| www.rosequake.com/images/RoseQuake.png | 188.114.97.1 | 200 OK | 114 kB |
URL GET HTTP/3www.rosequake.com/images/RoseQuake.png IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typePNG image data, 540 x 410, 8-bit/color RGBA, non-interlaced Size114 kB (113985 bytes) Hashb997cd9eaa87e5814d06814c9b8dff7a 20769ae44e304fde943d84b3cbc8c6137630a6ec 75a534c6e3aacab57d49bc39fe6abc0f96b6e71461da7c9337e7d9b49967d916
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/RoseQuake.png HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: image/png
content-length: 113985
last-modified: Sat, 07 Oct 2023 23:46:41 GMT
etag: "b2b35f8578f9d91:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 6108
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MZoH7RBTrS1Qbp8oee1c5qcfF9L0lBx2vJ1MS46NW3Vknw4%2FXicfp0ctAUEfsIhHjK6Txyc6yHNtqMu3uv9emA9x%2FUQc6VYK1jFNk8EUxGBHSq8GQW1itS3Rv7tpSJxOyuubhA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8797d8060c2156a8-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/images/banner/ForHim.jpg | 188.114.97.1 | 200 OK | 16 kB |
URL GET HTTP/3www.rosequake.com/images/banner/ForHim.jpg IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeJPEG image data, progressive, precision 8, 250x370, components 3 Hash0bcb0688e586ccd6e854a96e1a6d3735 fab6cdd1c8a300cca54be5949e81be0f7a8d1240 ec731030ef100326fa916f2d77806ff11285cd9568ae227c160b207709ff5f4e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/banner/ForHim.jpg HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: image/jpeg
content-length: 16225
last-modified: Wed, 06 Dec 2023 18:13:34 GMT
etag: "b6d238ed6f28da1:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 6108
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0k07AKwNxcwVVwqw%2BdE5fGztiDzGwZ4baCJw7ErEvWNE6vTz3FyuOYOjiDkcPVrr%2FIWETIZ0v791V%2FJutPb9aOnOEq7sStPqKcht%2FDbRZV%2FFGG%2BIPlzDx2rwVx6udUiEylkwLA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8797d8060c2356a8-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/images/banner/ForHer.jpg | 188.114.97.1 | 200 OK | 16 kB |
URL GET HTTP/3www.rosequake.com/images/banner/ForHer.jpg IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeJPEG image data, progressive, precision 8, 250x370, components 3 Hash8781648f65a20f75389e7d4087a1f125 52fa3cd0a42e4817ca66784c6e221da3f812d862 fc7e4d8c9b6226b2c4036191a0e0b154903adfe269086ea2e958d303eb33768e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/banner/ForHer.jpg HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: image/jpeg
content-length: 15810
last-modified: Wed, 06 Dec 2023 18:14:06 GMT
etag: "8ce12807028da1:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 6108
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pkiEPkLwCZ1jXR6QfckhAz8w7aFNg0M3ytfKwK4B5XYXJdBQp02ThTOWDASU1LKuPhYSHj5pUfHIcp%2FlN2lJr%2F5%2F%2Bn0H%2FeI1fQGhxv5RdEzmARcSxVdXZuWQtAogPNLKPYDfTw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8797d8060c2456a8-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/images/banner/Couple.jpg | 188.114.97.1 | 200 OK | 16 kB |
URL GET HTTP/3www.rosequake.com/images/banner/Couple.jpg IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeJPEG image data, progressive, precision 8, 250x370, components 3 Hashec033fa43120a42803c965454f25ddea 6d4779f8b929123af1a8984271093b3c3e43a091 f4de491f8f691d2554bbbfb1aa7fd479aa50fdcb133486889cfe4776f57e54df
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/banner/Couple.jpg HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: image/jpeg
content-length: 16499
last-modified: Wed, 06 Dec 2023 18:14:19 GMT
etag: "6e7f1387028da1:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 6108
