:34:86:00:B8:EB:C8:3F:A6:E5
ValidityWed, 06 Mar 2024 04:41:15 GMT - Tue, 04 Jun 2024 04:41:14 GMT

File type
Unicode text, UTF-8 text, with very long lines (2820), with no line terminators
Size
6.0 kB (6026 bytes)
Hash
6c3948ad373d8ae7a243a0e281a54ba4
5dbac628298993c2842f8cbe0af10dabd9eae976
47f52bbc5d89e0fd25786a55e8bfb2907e72afaa00a0ae8f69dc8da30ff324b9

HTTP Headers

GET /spa1/im_web_plugins/out_config.aspx?id=9&company_code=RoseQuake&language=en-us&session_key=&callback=udesk_jsonp0 HTTP/1.1
Host: we.chatsoftly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:30 GMT
content-type: text/javascript; charset=utf-8
cache-control: private
vary: Accept-Encoding
set-cookie: ASP.NET_SessionId=01qtkumfm55vfepnykbebpgj; path=/; HttpOnly; SameSite=Lax
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hypFUHblujVM1MvOD5xbo14kvN4wL%2FfXg1tnPqAEgksBMGmuwTxN0tg9WXQAqk81%2FsviO86%2BcX%2FupnU7jsGf6F9jkhb4lZTvDA6RGO4nX9vI4anuK90L2jctYNNTTUliPrQTkA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977e8ec94b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.rosequake.com/images/rose/07b6e3s5debve63c0.jpg

188.114.97.1

200 OK

222 kB

URL GET HTTP/3
www.rosequake.com/images/rose/07b6e3s5debve63c0.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2023:10:11 03:50:16], progressive, precision 8, 1900x600, components 3
Size
222 kB (222417 bytes)
Hash
fdc2b3b7d952a2bc8e01d3986045ca81
36836d21cf2e5a58df6a99cbc48e2d076914a47c
2a921ee0e9fb9e05f8d29612835cfc1aa4f28dc7f96c15ce9799d4ac84fff7b8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/rose/07b6e3s5debve63c0.jpg HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw; _gcl_au=1.1.1780305057.1714164860; _ga_B1QS3P765Z=GS1.1.1714164861.1.0.1714164861.0.0.0; _ga=GA1.1.379596347.1714164862; cf_clearance=kbCUiwrgr269rrXfQfhT2.QA72LxwNcT_RGTVyI8PZk-1714164861-1.0.1.1-IUuCBYJG.SHnX3ZpoOA4LNplNS2TjQnYKA2dG2IgHVKRUxUTJhzUEMKsgAEL8hgn7cK8R1I.BdEYxFrGMYLejA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:31 GMT
content-type: image/jpeg
content-length: 222417
last-modified: Tue, 10 Oct 2023 19:50:17 GMT
etag: "27495bfeb2fbd91:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5624
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4%2Fz05zKKqT7lZeCmHPxq5EDHWOeJD%2F4ZJf4s14Rmxwq1KJ%2FN4dfJgObpEUzcvUIavlUtOmVqQUgJb4D08m6Ot5rCY0j8RH2dWyJ0qf3PlODsJTGKmMkwADpDKHKQo72YlHL1zg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977f04d5356c4-OSL
alt-svc: h3=":443"; ma=86400

www.rosequake.com/Images/blank.gif

188.114.97.1

200 OK

123 B

URL GET HTTP/3
www.rosequake.com/Images/blank.gif
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
GIF image data, version 89a, 75 x 75
Size
123 B (123 bytes)
Hash
aeaad81449b30b1cfa2844c54ef496ee
2d735dd13b9faa084b4ac2778e7f0959e664dca3
52d0dbe6ba1d11ebc403a5ee2d98b707b61f48516ee2c2cf6187ace9191ae1a8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /Images/blank.gif HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/gif
content-length: 123
last-modified: Wed, 13 May 2015 02:06:04 GMT
etag: "d162215e218dd01:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5622
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HOCAyPLv8e2%2BThI7kV30bP2Bzd%2BVsg6cQ%2F4AC7g4T8FvDqAjk0ETzutInG6%2FOFHGXRYs%2FQxYKvsCUgTUUNzI7LEdIXtj%2BZrY24TD%2Bpdka5YOWVcR6thAJTHGR1TzRY74jvf%2BYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977a31d5b56c4-OSL
alt-svc: h3=":443"; ma=86400

www.rosequake.com/static/assets/sass/style.css?v=cac22025232-20240427

188.114.97.1

200 OK

91 kB

URL GET HTTP/3
www.rosequake.com/static/assets/sass/style.css?v=cac22025232-20240427
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
ASCII text, with CRLF line terminators
Size
91 kB (91399 bytes)
Hash
9ecdc5fe4c25c939533d5613a560b7b3
c432fd1eff96051da782463f392531d7e25f8f80
1c84f82609078a0639992c996a8b7c55f2d5b75508494cfa58deee2dbef06a21

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/assets/sass/style.css?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: text/css
last-modified: Wed, 27 Dec 2023 10:52:08 GMT
etag: W/"0fc93bcb238da1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=49nFCAo4OHgaJqEZv%2BhPQyicE4aR6Rat3H1UVka%2BVKNw5UzSESAZGCb%2BfD0kMjgiCgYCNyeqTglJGH%2Fu3%2BER8t5fGqKf2cIr7eKlTsbcvxwMIb%2BszE7k83QtgQEvch8gsgN0VA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a16b1156c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.rosequake.com/css/shop-section.css?v=cac22025232-20240427

188.114.97.1

200 OK

20 kB

URL GET HTTP/3
www.rosequake.com/css/shop-section.css?v=cac22025232-20240427
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type

Size
20 kB (19907 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/shop-section.css?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: text/css
last-modified: Thu, 28 Dec 2023 19:18:46 GMT
etag: W/"06f9cadc239da1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cUUDFW3gViWYP1CSIUDJD4PST9AbIbQtx%2FgT1ils7RoDVo6Ay0P%2Fatnvxo2Nd2R%2FD021V%2BWabS5XWphAKoJ6GpQEo5mykmXFscEV70KFjDsn6OjuF4yNlhLrIXfSMah3lSfxcw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a22c2456c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

img.staticdj.com/e7a0a7e798092ef2c5aa9d37afa9af98_100x.jpeg

104.19.235.103

200 OK

5.2 kB

URL GET HTTP/3
img.staticdj.com/e7a0a7e798092ef2c5aa9d37afa9af98_100x.jpeg
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
5.2 kB (5150 bytes)
Hash
e5ac08d5ca7814fda72e410b69e84e1a
c30663198c84e979d505aa405c42492cf58c8c5e
99d82ef5165f59fb83a8fe8fcd6e1bf6b36ecf8d3f372b7e491d81dc01f6d901

HTTP Headers

GET /e7a0a7e798092ef2c5aa9d37afa9af98_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 5150
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="e7a0a7e798092ef2c5aa9d37afa9af98.webp"
expires: Fri, 08 Mar 2024 06:35:35 GMT
request-id: 7c026fce-d467-4649-81f5-2803c1b12ad3
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 7c026fce-d467-4649-81f5-2803c1b12ad3
x-xss-protection: 1; mode=block
last-modified: Fri, 08 Mar 2024 05:35:35 GMT
cf-cache-status: HIT
age: 1072533
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8ffOyB6DIwFwhekN4oRXREcLT1wYjBXyvjC6n2eR8yGOQtVx4NDRTJx6TJLBx4xvbsP7I%2BebVILeqLYrcy1kH1%2F%2Bwu4itVfTFiPMKHkHoAjA4fiS3v04Nbnj%2FUr2f2bG5w8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=21.000147
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b65e06b4f1-OSL
alt-svc: h3=":443"; ma=86400

global.akating.com/files/js/chosen_v1.8.7/chosen.jquery.js?v=cac22025232-20240427

104.21.11.35

200 OK

48 kB

URL GET HTTP/2
global.akating.com/files/js/chosen_v1.8.7/chosen.jquery.js?v=cac22025232-20240427
IP
104.21.11.35:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectakating.com
FingerprintA8:7E:17:08:6D:10:CF:53:D4:98:D4:CE:50:7C:4A:15:9B:62:1D:62
ValidityFri, 19 Apr 2024 10:57:59 GMT - Thu, 18 Jul 2024 10:57:58 GMT

File type
JavaScript source, ASCII text, with very long lines (326), with CRLF, LF line terminators
Size
48 kB (48043 bytes)
Hash
89081048f3bf7c9d5985d79e4976f359
50bb8dde91c4f95c98716d7d702617dbea18bbc7
811ec63ebf47f8ccdafdc6c39280dff6c51b980b2a94547a8b78a3e6cc0b853f

HTTP Headers

GET /files/js/chosen_v1.8.7/chosen.jquery.js?v=cac22025232-20240427 HTTP/1.1
Host: global.akating.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: application/javascript
last-modified: Sat, 20 Jul 2019 16:38:39 GMT
etag: W/"80115e95193fd51:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 6333
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p7aL2X0vbMOAFWp8c8HdBxXGoyWDz6jkHkmotWskRHgmq%2BCbg1XevDPubxGDC7xDhUBzL6SQvp1d21%2FbtKAgrwIEGiTnN3k4v2QM1iQrjnu1rFecFxxRAUSiilvbnoPsOqzSkP8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a23f13b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img.staticdj.com/da09e529a78d22acbc8323c13c5cc630_600x.png

104.19.235.103

200 OK

257 kB

URL GET HTTP/2
img.staticdj.com/da09e529a78d22acbc8323c13c5cc630_600x.png
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
257 kB (256606 bytes)
Hash
b7ad50615326bfbf25dc7aaacafb5490
87e0a38db1ce414fcd2136f765b8da96afe5d949
9fd89cd7a5812ee7dac86896bd9884be484c037cb1197fcdaf7bc164ce6fd07a

HTTP Headers

GET /da09e529a78d22acbc8323c13c5cc630_600x.png HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/webp
content-length: 256606
cache-control: public, max-age=31557600, max-age=3600, public
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=459851
content-disposition: inline; filename="da09e529a78d22acbc8323c13c5cc630_600x.webp"
expires: Thu, 11 Apr 2024 23:12:43 GMT
request-id: f77d0d2d-e7d4-4c11-a66e-ceae06526476
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: f77d0d2d-e7d4-4c11-a66e-ceae06526476
x-xss-protection: 1; mode=block
last-modified: Thu, 11 Apr 2024 22:12:43 GMT
cf-cache-status: HIT
age: 1072531
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ISoKqhSL1m27RWOOdQxNBw5ZBQ7aVt6TD4FL3lOJ17cVo3CSyqqE1Mc8j696orAw%2FH0aKGe%2B3jgt0XPrR0LuE4RZxbgXfvoy%2FSF7dvus%2BU7qOnxO%2BEcc1JsFGgei9ixUJWA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=27.999878
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977a44867b4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img.staticdj.com/7dc7294d364026f639068e11fa703b18_600x.gif

104.19.235.103

200 OK

165 kB

URL GET HTTP/2
img.staticdj.com/7dc7294d364026f639068e11fa703b18_600x.gif
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
165 kB (165198 bytes)
Hash
7dc7294d364026f639068e11fa703b18
5f594b9ed1b55a61858fc96fbc224614fed0b42d
e2a7445b15a99a9ae4e87686a9f247a04d2e78da38f849fa9cec2646187549b0

HTTP Headers

GET /7dc7294d364026f639068e11fa703b18_600x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/gif
content-length: 165198
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: status=format_not_supported
request-id: a6c499b0-00d7-4780-b2b8-1598397d51cb
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Sat, 27 Jan 2024 14:39:00 GMT
cf-cache-status: HIT
age: 4958775
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MhFPkxiL0nqsLYufYbctvVfDXLbzU9X7q7EPrcHuBie4GL7TRP61chkQ6kiCVw%2BfdXSxEmfGwD3uIrs5Qb2askexNd9g0xf%2FC2Lauq0NRXVo%2FWl99UJCYQ%2B81qwMklm3Gbc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=25.999784
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977a44868b4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img.staticdj.com/c0e7c8a730a4dd28ef807f72cb292f64_100x.jpeg

104.19.235.103

200 OK

4.9 kB

URL GET HTTP/3
img.staticdj.com/c0e7c8a730a4dd28ef807f72cb292f64_100x.jpeg
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
4.9 kB (4856 bytes)
Hash
a24b8f7ca9b2b2aa64f93a540efe9367
30e1c9048df38990b9d0dd4e63388d82d5a237ac
6cc5bcbbbda841e4d9d4aaa923c8f32bf7eb70d4a92a19238ea4be7c34f23e67

HTTP Headers

GET /c0e7c8a730a4dd28ef807f72cb292f64_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 4856
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="c0e7c8a730a4dd28ef807f72cb292f64.webp"
expires: Wed, 17 Apr 2024 19:50:42 GMT
request-id: c05305e7-01fa-49a4-80b1-a9b91b313251
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: c05305e7-01fa-49a4-80b1-a9b91b313251
x-xss-protection: 1; mode=block
last-modified: Wed, 17 Apr 2024 18:50:42 GMT
cf-cache-status: HIT
age: 142981
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GkdBAlC5x8g1VbDoIWj2rKbICBgiRzpx7IGnf%2BB%2F7pCu0kOxUqBKDRQkBe8v9t71C%2FLYSXWmACCy0HjQihDf2%2FeRsWTYLR4xAXmyJzfPYAm1d5Dnksg4Z4hrZ2X9cGH%2Be34%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=22.000074
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b63dddb4f1-OSL
alt-svc: h3=":443"; ma=86400

global.akating.com/static/js/pixel2023.js?v=cac22025232-20240427

104.21.11.35

200 OK

15 kB

URL GET HTTP/2
global.akating.com/static/js/pixel2023.js?v=cac22025232-20240427
IP
104.21.11.35:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectakating.com
FingerprintA8:7E:17:08:6D:10:CF:53:D4:98:D4:CE:50:7C:4A:15:9B:62:1D:62
ValidityFri, 19 Apr 2024 10:57:59 GMT - Thu, 18 Jul 2024 10:57:58 GMT

File type

Size
15 kB (14884 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /static/js/pixel2023.js?v=cac22025232-20240427 HTTP/1.1
Host: global.akating.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: application/javascript
last-modified: Sat, 10 Feb 2024 17:00:24 GMT
etag: W/"495bf2a3425cda1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 6333
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F%2BOOGdtuDStBK%2BYqIQmClcEAKXxfL2iXRMktlG9pTI5iDgiMb8DoV%2BI8C6mGGeEF8nCJs8VLBvwbnTu%2B38xxB0ylfhyTxCAWZelWPV96cYToRoQl8N6%2FLmZh7ie61NFMLPanFzQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a23f1fb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img.staticdj.com/632746d706da83e4fdc5052971513462_600x.jpg

104.19.235.103

200 OK

58 kB

URL GET HTTP/2
img.staticdj.com/632746d706da83e4fdc5052971513462_600x.jpg
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
58 kB (58254 bytes)
Hash
c90e5d16403043deb84d1b8b24689b4c
76d24ed464c7437b70cb4aa415ea5a3e0024273b
3f1cf1e27f4478a0f2af432d725f4a6413d17fff2dce1a12e6a11010c91a914f

HTTP Headers

GET /632746d706da83e4fdc5052971513462_600x.jpg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/webp
content-length: 58254
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="632746d706da83e4fdc5052971513462.webp"
expires: Wed, 06 Mar 2024 23:44:02 GMT
request-id: ba400a9e-cdfb-4468-a707-8b6a473cfab2
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: ba400a9e-cdfb-4468-a707-8b6a473cfab2
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 22:44:02 GMT
cf-cache-status: HIT
age: 142981
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PBMBZUBl6J36JOY4Xp5Ev8lCmyZjm4k%2Bk%2FvjCs5X%2FGl2TBnjTbEBty5OOce6NxJLm3JH68GI5WcfeNaxvkHRkCRVH%2B9lhHlkb%2FejemusyrObLvBwn5LKADNlFu4ulr5x%2Fcg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=29.000044
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977a4385cb4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img.staticdj.com/de4fef1b05b5f0293d6da27bf9e0b08d_600x.gif

104.19.235.103

200 OK

152 kB

URL GET HTTP/2
img.staticdj.com/de4fef1b05b5f0293d6da27bf9e0b08d_600x.gif
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
152 kB (151866 bytes)
Hash
2777d2f066ac9a81e5ab09d9b2be6561
0c19384068669134195e35dd8858e2a13e28a0ca
f21bc908138664cd6014fc302599665a19309c92f3dd85c43be7889a078e9a92

HTTP Headers

GET /de4fef1b05b5f0293d6da27bf9e0b08d_600x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/webp
content-length: 151866
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=443294
content-disposition: inline; filename="de4fef1b05b5f0293d6da27bf9e0b08d_600x.webp"
request-id: 6d404eb4-a304-40c2-9415-feeb99bc8540
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Mar 2024 19:32:12 GMT
cf-cache-status: HIT
age: 2463344
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LcjXBmB1Lo64uemuQiYXSoSQqp44kAs57OPgkxn7zBMqvOx0lgq79bePNdEMKXfkgx5nNVtCsJv2%2BtZF08m89H21mERCXT5TgNrC9sFA5lM2EHKcHjLjx0%2BvAAyhOsVLvbM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=27.999878
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977a458a0b4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.rosequake.com/js/layer.mobile/need/layer.css?2.0