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dieiRZA0LBWDlE0cYki0xsORs0ROAwoEyZ2I%2BXku76eR8Qe3oggce%2BbIwBqDYxhdSRQPWM8qGIZQa8gVJLNkl8QrlOK42os%2BDmVuJPBZQ3cszTPpgy26AiSl2UjO0VTqtLMZAw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8797d8060c2556a8-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/images/banner/Lubes.jpg | 188.114.97.1 | 200 OK | 26 kB |
URL GET HTTP/3www.rosequake.com/images/banner/Lubes.jpg IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=370, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=250], progressive, precision 8, 250x370, components 3 Hasha9b60d0957a594aef6c5308ee1a7e7a3 7e8cf1b57078bd4a4ea67f9d6c9d6e6e71eab8c7 27850d7149f91cb4d4ddc03826a99af23ad2d111023d3cf6627f4c652a035d63
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/banner/Lubes.jpg HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: image/jpeg
content-length: 26501
last-modified: Wed, 06 Dec 2023 18:28:52 GMT
etag: "22fd64107228da1:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 6107
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mJiDZoRbimPBfEsSbetBTOtkE4%2B10RqO3laAUxriq%2By1i%2B4Fcc7bUcnTCiaajplbeu3uwyz%2B%2Bf1kGyM7j0mCI1isU4kWw2pPBfOgS1%2B6Bll6uKuofr4O%2F2Tr3rvuqEE%2BlK3c3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8797d8060c2656a8-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/Images/blank.gif | 188.114.97.1 | 200 OK | 123 B |
URL GET HTTP/3www.rosequake.com/Images/blank.gif IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeGIF image data, version 89a, 75 x 75 Hashaeaad81449b30b1cfa2844c54ef496ee 2d735dd13b9faa084b4ac2778e7f0959e664dca3 52d0dbe6ba1d11ebc403a5ee2d98b707b61f48516ee2c2cf6187ace9191ae1a8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Images/blank.gif HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: image/gif
content-length: 123
last-modified: Wed, 13 May 2015 02:06:04 GMT
etag: "d162215e218dd01:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2106
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pyepZY4dO8%2B18hoUrKv4DHPlrnzRTcOwb7wSHYAsou6lUdNRvMUuHLNK9kA20RkIcE0u4QgKaRthjgNIjs0VttnBWcYkIHRvToWX5rvqT0E0%2FBAc7TBIeEDPY8Hen%2BosLy61LA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8797d8060c2756a8-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdnjs.cloudflare.com/ajax/libs/Swiper/11.0.5/swiper-bundle.min.js | 104.17.25.14 | 200 OK | 36 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/Swiper/11.0.5/swiper-bundle.min.js IP104.17.25.14:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65278) Hash1aba3b60641d8dc579dca329a28d74d8 1a54fa817a49108dfdf2e75ce2ae507f007ac2bd 6942f0873b6a7108e18a983b4192ad469011a8131317f88161d6f0917058da22
GET /ajax/libs/Swiper/11.0.5/swiper-bundle.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: application/javascript; charset=utf-8
content-length: 35885
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "655ecea0-8c2d"
last-modified: Thu, 23 Nov 2023 04:01:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 80212
expires: Mon, 14 Apr 2025 17:34:23 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vh6BXAbH9%2F4Nj8KWnsFsq2f%2B5FjpyyXmu%2BQMEs%2B4ivNDXhZ75ecPDfzus62JNGELngsGaqz57OKqGibNkGHo79u%2FutRFkOKfi%2FU4BL1rgLgUV6%2Bd4MshCgOjOPZShczWyKToS7hj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8797d8060fceb511-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/Swiper/11.0.5/swiper-bundle.css | 104.17.25.14 | 200 OK | 4.6 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/Swiper/11.0.5/swiper-bundle.css IP104.17.25.14:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (2240) Hashdedb655afa22e72add3bc9f46bdbed8c da69cab8478bbc98bd3f8cd3a75b8ca99ea2ff31 587a037b9ee024fa8e83e1a90c05cc0dcc4359c47a93173ea657f25d0480129c
GET /ajax/libs/Swiper/11.0.5/swiper-bundle.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: text/css; charset=utf-8
content-length: 4646
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "655ecea0-1226"
last-modified: Thu, 23 Nov 2023 04:01:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3504948