188.114.97.1

200 OK

5.3 kB

URL GET HTTP/3
www.rosequake.com/js/layer.mobile/need/layer.css?2.0
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
ASCII text, with very long lines (5260), with no line terminators
Size
5.3 kB (5260 bytes)
Hash
633915e62d14a714594b95b974ee0836
e11ebb64a70272c4f35b92fea064f27c4b87efad
eecc7effcae5f246e6212c30c525cee9e11cadedc7d32aa6def213f1a90d98f6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/layer.mobile/need/layer.css?2.0 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw; _gcl_au=1.1.1780305057.1714164860
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:20 GMT
content-type: text/css
last-modified: Fri, 26 Aug 2016 09:35:36 GMT
etag: W/"cffb58337dffd11:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 6334
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2eKQhIgmgWKle3%2Fg%2BOH0S3J5GdcR8SRp%2FH29EPlGoeUijuER5LC97Mwet8YJSBKdEFI7QwCMi4qJkqkWxRS%2B8t07gVrW9QE4Op8ehdsqx355pj6Vsq2Y8SOHtTkZhRNCRDmsJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977abbe6156c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

global.akating.com/files/ExchangeRate.js?v=cac22025232-20240427

104.21.11.35

200 OK

11 kB

URL GET HTTP/2
global.akating.com/files/ExchangeRate.js?v=cac22025232-20240427
IP
104.21.11.35:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectakating.com
FingerprintA8:7E:17:08:6D:10:CF:53:D4:98:D4:CE:50:7C:4A:15:9B:62:1D:62
ValidityFri, 19 Apr 2024 10:57:59 GMT - Thu, 18 Jul 2024 10:57:58 GMT

File type
ASCII text, with very long lines (10593), with no line terminators
Size
11 kB (10593 bytes)
Hash
fc715516fb030cd6858f16981ad2650c
9dc67c87ac8e4933d978c9b11a57b61d0755c6a2
c17ded04681c173e9e34c83d8666542405c276bf078da5ec06adf12ac815bbe7

HTTP Headers

GET /files/ExchangeRate.js?v=cac22025232-20240427 HTTP/1.1
Host: global.akating.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: application/javascript
last-modified: Tue, 28 Nov 2023 20:40:27 GMT
etag: W/"f460c31e3b22da1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 6333
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I%2FXlNeWBZ6IRD42Sk1TLPPyQRw02MnSKDL8ymdjm30zXLqZoksfjZ3MZqrqAeQfSHYwjKJDnc64e2Pk1AgMd0duiGR2fZnw8Hy65dAeeJEydZdzW81W6rqz7bz3p4Kchvk1GQ7g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a23f1bb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.rosequake.com/js/jquery-ui-1.13.1.custom/jquery-ui.min.css?v=cac22025232-20240427

188.114.97.1

200 OK

17 kB

URL GET HTTP/3
www.rosequake.com/js/jquery-ui-1.13.1.custom/jquery-ui.min.css?v=cac22025232-20240427
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
ASCII text, with very long lines (15422)
Size
17 kB (16801 bytes)
Hash
b82ec717898908396b42e0c1a61913aa
fc446948bfed0cb2907aed714f9a4babf4a246aa
f6414e82ba7213ea861cdc0c5bff7b72a82a5e1fd484ee456dc6d4f8e4e0d795

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/jquery-ui-1.13.1.custom/jquery-ui.min.css?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw; _gcl_au=1.1.1780305057.1714164860
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:20 GMT
content-type: text/css
last-modified: Tue, 05 Apr 2022 13:25:12 GMT
etag: W/"0ec294f048d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2172
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2RmXjV5tSgNkzeqQYKy9k1PrEC3bIl17X7etpjq8XlTfkds3peFMl1L%2FA8ZfpPw0Xa5RenteQqpcZf%2F4c95oJOTe6MQckCU%2BYoL7vmF29A5D%2Bjyp8evEX3QO%2F8mOGt9TK9z1bA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a9fcb156c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/poppins/v21/pxiDyp8kv8JHgFVrJJLmg1hVF9eO.woff2

216.58.207.227

200 OK

8.5 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v21/pxiDyp8kv8JHgFVrJJLmg1hVF9eO.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 8504, version 1.0
Size
8.5 kB (8504 bytes)
Hash
88042d51a299f20ab0ddf917838fe403
a99a6d584385f86f84e893330f6ae158372b5d63
1ddb074f9963be8f6275c42dbd54d18625da8f91c85803121094ec81649f488b

HTTP Headers

GET /s/poppins/v21/pxiDyp8kv8JHgFVrJJLmg1hVF9eO.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rosequake.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8504
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 07:15:31 GMT
expires: Wed, 23 Apr 2025 07:15:31 GMT
cache-control: public, max-age=31536000
age: 308330
last-modified: Fri, 22 Mar 2024 00:00:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

img.staticdj.com/8a173242d6b06f7e37d207e9a52fabfe_100x.jpeg

104.19.235.103

200 OK

7.1 kB

URL GET HTTP/3
img.staticdj.com/8a173242d6b06f7e37d207e9a52fabfe_100x.jpeg
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
7.1 kB (7070 bytes)
Hash
843d4c52ee68e2a33c80d1f765aa9f8f
9dbdcdc3241892b89f0d2c9d15a3af3cd2cb818a
3aa500027d61aebc2c869077a3557c875fa2ce2d8b6e68d06bcfb40053fff457

HTTP Headers

GET /8a173242d6b06f7e37d207e9a52fabfe_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 7070
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="8a173242d6b06f7e37d207e9a52fabfe.webp"
expires: Wed, 06 Mar 2024 22:17:41 GMT
request-id: 5771b02e-9e4b-4d38-b5db-a5fa40cbd19b
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 5771b02e-9e4b-4d38-b5db-a5fa40cbd19b
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 21:17:41 GMT
cf-cache-status: HIT
age: 1072533
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y25dOqOc%2B9wBUkilbcQnQCmROxQaezK3F6CoeyayRAD0KhjhTuUzPI2a0ZsujK5WsZ2siKL%2FhjvBHGCzFXrEUq5j3Hyk65ZB9riTOVZ6QxfG0P9DBzozT85SZvRYcjAocR4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=27.000189
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b6be70b4f1-OSL
alt-svc: h3=":443"; ma=86400

img.staticdj.com/91d1821d40edccaf51b4152aaa2f9700_600x.jpeg

104.19.235.103

200 OK

26 kB

URL GET HTTP/2
img.staticdj.com/91d1821d40edccaf51b4152aaa2f9700_600x.jpeg
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
26 kB (25536 bytes)
Hash
5464987d601b9a7d98debf39e0541816
808c496a338e30f1511ab043c57242314f4d1c1c
9666dbf0e6e11fa8dca6eae8a3af9d0340328fdcd6d557332e03c2b0220ef62a

HTTP Headers

GET /91d1821d40edccaf51b4152aaa2f9700_600x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/webp
content-length: 25536
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="91d1821d40edccaf51b4152aaa2f9700.webp"
expires: Wed, 06 Mar 2024 20:01:53 GMT
request-id: 63a8eb1d-fcd0-4526-99ce-6b2ff54f5cad
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 63a8eb1d-fcd0-4526-99ce-6b2ff54f5cad
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 19:01:53 GMT
cf-cache-status: HIT
age: 1072531
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0E8LJW%2BTYWKuBb1hfT775%2Fb%2FYLPUsTpEAa9%2FfuE7uVHMoC5IBuohXXx11nv9PaEIgVTiWbD5orTb8OSTAaiMkTGzRgbA1wyO6XUpDwwlbly%2Fnfj0Py6DRYBljLw9mV1c2Ic%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=33.999920
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977a43860b4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

we.chatsoftly.com/im_client/js/udeskApi.js

172.67.194.34

200 OK

122 kB

URL GET HTTP/3
we.chatsoftly.com/im_client/js/udeskApi.js
IP
172.67.194.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerLet's Encrypt
Subjectchatsoftly.com
FingerprintB5:CE:E5:95:0F:6B:BB:E2:D4:E0:32:34:86:00:B8:EB:C8:3F:A6:E5
ValidityWed, 06 Mar 2024 04:41:15 GMT - Tue, 04 Jun 2024 04:41:14 GMT

File type

Size
122 kB (122466 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /im_client/js/udeskApi.js HTTP/1.1
Host: we.chatsoftly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:30 GMT
content-type: application/javascript
last-modified: Fri, 13 May 2022 16:02:26 GMT
etag: W/"095cfd6e266d81:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5631
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D5cWKqEErHcGvgrJlP4NhA0MfwXZ1GZPHmQl6xNF2rJCwr%2F0n4oMjsyS5S2WBEkDbBC6AS7L0fk7TlV2V3lfQ96pQZRjjscpRjq%2Fj1zV%2B%2Frns%2FgdFcDqFfYLLOmarZxt46gNuA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977e87be2b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

global.akating.com/files/css/countryFlag_s.css?v=cac22025232-20240427

104.21.11.35

200 OK

25 kB

URL GET HTTP/2
global.akating.com/files/css/countryFlag_s.css?v=cac22025232-20240427
IP
104.21.11.35:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectakating.com
FingerprintA8:7E:17:08:6D:10:CF:53:D4:98:D4:CE:50:7C:4A:15:9B:62:1D:62
ValidityFri, 19 Apr 2024 10:57:59 GMT - Thu, 18 Jul 2024 10:57:58 GMT

File type

Size
25 kB (25088 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /files/css/countryFlag_s.css?v=cac22025232-20240427 HTTP/1.1
Host: global.akating.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: text/css
last-modified: Sun, 03 Jul 2022 14:40:24 GMT
etag: W/"03c23d4ea8ed81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 6333
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hZDsv69GoQL2Uea8Rgr3Oue2ADlksaYCZfKYDcnmHFuEB79Zi0T5MtJc8EgGZYZceCc16vYyt5kAKQoU7zu62KcCNW2ywLkYbiJD3UJUe3TagSjm%2Bu0wzr7U7GGCH44bYl5M7Fc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a23f1eb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

global.akating.com/files/js/CBDCurrency.js?v=cac22025232-20240427

104.21.11.35

200 OK

44 kB

URL GET HTTP/2
global.akating.com/files/js/CBDCurrency.js?v=cac22025232-20240427
IP
104.21.11.35:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectakating.com
FingerprintA8:7E:17:08:6D:10:CF:53:D4:98:D4:CE:50:7C:4A:15:9B:62:1D:62
ValidityFri, 19 Apr 2024 10:57:59 GMT - Thu, 18 Jul 2024 10:57:58 GMT

File type

Size
44 kB (43494 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /files/js/CBDCurrency.js?v=cac22025232-20240427 HTTP/1.1
Host: global.akating.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: application/javascript
last-modified: Wed, 20 Dec 2023 13:12:33 GMT
etag: W/"4ecd3314633da1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 6333
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GN%2FyoQmU94Nyekfw5TPe7R30%2BBx%2BtSBraek5k01Q8iSIh0rPfdHBuvwP1O8I9cH9sDVEoY%2FYVnX3x5kIqGqiJEOoaYf4bj54BF7D8hBNxN%2B0JL0k3KKgpeM9s8DszoSXImTLq84%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a23f18b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v21/pxiDyp8kv8JHgFVrJJLmy15VF9eO.woff2

216.58.207.227

200 OK

8.6 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v21/pxiDyp8kv8JHgFVrJJLmy15VF9eO.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 8596, version 1.0
Size
8.6 kB (8596 bytes)
Hash
858549c2cb50c37c733cfa191fdb07ea
50900cbabf4ae9e1e174162f091404e343585c65
4b0864712c6e7ca75f8c003f7bc1a9270af33d6becd4119463771593274c48d2

HTTP Headers

GET /s/poppins/v21/pxiDyp8kv8JHgFVrJJLmy15VF9eO.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rosequake.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8596
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 Apr 2024 20:43:57 GMT
expires: Tue, 22 Apr 2025 20:43:57 GMT
cache-control: public, max-age=31536000
age: 346224
last-modified: Fri, 22 Mar 2024 00:00:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

nicesis.com/cdn/shop/files/preview_images/5c4e8ab37b8f49b5823ee2567a37a3e0.thumbnail.0000000000.jpg

0.0.0.0

0 B

URL GET
nicesis.com/cdn/shop/files/preview_images/5c4e8ab37b8f49b5823ee2567a37a3e0.thumbnail.0000000000.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://www.rosequake.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn/shop/files/preview_images/5c4e8ab37b8f49b5823ee2567a37a3e0.thumbnail.0000000000.jpg HTTP/1.1
Host: nicesis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

we.chatsoftly.com/im_client/css/ui/emotion.css

172.67.194.34

200 OK

8.1 kB

URL GET HTTP/3
we.chatsoftly.com/im_client/css/ui/emotion.css
IP
172.67.194.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerLet's Encrypt
Subjectchatsoftly.com
FingerprintB5:CE:E5:95:0F:6B:BB:E2:D4:E0:32:34:86:00:B8:EB:C8:3F:A6:E5
ValidityWed, 06 Mar 2024 04:41:15 GMT - Tue, 04 Jun 2024 04:41:14 GMT

File type
ASCII text, with very long lines (8088), with no line terminators
Size
8.1 kB (8088 bytes)
Hash
0601a7fa15320d262c32d050937ab498
3ae94833f07968a04db7bcd6cbc4b4ea337dbaac
fb81e6ff71af364456416500277a0179fef4e3ca52d5d4aa0e3db0675ee61725

HTTP Headers

GET /im_client/css/ui/emotion.css HTTP/1.1
Host: we.chatsoftly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:30 GMT
content-type: text/css
cf-bgj: minify
etag: W/"f655cfa28c5ed61:0"
last-modified: Mon, 20 Jul 2020 11:55:17 GMT
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5630
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bUSas5CghpHsa3qXSouPzsj0cMS253ZOSo3M95L9YeNWXJg7ketsI9JAsLY8pyv4I0q2xIxnQEB2v%2FtyuGR93fyp2HrUnoPb5G0te1HM4f3oBagfuYutglOWNrRqNX6QfxQURg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977ea8ed6b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cdn.shopify.com/videos/c/o/v/8deef709fc1e4f858ae6e3cd945ff6d3.mp4

23.227.60.200

206 Partial Content

37 MB

URL GET HTTP/2
cdn.shopify.com/videos/c/o/v/8deef709fc1e4f858ae6e3cd945ff6d3.mp4
IP
23.227.60.200:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerLet's Encrypt
Subjectcdn.shopify.com
Fingerprint34:CE:56:3A:83:8F:D8:06:E6:52:5C:6D:DE:D5:CD:92:EE:F0:79:DF
ValidityTue, 05 Mar 2024 12:27:42 GMT - Mon, 03 Jun 2024 12:27:41 GMT

File type

Size
37 MB (37328679 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /videos/c/o/v/8deef709fc1e4f858ae6e3cd945ff6d3.mp4 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
date: Fri, 26 Apr 2024 20:54:21 GMT
content-type: video/mp4
content-length: 37328679
access-control-allow-origin: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/videos/c/o/v/8deef709fc1e4f858ae6e3cd945ff6d3.mp4>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: 5a3f9918-08eb-4bc1-aa0c-fb9e2fa7337a-1709764376
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,gcp-us-east1
last-modified: Wed, 06 Mar 2024 22:32:57 GMT
cf-cache-status: HIT
age: 710354
content-range: bytes 0-37328678/37328679
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h8oKe%2F9eE%2F3aNV4A8SQpLsRJaLKQjZlbbSkIC5ar7bT21vq3GJKoj%2B9i8QDqA5E1gilKCiYcLCXlj1mbw%2FIhMhQD4C6ZMVEe5hQPnrM68O3yBOe38Wdh0Ag0N%2BPhHXylkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server-timing: imagery;dur=469.952, imageryFetch;dur=436.675, cfRequestDuration;dur=21.999836
server: cloudflare
cf-ray: 87a977aeea5556bb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.rosequake.com/ajax/user_view_history.aspx?r=0.970198171219156

188.114.97.1

200 OK

0 B

URL GET HTTP/3
www.rosequake.com/ajax/user_view_history.aspx?r=0.970198171219156
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ajax/user_view_history.aspx?r=0.970198171219156 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw; _gcl_au=1.1.1780305057.1714164860; _ga_B1QS3P765Z=GS1.1.1714164861.1.0.1714164861.0.0.0; _ga=GA1.1.379596347.1714164862; cf_clearance=kbCUiwrgr269rrXfQfhT2.QA72LxwNcT_RGTVyI8PZk-1714164861-1.0.1.1-IUuCBYJG.SHnX3ZpoOA4LNplNS2TjQnYKA2dG2IgHVKRUxUTJhzUEMKsgAEL8hgn7cK8R1I.BdEYxFrGMYLejA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: text/html
cache-control: private
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wVKuhhtsH8zQJ9gxdpxB2UvKX4STQP%2BqHSLqu6dGr2hRJKGS7NePnW0FPDPXxxn1AIq0PoFR49EvFXLvASeuBTb1E%2BOczQg19OlG62xXDjJNqiJtWRuIpnitSW0v%2BfH0%2FviKhA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977b39e7c56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.rosequake.com/static/lib/imagesloaded/imagesloaded.pkgd.min.js?v=cac22025232-20240427

188.114.97.1

200 OK

5.5 kB

URL GET HTTP/3
www.rosequake.com/static/lib/imagesloaded/imagesloaded.pkgd.min.js?v=cac22025232-20240427
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
JavaScript source, ASCII text, with very long lines (5584), with no line terminators
Size
5.5 kB (5485 bytes)
Hash
fc637ca4d985f346ff994151a22fe36d
563c972a25d1b3333b8773356df193a70322ee3c
f2609521a0ca9b5559d7574376bf1083e8259d20313b86f81548d888021fa382