expires: Mon, 14 Apr 2025 17:34:23 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iuLMMcP1%2FGwy5skPEHKy4LZvwNtWIhzV78ao1TRCMg4HwI9aP2inc1nSQu8xxFB4va6lvkE4%2Bv%2F8TBw7Uv6gIKnWUiElwBgMj%2F5kh%2B%2FWn4r4oMTeIw1mjrPrduyUsQjjKUAIoHSB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8797d8061fd1b511-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=AW-11401501348 | 142.250.74.40 | 200 OK | 88 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=AW-11401501348 IP142.250.74.40:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hashd175decc631a01e419a23c3e64e5b268 6d75b8086e73937b3774c92fc4ce82c214a62831 086227d55fe2b59cd8289c92d0fdf55888c137da7bf238a26b8f56f3f867a717
GET /gtag/js?id=AW-11401501348 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 24 Apr 2024 17:34:23 GMT
expires: Wed, 24 Apr 2024 17:34:23 GMT
cache-control: private, max-age=900
last-modified: Wed, 24 Apr 2024 16:37:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 88445
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-B1QS3P765Z | 142.250.74.40 | 200 OK | 100 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-B1QS3P765Z IP142.250.74.40:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (5945) Size100 kB (100538 bytes) Hash985d83c98a182d3caba1c1f7167fb174 49a904bdf80860f8832edaf5a4cdb3ae2fbb380a c224d59672e2d0b70eae4418d800a49c83cca25c0cbcfb2f73d6c295a017c975
GET /gtag/js?id=G-B1QS3P765Z HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 24 Apr 2024 17:34:23 GMT
expires: Wed, 24 Apr 2024 17:34:23 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 100538
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| img.staticdj.com/cd50df597465f45ec895e23f7d2da4ac_600x.jpeg | 104.19.235.103 | 200 OK | 18 kB |
URL GET HTTP/2img.staticdj.com/cd50df597465f45ec895e23f7d2da4ac_600x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash8ac0ba31169a084bebe857941ee19afa 39ed0296f1d595016860a14085a13a5e9c59565a 5cb1ecc53dca7ff47f6b1e054efb5725efb302b4542317e1d2136a978da0ce46
GET /cd50df597465f45ec895e23f7d2da4ac_600x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: image/webp
content-length: 17734
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="cd50df597465f45ec895e23f7d2da4ac.webp"
expires: Wed, 17 Apr 2024 21:36:32 GMT
request-id: c14b7537-eb26-4dfd-b32c-1784a96682a1
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: c14b7537-eb26-4dfd-b32c-1784a96682a1
x-xss-protection: 1; mode=block
last-modified: Wed, 17 Apr 2024 20:36:32 GMT
cf-cache-status: HIT
age: 550722
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B%2Bgh52rP8Q4JDArk5wBKo1A%2BfvB2EPqsfmDcU5snvzt6Bw3w8bzBvbWtaaLBUaJYN0mVfoCfsy%2BNUe3jt8xwSmDVjp4g8Iap%2FdXHKKYDJk6IUgSsn4DtXjEp9y2UgpmhNxI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=25.000095
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d8075ad5569b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img.staticdj.com/6e6e2cd33f91cf02e5e31579ecca8e84_600x.gif | 104.19.235.103 | 200 OK | 217 kB |
URL GET HTTP/2img.staticdj.com/6e6e2cd33f91cf02e5e31579ecca8e84_600x.gif IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Size217 kB (217352 bytes) Hash12a0fd6e22a6e645491de99b467e12ba 14d46744882505a0f1e34bb6ec43281047609a11 f9594be2d42e92119f19ac737af442128044f03590681f65766d3e273c64a0d2
GET /6e6e2cd33f91cf02e5e31579ecca8e84_600x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: image/webp
content-length: 217352
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=796798
content-disposition: inline; filename="6e6e2cd33f91cf02e5e31579ecca8e84_600x.webp"
request-id: 57547f9d-379f-4cf0-a60f-fcea3e13d12b
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Apr 2024 19:29:52 GMT
cf-cache-status: HIT
age: 1143698