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/lib/imagesloaded/imagesloaded.pkgd.min.js?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: application/javascript
last-modified: Thu, 19 Oct 2023 22:52:02 GMT
etag: W/"095b4dfde2da1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qrRSvSUdqhPmortYmmyHxdYzTZw0hAj%2BHqfgNI7RHzKfHa0OfPufpw60R7pc5I3TdlmH9HMXa%2FkaLAGc6KculL%2FH%2Frj6B0%2BraTiYcKGWxuataNM%2Fq9i5ldDKGUWHRVYfLL3hjA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a23c4c56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.rosequake.com/js/shop-section.js?v=cac22025232-20240427

188.114.97.1

200 OK

6.2 kB

URL GET HTTP/3
www.rosequake.com/js/shop-section.js?v=cac22025232-20240427
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
JavaScript source, ASCII text, with very long lines (6664), with no line terminators
Size
6.2 kB (6245 bytes)
Hash
30646f583611251216ba6744265c3b53
3ebf48e6c5d758c2848df18970f2a914cb01f624
7ed4c532b51119ff2c8dc8ffdd31036a1d300070bf16c9abca3816ba5a56157c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/shop-section.js?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: application/javascript
last-modified: Sun, 17 Dec 2023 19:47:57 GMT
etag: W/"8094beee2131da1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=638V%2FyuZf35dJx87%2FCpVmnSsn67DjZkEhxogZHfIVetEPIPktx1YkHDkyjNpTo8be0NLy%2FDVQS12PFOTZJSxaDaoBMgQHs3sxgCRsaAZ7j06RKRSC4nIGzbi62CG7kGaqX9fUw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a24c5a56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.rosequake.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js

188.114.97.1

200 OK

7.9 kB

URL GET HTTP/3
www.rosequake.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
JavaScript source, ASCII text, with very long lines (7897), with no line terminators
Size
7.9 kB (7897 bytes)
Hash
aa1e55b5d6a9c490a11a59e98ee31b21
430a6899278bd61fbc4130085f1015d5570f3325
ed4bd5e7c52e1753e9af40b9fa313cdac30ed6caf041c9f8c6c45a71b22d142b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw; _gcl_au=1.1.1780305057.1714164860
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:21 GMT
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
vary: accept-encoding
cache-control: max-age=14400, public
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9ELqaWZxFC6SSiMJOR4C0%2FM3K%2Bqxo3rw4DOutMoLHNbT7j0JDO6%2FWEqx5JkSSe1%2Fg73VX9jdptT0Zw2v1JO28faMrseJBFLLfe2SuAzqPy1y8HBGVsMlPUDg8yThwNDHrVzVvw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977b09bd956c4-OSL
alt-svc: h3=":443"; ma=86400

img.staticdj.com/8307b2cbbae637fbb0ec9875f97cd77a_100x.jpeg

104.19.235.103

200 OK

4.6 kB

URL GET HTTP/3
img.staticdj.com/8307b2cbbae637fbb0ec9875f97cd77a_100x.jpeg
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
4.6 kB (4614 bytes)
Hash
c1ad399fbe0d6deefaf527512761101d
17ef3e81913b00955285125c15703712a59f5f5f
fce729ffd412787adabd423740ebeeb7ed97bcc5139a84b3c8c569e296bd8748

HTTP Headers

GET /8307b2cbbae637fbb0ec9875f97cd77a_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 4614
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="8307b2cbbae637fbb0ec9875f97cd77a.webp"
expires: Wed, 06 Mar 2024 23:34:20 GMT
request-id: 651c5c8f-fab6-4b6f-9af9-ca535576ed27
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 651c5c8f-fab6-4b6f-9af9-ca535576ed27
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 22:34:20 GMT
cf-cache-status: HIT
age: 1328496
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f%2FKvoZq6fdj7dQPNbxKOmzrqp5UtT%2FIKxAFCpwe6b8r4RuXg2rRSYuNVsRw2CVVWomTS5tB%2FRgRbt4UWYEE3GrHlFBGw3BYGb6aM%2FZd5szaW32K55hpfV2uBvJlUFCE%2BRYw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=26.000023
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b64de4b4f1-OSL
alt-svc: h3=":443"; ma=86400

we.chatsoftly.com/agents/free.aspx?im_web_plugin_id=9&session_key=&callback=udesk_jsonp1

172.67.194.34

200 OK

36 B

URL GET HTTP/3
we.chatsoftly.com/agents/free.aspx?im_web_plugin_id=9&session_key=&callback=udesk_jsonp1
IP
172.67.194.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerLet's Encrypt
Subjectchatsoftly.com
FingerprintB5:CE:E5:95:0F:6B:BB:E2:D4:E0:32:34:86:00:B8:EB:C8:3F:A6:E5
ValidityWed, 06 Mar 2024 04:41:15 GMT - Tue, 04 Jun 2024 04:41:14 GMT

File type
ASCII text, with no line terminators
Size
36 B (36 bytes)
Hash
d374e3ed72f03844f3959862df57f07b
12cc12837b6d4c3a79e2bc67bb2e4c3c658d8ee0
c4be6cfb6dd452476fbd6379d0dc0e413170c8307742142f76038077d705f6f2

HTTP Headers

GET /agents/free.aspx?im_web_plugin_id=9&session_key=&callback=udesk_jsonp1 HTTP/1.1
Host: we.chatsoftly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:30 GMT
content-type: text/javascript; charset=utf-8
cache-control: private
vary: Accept-Encoding
set-cookie: ASP.NET_SessionId=opvieuxy3o00jp2ya3y10zm5; path=/; HttpOnly; SameSite=Lax
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yOC58Q0HF5wPLievh4vQy3ts32MkYIAS7Y0C0fis%2FlukBL%2FzOrs4nBoDK54Jq60adMOMz%2BF3WEH054Wi0peDvZ1qNfKU2NSwTNsmwo3qR08wn8jUaSC34%2FivhwXnIp22u0CRUg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977eaaef5b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.rosequake.com/images/banner/ForHer.jpg

188.114.97.1

200 OK

16 kB

URL GET HTTP/3
www.rosequake.com/images/banner/ForHer.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
JPEG image data, progressive, precision 8, 250x370, components 3
Size
16 kB (15810 bytes)
Hash
8781648f65a20f75389e7d4087a1f125
52fa3cd0a42e4817ca66784c6e221da3f812d862
fc7e4d8c9b6226b2c4036191a0e0b154903adfe269086ea2e958d303eb33768e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/banner/ForHer.jpg HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/jpeg
content-length: 15810
last-modified: Wed, 06 Dec 2023 18:14:06 GMT
etag: "8ce12807028da1:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5623
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BDCSIRBVoeLcPR6xrwAgh1KtACg47%2FisYjzoEJiLZnFDxyqUjfzlUquVua06ziboRmiNPYuz4C4DmSJ9jgyvGGuX02ON13pUWAqnTpQuyX2OhJ2nuWoHizuPzMDVP5CByiESIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977a31d5656c4-OSL
alt-svc: h3=":443"; ma=86400

img.staticdj.com/74fe3c239d3d8e2f1f3246717a5d9566_600x.gif

104.19.235.103

200 OK

40 kB

URL GET HTTP/2
img.staticdj.com/74fe3c239d3d8e2f1f3246717a5d9566_600x.gif
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
40 kB (39666 bytes)
Hash
a0fad190b47649578af4a67c5bf9a810
f524c161fea8f5097cfb57795303a9c290e5de3c
798cbb05bb969909c65178eaed836dcaca0f8edb5a4d60643c0c42c985a93658

HTTP Headers

GET /74fe3c239d3d8e2f1f3246717a5d9566_600x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/webp
content-length: 39666
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=297688
content-disposition: inline; filename="74fe3c239d3d8e2f1f3246717a5d9566_600x.webp"
request-id: cd09b5bc-e973-4cfa-b9ab-ed1600dd3a1e
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Wed, 20 Mar 2024 16:31:02 GMT
cf-cache-status: HIT
age: 2724901
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z00o9yslBNc%2Fh9IrVZC6ozBSVZNvgDeKPBAdacpwCQoMSH1h6Y3mR0na2iW%2BB4VkWNkgxz2%2BMjrjkBNwOIqh4j4HVkpVIQBAVpC2AfMbcvXF2X1mpcxMa2V4d0xiesfNusc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=23.999929
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977a4589db4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img.staticdj.com/e4a8e7b7a3e1b362faf130557c5868ae_600x.gif

104.19.235.103

200 OK

67 kB

URL GET HTTP/2
img.staticdj.com/e4a8e7b7a3e1b362faf130557c5868ae_600x.gif
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
67 kB (66984 bytes)
Hash
822d70389c3ea912ba3af9d94bac9937
f4a52f67da2b210b2073b06617e230807180999f
62afefba3b77626681c2b25e87cd7411bb661fec04aa8a4d91e024954b278607

HTTP Headers

GET /e4a8e7b7a3e1b362faf130557c5868ae_600x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/webp
content-length: 66984
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=166102
content-disposition: inline; filename="e4a8e7b7a3e1b362faf130557c5868ae_600x.webp"
request-id: dbebcfda-d5f7-4745-80aa-5b968df514c7
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Thu, 11 Apr 2024 23:14:08 GMT
cf-cache-status: HIT
age: 1072532
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FfYUTShhhPqmAIFOjhECvKLN6EZy4TFh2rexst2QDHYuspVUXjWUpWmfQL0BdhgvW%2F08GOpk%2FFs49Vsv6pNTmU9%2Fq6YvTbXAI0%2FRadlo%2BrVqmllnqlHfUYwnL3mCSyTKtpM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=27.999878
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977a43862b4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

global.akating.com/files/js/chosen_v1.8.7/chosen.css?v=cac22025232-20240427

104.21.11.35

200 OK

12 kB

URL GET HTTP/2
global.akating.com/files/js/chosen_v1.8.7/chosen.css?v=cac22025232-20240427
IP
104.21.11.35:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectakating.com
FingerprintA8:7E:17:08:6D:10:CF:53:D4:98:D4:CE:50:7C:4A:15:9B:62:1D:62
ValidityFri, 19 Apr 2024 10:57:59 GMT - Thu, 18 Jul 2024 10:57:58 GMT

File type
ASCII text
Size
12 kB (12210 bytes)
Hash
f9e4f602d90605d2dae0d32979c69029
d8c7700cbf92f6100c9aa5de69ac6d4390802ee7
89945fcb95372714ec719cfed9a0ad20f35bc6f0d1d471662dba38c6f46b0f75

HTTP Headers

GET /files/js/chosen_v1.8.7/chosen.css?v=cac22025232-20240427 HTTP/1.1
Host: global.akating.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: text/css
last-modified: Sat, 25 Jun 2022 10:07:28 GMT
etag: W/"0f0f95f7b88d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 6333
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MjlVNYeepLDwUEDqn%2F5icHox%2BlTL%2BAv7KFpkM5PgbEzD7X40WubcOuFZpiaUE96xfpkqcNJOL9XHfvQNmUMZjKTTcJaEwWllkBiD5%2FDWruxEPA%2BlhdfNHT1bLVykAXLdvDtct%2Fw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a23f14b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img.staticdj.com/a490a4aae32ab920c55ea29a95a3c93e_600x.jpg

104.19.235.103

200 OK

22 kB

URL GET HTTP/2
img.staticdj.com/a490a4aae32ab920c55ea29a95a3c93e_600x.jpg
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
22 kB (21920 bytes)
Hash
85e43fa9eed31501d449149402e27c77
234edf7948507cdf44b09508900b289781e5f109
c94b828ebc167235cc6e2aa554f43970534139f2792a8cbb0b862ab435589b55

HTTP Headers

GET /a490a4aae32ab920c55ea29a95a3c93e_600x.jpg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/webp
content-length: 21920
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="a490a4aae32ab920c55ea29a95a3c93e.webp"
expires: Wed, 06 Mar 2024 21:09:36 GMT
request-id: daa19743-3de5-4531-ae5d-1c08cfcf6880
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: daa19743-3de5-4531-ae5d-1c08cfcf6880
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 20:09:36 GMT
cf-cache-status: HIT
age: 1328495
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fuPMkA4q118GhYS0aPFl539Wxhr7jumatC53llp%2BdtpmraorG4ujfUwObvvgQgFdxcqh17P4fzU%2FLpWjV2%2BqL1L4%2FqrkCuSzfV6ecKvFU1z%2FyzDe2pSZ0ichl19gAdP6ZhQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=23.999929
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977a4589eb4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.rosequake.com/images/banner/Lubes.jpg

188.114.97.1

200 OK

26 kB

URL GET HTTP/3
www.rosequake.com/images/banner/Lubes.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=370, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=250], progressive, precision 8, 250x370, components 3
Size
26 kB (26501 bytes)
Hash
a9b60d0957a594aef6c5308ee1a7e7a3
7e8cf1b57078bd4a4ea67f9d6c9d6e6e71eab8c7
27850d7149f91cb4d4ddc03826a99af23ad2d111023d3cf6627f4c652a035d63

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/banner/Lubes.jpg HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/jpeg
content-length: 26501
last-modified: Wed, 06 Dec 2023 18:28:52 GMT
etag: "22fd64107228da1:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5623
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VxV3Q%2BIugWUWA5fLPGktTImJgM2mCGaECgXkKg55EG06H5AouX0p1x9jGdKbHZTq1zUqr8eoS23oVEcqYO1TwclcRxWxUuJcophTsnqiGufo91AoCd4wuhBzdJVoea%2By7Niqtw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977a31d5956c4-OSL
alt-svc: h3=":443"; ma=86400

www.rosequake.com/static/extra.css?v=cac22025232-20240427

188.114.97.1

200 OK

650 B

URL GET HTTP/3
www.rosequake.com/static/extra.css?v=cac22025232-20240427
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
ASCII text, with very long lines (650), with no line terminators
Size
650 B (650 bytes)
Hash
c99be612fbce82182d83923efc718b6a
6ad887b258ec267c4bb6ce6e73b496cd825b37a6
437a0cfa54d982b2fe6090623a98b8084d4591565cf0104767e7ca42f35f3628

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/extra.css?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: text/css
last-modified: Sat, 29 Jul 2023 10:11:15 GMT
etag: W/"e2944125c2d91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r1pfFHaqCKiXDQ8eVtDJMRXxCzpJOsA6z%2FhsJ6X5s3UKrxACnrNMQm8NDp1POUe3IHUsrcLhI6imuLdehUxuM0Hs%2FNMPApES8%2FYYrOquZCdkoJbVm1ueLNIM5Svq1BQUoyfzPw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a21c1e56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

img.fantaskycdn.com/827b999bb490bb551615f723ad42c609.png

104.18.21.211

200 OK

48 kB

URL GET HTTP/2
img.fantaskycdn.com/827b999bb490bb551615f723ad42c609.png
IP
104.18.21.211:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfantaskycdn.com
Fingerprint72:FB:90:36:3F:60:4D:C3:71:A5:77:4E:63:A8:50:5B:B3:2D:0C:6E
ValidityThu, 25 Apr 2024 11:02:19 GMT - Wed, 24 Jul 2024 11:02:18 GMT

File type
RIFF (little-endian) data, Web/P image
Size
48 kB (48354 bytes)
Hash
a77a437fff004d66111aa4e5d3ec78bf
6c78397103079d3cc58c5097b6a3ad1cb349f9e1
22d17248e9743be6da4f957f531503df1a875eb8091019718bcfd773099a8876

HTTP Headers

GET /827b999bb490bb551615f723ad42c609.png HTTP/1.1
Host: img.fantaskycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 48354
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=86396
content-disposition: inline; filename="827b999bb490bb551615f723ad42c609.webp"
request-id: 07a7dbd1-0805-4995-beed-13db4da529c0
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Apr 2024 22:54:57 GMT
cf-cache-status: HIT
age: 1328495
expires: Sun, 27 Apr 2025 02:54:22 GMT
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b3bd680b61-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img.staticdj.com/6e6e2cd33f91cf02e5e31579ecca8e84_600x.gif

104.19.235.103

200 OK

217 kB

URL GET HTTP/2
img.staticdj.com/6e6e2cd33f91cf02e5e31579ecca8e84_600x.gif
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
217 kB (217352 bytes)
Hash
12a0fd6e22a6e645491de99b467e12ba
14d46744882505a0f1e34bb6ec43281047609a11
f9594be2d42e92119f19ac737af442128044f03590681f65766d3e273c64a0d2

HTTP Headers

GET /6e6e2cd33f91cf02e5e31579ecca8e84_600x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/webp
content-length: 217352
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=796798
content-disposition: inline; filename="6e6e2cd33f91cf02e5e31579ecca8e84_600x.webp"
request-id: 57547f9d-379f-4cf0-a60f-fcea3e13d12b
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Apr 2024 19:29:52 GMT
cf-cache-status: HIT
age: 1328494
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B0J%2BQ%2B5iFvRXZy9uH9ZYKLEcKb5CI1tf%2F%2B1vfc%2Bvo6begOVOXSTqyLH5Z5KISI8fMqGu%2F8%2FXSesXHomRawMcm5PFsPJVWrNogUqC5WAbQca9vIwqSE6HiZ0vIO8r1ThtBCY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=30.999899
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977a43865b4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img.staticdj.com/9d9dbd8ea6715a73d4d5cb2ce1725091_100x.jpeg

104.19.235.103

200 OK

1.2 kB

URL GET HTTP/3
img.staticdj.com/9d9dbd8ea6715a73d4d5cb2ce1725091_100x.jpeg
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
1.2 kB (1168 bytes)
Hash
1d17aa8bb93899e1ff114b3e6d7cb4f4
03fd77ee47933914aba1bc1372cb4df2f3302e9d
923d4264aa50ec355e4e7588c8c2b433e83cd800ea6fb7a45187572e7203196a