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=owngMao9htTZlnrFA%2BH8VHx2852x8WAzLL9FnQd9zV2irpyywCgLC%2FgDaT9fuOeciWWTpK0gO28E85acgrieILAVz1kFWa5trV916Muu7qQ0yfytmV%2FudT5WoNds%2FYz%2B2BY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=23.000002
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d8075ad4569b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.rosequake.com/static/assets/sass/sidebar/sidebar.css?v=cac22025232-20240425 | 188.114.97.1 | 200 OK | 26 kB |
URL GET HTTP/3www.rosequake.com/static/assets/sass/sidebar/sidebar.css?v=cac22025232-20240425 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeASCII text, with very long lines (41614), with no line terminators Hash30514b5eb429ab4f3e8b766d6c6ac06c a5c42cda1bb44a83c4fe9ca5221825ca1d0e53cb 31d5a65ed4f290361fa9f6431b3fda6ec771b90d0f7cc1403576637af527b9bb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assets/sass/sidebar/sidebar.css?v=cac22025232-20240425 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: text/css
last-modified: Mon, 15 Aug 2022 06:06:14 GMT
etag: W/"0fde1f6db0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5635
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7m%2Bu79VpyUTndmyoAkAkdHPlMjsM3iLZ%2FwIblHXNiHqi%2B%2FgldzpAj7rhknJIw743jkGX%2BQml7ZXymGQdflsfwMRfvJ64r%2FUPkoZdc7QQfn4fZGQCP6WCEwQER5bvJFynwsWLVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797d8058b4b56a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/8934b67cc260820841e7be002b01cd49_600x.png | 104.19.235.103 | 200 OK | 74 kB |
URL GET HTTP/2img.staticdj.com/8934b67cc260820841e7be002b01cd49_600x.png IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashc7570af852efb7133595f308a6872439 af2ce68b2810dd3cf0a23353dbc9eb98590e548b aea29da31a42756938af836c3b07607b8c0312d954c29d8408c6fa4b6047f747
GET /8934b67cc260820841e7be002b01cd49_600x.png HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: image/webp
content-length: 73656
cache-control: public, max-age=31557600, max-age=3600, public
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=148581
content-disposition: inline; filename="8934b67cc260820841e7be002b01cd49_600x.webp"
expires: Wed, 03 Apr 2024 19:59:54 GMT
request-id: 125d14c5-15d3-4843-b8c2-4b0325a3f4e5
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 125d14c5-15d3-4843-b8c2-4b0325a3f4e5
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Apr 2024 18:59:54 GMT
cf-cache-status: HIT
age: 1143698
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ja7P%2BhqJVu6F0QlzopsV19%2FhCbHCwpHziP6I%2Bb12VUUlfIxUMxAIkgxgu7eg5M0GvBq37iy5Xm%2BF2MUfoPDx558VHCqQ%2FrAyHI3uOpq8OQy4z56fjZbvR%2FlslxjOsfyAAXg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=24.999857
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d8075adb569b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.rosequake.com/static/CBDStyle.css?v=cac22025232-20240425 | 188.114.97.1 | 200 OK | 46 kB |
URL GET HTTP/3www.rosequake.com/static/CBDStyle.css?v=cac22025232-20240425 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeASCII text, with very long lines (1418), with CRLF line terminators Hash2e1858a92856a89908a456f977b96051 c9aa6018b21ba84a69e69159f75d73b41354d3ad f07cf5076ef90427551f5f5242ce673107a05737e875e9bd845628de102713d6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/CBDStyle.css?v=cac22025232-20240425 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: text/css
last-modified: Wed, 17 Apr 2024 11:40:57 GMT
etag: W/"80eaa91cbc90da1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5635
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lze2KQ6chJoOcqlKH2DXw5MkQjuOG0dy65KNXiyQLTjGza4Abi54OPwGJn9sEL1KaEZbnQtmPT%2B7fK%2B8VEy6n4fLbLTCWxP3UnJmSQOYwGpzHbLfdNWNEmmL9MUN5YMUdmbnrA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797d8058b5956a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/static/assets/sass/base/animation/animation.css?v=cac22025232-20240425 | 188.114.97.1 | 200 OK | 21 kB |
URL GET HTTP/3www.rosequake.com/static/assets/sass/base/animation/animation.css?v=cac22025232-20240425 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeASCII text, with very long lines (588), with no line terminators Hashae3be075920a0f6383941a562ca1d463 f69e0cf75305a350af184bfb68c8a76a4e04241b a9689c4c62542817e9915a50df62020a909a63b566cd09af80f42bd5d427b33d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assets/sass/base/animation/animation.css?v=cac22025232-20240425 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: text/css
last-modified: Mon, 15 Aug 2022 06:06:14 GMT
etag: W/"0fde1f6db0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5635
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XJjW%2FiW1ygcPT1Uw75SziCwQY2hP7IGJkr68cpkJk5CAWYHRaO4jqkf3ImacDIlzpxkMioY1mnDXfTCYK9jATl0fxHLMdNEanokUoHlXxawvIS9attH8TbSEhCzzcWSiV3NQFA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797d8058b4256a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/91d1821d40edccaf51b4152aaa2f9700_600x.jpeg | 104.19.235.103 | 200 OK | 26 kB |
URL GET HTTP/2img.staticdj.com/91d1821d40edccaf51b4152aaa2f9700_600x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash5464987d601b9a7d98debf39e0541816 808c496a338e30f1511ab043c57242314f4d1c1c 9666dbf0e6e11fa8dca6eae8a3af9d0340328fdcd6d557332e03c2b0220ef62a
GET /91d1821d40edccaf51b4152aaa2f9700_600x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: image/webp
content-length: 25536
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="91d1821d40edccaf51b4152aaa2f9700.webp"
expires: Wed, 06 Mar 2024 20:01:53 GMT
request-id: 63a8eb1d-fcd0-4526-99ce-6b2ff54f5cad
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 63a8eb1d-fcd0-4526-99ce-6b2ff54f5cad
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 19:01:53 GMT
cf-cache-status: HIT
age: 887735
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z9XeGS0K1tqAGDEHG8yVMzGUUb2pAsvRIxFKi%2B6uc1r09davVWi7E8QLUQF0Ncs%2FrMplNpcVh5QZCgfDHqiyEYJtKCKZRBoy4H4Gu0F%2BE8Mx0SuXgrZco2L2FgmYUC%2Fv92Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=26.000023
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d8076af0569b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.rosequake.com/static/assets/sass/base/product/component-product.css?v=cac22025232-20240425 | 188.114.97.1 | 200 OK | 158 kB |
URL GET HTTP/3www.rosequake.com/static/assets/sass/base/product/component-product.css?v=cac22025232-20240425 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeASCII text, with very long lines (39193), with no line terminators Size158 kB (158292 bytes) Hash1044c3cef197bf3574a60b7f321c86f5 be9c4ea7b19a183eec748eae25808d6e1d4b7289 c236d51685d99df1c5646a27f259badae7c284190dcff88487a6e63ff89578b2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assets/sass/base/product/component-product.css?v=cac22025232-20240425 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: text/css
last-modified: Mon, 15 Aug 2022 06:06:14 GMT
etag: W/"0fde1f6db0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5635
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FYKuYHkJSOQdhns7Q7MfFmltH1Ahojs9ttgj2wWceOHWVbq3JqOagxJR%2FC4OB6lx5e1VjdXRCNr1vujwzdTWYCD%2BEPCbxR%2FywEfOyTMmG%2B3WPZDrD2K3I%2BCMMR5UbmbMTPc1rg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797d8058b4656a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/74fe3c239d3d8e2f1f3246717a5d9566_600x.gif | 104.19.235.103 | 200 OK | 40 kB |
URL GET HTTP/2img.staticdj.com/74fe3c239d3d8e2f1f3246717a5d9566_600x.gif IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hasha0fad190b47649578af4a67c5bf9a810 f524c161fea8f5097cfb57795303a9c290e5de3c 798cbb05bb969909c65178eaed836dcaca0f8edb5a4d60643c0c42c985a93658
GET /74fe3c239d3d8e2f1f3246717a5d9566_600x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: image/webp
content-length: 39666
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=297688
content-disposition: inline; filename="74fe3c239d3d8e2f1f3246717a5d9566_600x.webp"
request-id: cd09b5bc-e973-4cfa-b9ab-ed1600dd3a1e
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Wed, 20 Mar 2024 16:31:02 GMT
cf-cache-status: HIT
age: 2540105
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LQL6Ta4dbn%2FdGyE9CHW4L6ZGaZThCD1WfmD75KaSkI83wc2wp%2BQv3WmoS%2Fm91wlpGQ7ALo14B1tww4xhdQwIn2n3oTjBg16ZHgYHrH8fJhFyDnn76jG1aHs%2F1DKG2uKpy5U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=26.000023
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d8076aed569b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img.staticdj.com/a490a4aae32ab920c55ea29a95a3c93e_600x.jpg | 104.19.235.103 | 200 OK | 22 kB |
URL GET HTTP/2img.staticdj.com/a490a4aae32ab920c55ea29a95a3c93e_600x.jpg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash85e43fa9eed31501d449149402e27c77 234edf7948507cdf44b09508900b289781e5f109 c94b828ebc167235cc6e2aa554f43970534139f2792a8cbb0b862ab435589b55
GET /a490a4aae32ab920c55ea29a95a3c93e_600x.jpg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: image/webp
content-length: 21920
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="a490a4aae32ab920c55ea29a95a3c93e.webp"
expires: Wed, 06 Mar 2024 21:09:36 GMT
request-id: daa19743-3de5-4531-ae5d-1c08cfcf6880
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: daa19743-3de5-4531-ae5d-1c08cfcf6880
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 20:09:36 GMT
cf-cache-status: HIT
age: 1143699
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PNspHF23J8TZ2bIdHDtmdGgJTYFKbzcv1MjJaQzmTDqDK1jqq3%2BsbWzYmnx2rOyCUHTscz8PsfoL6A7%2BjWKGuiYNGfV9sH4AetBxbS%2BqBKQXW5Mq%2FInAVdSz3m1UpW3pAL8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=28.000116
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d8076ae7569b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img.staticdj.com/da09e529a78d22acbc8323c13c5cc630_600x.png | 104.19.235.103 | 200 OK | 257 kB |
URL GET HTTP/2img.staticdj.com/da09e529a78d22acbc8323c13c5cc630_600x.png IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Size257 kB (256606 bytes) Hashb7ad50615326bfbf25dc7aaacafb5490 87e0a38db1ce414fcd2136f765b8da96afe5d949 9fd89cd7a5812ee7dac86896bd9884be484c037cb1197fcdaf7bc164ce6fd07a
GET /da09e529a78d22acbc8323c13c5cc630_600x.png HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: image/webp
content-length: 256606
cache-control: public, max-age=31557600, max-age=3600, public
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=459851
content-disposition: inline; filename="da09e529a78d22acbc8323c13c5cc630_600x.webp"
expires: Thu, 11 Apr 2024 23:12:43 GMT
request-id: f77d0d2d-e7d4-4c11-a66e-ceae06526476
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: f77d0d2d-e7d4-4c11-a66e-ceae06526476
x-xss-protection: 1; mode=block
last-modified: Thu, 11 Apr 2024 22:12:43 GMT
cf-cache-status: HIT
age: 887735
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qDk94sUQFXAhDGQ5tjONbh4rlPSCHn2kEa9kxBJBAG8PrSp0b9igkoTB6tadD4lqZ75h3IaWcNZRztYjQkdG5702AyrX1w65v1LSHKqUzBglTMmrcrY05RSwfBiLu1f4wfI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=23.999929
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d8075ad6569b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.rosequake.com/static/lib/slick-carouse/slick.min.css?v=cac22025232-20240425 | 188.114.97.1 | 200 OK | 37 kB |
URL GET HTTP/3www.rosequake.com/static/lib/slick-carouse/slick.min.css?v=cac22025232-20240425 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeASCII text, with CRLF line terminators Hashcbd721a56cee571b7894b4432b1644ff 64b55d078a6ff3ac9d916ab31017b22ad4cae4cc 051c156fd95c71e48fb3d4c69a131617be06758a4302f4d63f259ab32ced32ea
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/lib/slick-carouse/slick.min.