HTTP Headers

GET /9d9dbd8ea6715a73d4d5cb2ce1725091_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 1168
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="9d9dbd8ea6715a73d4d5cb2ce1725091.webp"
expires: Sat, 23 Mar 2024 09:48:21 GMT
request-id: 0fcdb0ae-b792-4518-b0ff-0be574989c20
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 0fcdb0ae-b792-4518-b0ff-0be574989c20
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Mar 2024 08:48:21 GMT
cf-cache-status: HIT
age: 735520
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mXiUkEo51zSIxoiUSitOHyxycCuXxpSB9Arr86Qjw3507T%2FPqIM6BXiYkUY70jrGxeUEwBC7s%2BxKBghIAVUULgInh73eyiLJfbCrbOHScry5cnzga2oUcq22nK0D6yNvlcU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=18.000126
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b66e14b4f1-OSL
alt-svc: h3=":443"; ma=86400

img.staticdj.com/cd50df597465f45ec895e23f7d2da4ac_600x.jpeg

104.19.235.103

200 OK

18 kB

URL GET HTTP/2
img.staticdj.com/cd50df597465f45ec895e23f7d2da4ac_600x.jpeg
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
18 kB (17734 bytes)
Hash
8ac0ba31169a084bebe857941ee19afa
39ed0296f1d595016860a14085a13a5e9c59565a
5cb1ecc53dca7ff47f6b1e054efb5725efb302b4542317e1d2136a978da0ce46

HTTP Headers

GET /cd50df597465f45ec895e23f7d2da4ac_600x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/webp
content-length: 17734
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="cd50df597465f45ec895e23f7d2da4ac.webp"
expires: Wed, 17 Apr 2024 21:36:32 GMT
request-id: c14b7537-eb26-4dfd-b32c-1784a96682a1
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: c14b7537-eb26-4dfd-b32c-1784a96682a1
x-xss-protection: 1; mode=block
last-modified: Wed, 17 Apr 2024 20:36:32 GMT
cf-cache-status: HIT
age: 52393
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=glGqUTCVbMg6k5DMBxiiWRCevUE8vsQuX%2B8zlrtKwGtCMAswqpf%2Fjlrs9DcVWpscfNQm6mYQ9vd%2BD6wb1qP13xnuxjpG%2B8DPXOcEidZoyay5wW5bBxQWZ2AucrhMBk7W4WA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=24.999857
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977a44866b4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.rosequake.com/css/country-flag.css?v=cac22025232-20240427

188.114.97.1

200 OK

29 kB

URL GET HTTP/3
www.rosequake.com/css/country-flag.css?v=cac22025232-20240427
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type

Size
29 kB (28734 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/country-flag.css?v=cac22025232-20240427 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: text/css
last-modified: Fri, 04 Aug 2023 21:08:05 GMT
etag: W/"80e8c4c217c7d91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dbJ6zfx%2B%2BDzQHN1Ib2trfohvTZ5ioUvPtpet1gbN%2BDRE%2B9B1MMb5H7ctG6%2BStbsP6HqHPOFwofkpi09c9yT5R%2FAjj7zrOtXDQ56Y6XGFoEy9ZPoXbryu5qsXtKBfFCFhmoh8kQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a1bba656c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

img.staticdj.com/99cd1036993157257e24ef187691b54b_600x.gif

104.19.235.103

200 OK

134 kB

URL GET HTTP/2
img.staticdj.com/99cd1036993157257e24ef187691b54b_600x.gif
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
134 kB (134222 bytes)
Hash
2010a39646af76e3c478afa4e84d6aec
8f3628babd03ad9efa20a3f63945a26e37f4ac32
cca8f7d3fe8b4431ff1603a7e306f128d9c0d82b8a066b65a6f0cb3d14d6b010

HTTP Headers

GET /99cd1036993157257e24ef187691b54b_600x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/webp
content-length: 134222
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=333710
content-disposition: inline; filename="99cd1036993157257e24ef187691b54b_600x.webp"
request-id: da2ed250-afa9-4a7e-8047-2f35a3fd843a
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 22:36:30 GMT
cf-cache-status: HIT
age: 710353
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J3LSRcX3tLMvV%2Fe2enlV5V4q22nP0ydluuXF%2FoYMWXLwrCnNMdZT67Un6he4rvyXrMrO%2BZcp8pD2RqgnnU1o1HdjAkA67SsKVOjthoHO5NLLla5QkGuJdsSvtjaltMThRR4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=35.999775
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977a45885b4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

global.akating.com/files/css/CBDCurrency.css?v=cac22025232-20240427

104.21.11.35

200 OK

12 kB

URL GET HTTP/2
global.akating.com/files/css/CBDCurrency.css?v=cac22025232-20240427
IP
104.21.11.35:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectakating.com
FingerprintA8:7E:17:08:6D:10:CF:53:D4:98:D4:CE:50:7C:4A:15:9B:62:1D:62
ValidityFri, 19 Apr 2024 10:57:59 GMT - Thu, 18 Jul 2024 10:57:58 GMT

File type

Size
12 kB (11892 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /files/css/CBDCurrency.css?v=cac22025232-20240427 HTTP/1.1
Host: global.akating.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: text/css
last-modified: Sat, 23 Sep 2023 14:39:28 GMT
etag: W/"09068c12beed91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 6333
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z6ls9wFS%2FSS0CMJ%2FAxx7OwcMVGcQXVKSaPx5CvGkBzktmN0T6Z3gEZ52vcOy5QcBcz2RHH1IMz%2B%2F6aHn7kbHmQavq6QFTqs3X%2FCcYTweOWD8UtgqMFQiF3%2FnwAg%2Bcs9tGEmk5j8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977a22f11b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img.staticdj.com/45e7cca5d661d046ffdadf61719de7f1_600x.png

104.19.235.103

200 OK

91 kB

URL GET HTTP/2
img.staticdj.com/45e7cca5d661d046ffdadf61719de7f1_600x.png
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
91 kB (91204 bytes)
Hash
89d1a07d57b4a15346840cf07fb457d7
a7680bbb10f0fde0102d4a2c68c7eb8b5cfc96aa
75d2b3f1d1e690e7ce0b1b7af3d361737522a2343a8fb56f72561d996ca98621

HTTP Headers

GET /45e7cca5d661d046ffdadf61719de7f1_600x.png HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/webp
content-length: 91204
cache-control: public, max-age=31557600, max-age=3600, public
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=186954
content-disposition: inline; filename="45e7cca5d661d046ffdadf61719de7f1_600x.webp"
expires: Tue, 19 Mar 2024 16:00:20 GMT
request-id: 119ae4dc-511e-4420-b9a8-9ff669b3032d
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 119ae4dc-511e-4420-b9a8-9ff669b3032d
x-xss-protection: 1; mode=block
last-modified: Tue, 19 Mar 2024 15:00:20 GMT
cf-cache-status: HIT
age: 2724900
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EkRnzaqtMELCdQvad29%2By41BVqBhgC87Pswy2Us7iZhHNLd7EGonBILboNW%2BF1i%2BLHwZbYYMax4R%2Bckgg8%2FFAAttWQEYA1ItNmS9YwUBywxs8i2Aj%2FSK4JHVXG6gdpYRP%2FU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=35.000086
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977a43864b4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img.fantaskycdn.com/320c89a9b737fb5846663b47a6adb4e4_600x.png

104.18.21.211

200 OK

230 kB

URL GET HTTP/2
img.fantaskycdn.com/320c89a9b737fb5846663b47a6adb4e4_600x.png
IP
104.18.21.211:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfantaskycdn.com
Fingerprint72:FB:90:36:3F:60:4D:C3:71:A5:77:4E:63:A8:50:5B:B3:2D:0C:6E
ValidityThu, 25 Apr 2024 11:02:19 GMT - Wed, 24 Jul 2024 11:02:18 GMT

File type
RIFF (little-endian) data, Web/P image
Size
230 kB (229610 bytes)
Hash
82d3cd9af783dc2a08b87f5069922b8b
9b3c3cefc8677a2254ac01e1751256888ec15275
dce44ec6dd6e2783bcf642d98f0c07d23c4f5ce7ef4a31de1f7216e90625e4b1

HTTP Headers

GET /320c89a9b737fb5846663b47a6adb4e4_600x.png HTTP/1.1
Host: img.fantaskycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 229610
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=537694
content-disposition: inline; filename="320c89a9b737fb5846663b47a6adb4e4_600x.webp"
expires: Sun, 27 Apr 2025 02:54:22 GMT
request-id: 3d381144-fe18-4443-8312-1e27d1060c06
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 3d381144-fe18-4443-8312-1e27d1060c06
x-xss-protection: 1; mode=block
last-modified: Thu, 18 Apr 2024 11:54:05 GMT
cf-cache-status: HIT
age: 710348
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b3ed930b61-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.rosequake.com/

188.114.97.1

200 OK

516 kB

URL User Request GET HTTP/3
www.rosequake.com/
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type

Size
516 kB (515609 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:18 GMT
content-type: text/html; charset=utf-8
cache-control: private
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xOv760CZeef75XFSkfH6UO0ovvrbVQqq1NIm3CPswAUMKOKG7UClXOZIu195X%2BdGoWzVSu2dQp%2F3cpevITWsCaQa7eczLPiqD56nULN113bdm3b3mbfddLeZk7LMl5m4mbJrDw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a9779c6dc856c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

img.staticdj.com/7d4637f42da9f26b0e94393645ca4f3a_100x.jpeg

104.19.235.103

200 OK

2.8 kB

URL GET HTTP/3
img.staticdj.com/7d4637f42da9f26b0e94393645ca4f3a_100x.jpeg
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
2.8 kB (2780 bytes)
Hash
b8f3269a332fede9bb5f20b820297bb3
dce9378a49941c0a3406c312123779c87ee44f3d
7b90577cb4fa5037984994ace576984e96e26871816cb1663eae7a771923adbf

HTTP Headers

GET /7d4637f42da9f26b0e94393645ca4f3a_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:22 GMT
content-type: image/webp
content-length: 2780
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="7d4637f42da9f26b0e94393645ca4f3a.webp"
expires: Thu, 04 Apr 2024 20:19:31 GMT
request-id: acce577c-3680-4691-8d5f-34af43b5db59
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: acce577c-3680-4691-8d5f-34af43b5db59
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Apr 2024 19:19:31 GMT
cf-cache-status: HIT
age: 1072533
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wDH53mOnvXAjVNRGPbatCdX3grwqq1rz6eYoz5xN09LIaaEQ3BzxgaFKK6jVTrGmnnH2%2Fhcm7TWn8LfQYaf42M4ee%2FBcZQYjsO3hw9LU0H92V48YyTVYZt4YVg3bvO9sAeI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=21.000147
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977b66e17b4f1-OSL
alt-svc: h3=":443"; ma=86400

we.chatsoftly.com//agents/images/cbdshop/agent_online.png

172.67.194.34

200 OK

4.8 kB

URL GET HTTP/3
we.chatsoftly.com//agents/images/cbdshop/agent_online.png
IP
172.67.194.34:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerLet's Encrypt
Subjectchatsoftly.com
FingerprintB5:CE:E5:95:0F:6B:BB:E2:D4:E0:32:34:86:00:B8:EB:C8:3F:A6:E5
ValidityWed, 06 Mar 2024 04:41:15 GMT - Tue, 04 Jun 2024 04:41:14 GMT

File type
PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced
Size
4.8 kB (4789 bytes)
Hash
1bd1eae9e6e5cee493eb21aeddc18013
e9434fb85ae9d37d6b329fc0b642283d5a7c71c9
98e7b202b3afba0dd5a8363af68bac53edfe327ba1de2142790fbdf7df09cae0

HTTP Headers

GET //agents/images/cbdshop/agent_online.png HTTP/1.1
Host: we.chatsoftly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:30 GMT
content-type: image/png
content-length: 4789
last-modified: Wed, 14 Apr 2021 15:08:32 GMT
etag: "9c29d084031d71:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2178
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0cLiLAupgqqPWE7JnDRx%2BWoqzTZ8pRsqTindRlwZR8GkH5V82OghZHw0QHCV2iZqwo99lZ3N71HbkUp0ZHQa7kAIcs4efps9X%2Bih5kYQB%2Bh%2FaY1Qkuww8NrCKj1iZFAgmKuYDA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a977eb7ff6b523-OSL
alt-svc: h3=":443"; ma=86400

nicesis.com/cdn/shop/files/preview_images/5c4e8ab37b8f49b5823ee2567a37a3e0.thumbnail.0000000000.jpg

0.0.0.0

0 B

URL GET
nicesis.com/cdn/shop/files/preview_images/5c4e8ab37b8f49b5823ee2567a37a3e0.thumbnail.0000000000.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://www.rosequake.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn/shop/files/preview_images/5c4e8ab37b8f49b5823ee2567a37a3e0.thumbnail.0000000000.jpg HTTP/1.1
Host: nicesis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

www.rosequake.com/apis/ImConnectInfo.aspx?guid=

188.114.97.1

200 OK

931 B

URL GET HTTP/3
www.rosequake.com/apis/ImConnectInfo.aspx?guid=
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectrosequake.com
Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B
ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT

File type
ASCII text, with very long lines (1081), with no line terminators
Size
931 B (931 bytes)
Hash
801c6d92197312aeff0948c2f04b0386
6306875eb1f843ee163a7213737775a7c6b33729
a3c65164155019a10b8fed46bf1f5107a464e01b788f99c38592f8c640a15923

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /apis/ImConnectInfo.aspx?guid= HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: ASP.NET_SessionId=1veso10um0lwqni2o00ff3pw; _gcl_au=1.1.1780305057.1714164860; _ga_B1QS3P765Z=GS1.1.1714164861.1.0.1714164861.0.0.0; _ga=GA1.1.379596347.1714164862; cf_clearance=kbCUiwrgr269rrXfQfhT2.QA72LxwNcT_RGTVyI8PZk-1714164861-1.0.1.1-IUuCBYJG.SHnX3ZpoOA4LNplNS2TjQnYKA2dG2IgHVKRUxUTJhzUEMKsgAEL8hgn7cK8R1I.BdEYxFrGMYLejA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:54:25 GMT
content-type: application/json; charset=utf-8
cache-control: private
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BLrcfvZ0sLjWmZjxPLr7V9SlgUvxVRjQqRBd0ah5TFCXpl1jkSmNXJMsK3tzvAn7x7UN0sMAAE2hgGsu4BdZqNm1HHGPXUAR4MR8AN73hPMeoyoV%2FAJieIA%2B6zWlpQXQQejJIg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a977c6ea3a56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

img.staticdj.com/bb3de54fb37fda938bcc812e9deb7652_600x.jpeg

104.19.235.103

200 OK

34 kB

URL GET HTTP/2
img.staticdj.com/bb3de54fb37fda938bcc812e9deb7652_600x.jpeg
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
34 kB (34478 bytes)
Hash
374cde4a27f801ecf7e81024b92831a9
281794ccf7e3a8a7ca17005db32c1bd8cd432a16
e8201fabdd7291a3e2ae665bbca7ed0f68c1d631f5c9d9767b8a969f616bcc5b

HTTP Headers

GET /bb3de54fb37fda938bcc812e9deb7652_600x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/webp
content-length: 34478
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="bb3de54fb37fda938bcc812e9deb7652.webp"
expires: Wed, 06 Mar 2024 23:38:43 GMT
request-id: b68a624f-b866-4bad-8b0e-b37a05413959
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: b68a624f-b866-4bad-8b0e-b37a05413959
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 22:38:43 GMT
cf-cache-status: HIT
age: 735518
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BxUuOUFJcpA2d0CfbJdmpdRdXAC9I8ZId5V3ibqSes4m8OI6E1lag33sUkZvnPmSSFgvlEHvom%2FNEn0SVla5K3Prz4iPUr1Q6g9KhHvoKyCQTzo%2FoHv%2FKH%2BO0sVpbkfwnSU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=35.000086
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977a4385fb4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img.staticdj.com/a5313bbad0070d448d3e578dc6b0d156_600x.jpeg

104.19.235.103

200 OK

31 kB

URL GET HTTP/2
img.staticdj.com/a5313bbad0070d448d3e578dc6b0d156_600x.jpeg
IP
104.19.235.103:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.rosequake.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08
ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
31 kB (31200 bytes)
Hash
9d77ef9cfe6a98a61310d134ede0a24f
562cd04b240d6670be9c2a7f3b7ad67384940a08
2ae4bb88c98b7f9d1249775a98d79b5fce7bf2d4addf09297d73363187a04cb6

HTTP Headers

GET /a5313bbad0070d448d3e578dc6b0d156_600x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:54:19 GMT
content-type: image/webp
content-length: 31200
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="a5313bbad0070d448d3e578dc6b0d156.webp"
expires: Thu, 18 Apr 2024 09:33:48 GMT
request-id: 4c33e91b-5a4c-40db-b7d3-1cc6b32b504e
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 4c33e91b-5a4c-40db-b7d3-1cc6b32b504e
x-xss-protection: 1; mode=block
last-modified: Thu, 18 Apr 2024 08:33:48 GMT
cf-cache-status: HIT
age: 735517
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pC5AF0IoZt24QkHMJQ6hbs0BNqEVBjgooR%2B31ILkJ%2FK90ZrBlxm2%2Bvla%2Fox8Yd2JKL4zkkUDn8mINEYZK0T8E25r2ukhBzVtYfX%2F%2FtwCzuE%2BrxxReZFC62tter8PAgb8LWE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=20.999908
access-control-allow-origin: *
server: cloudflare
cf-ray: 87a977a458a3b4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (35)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML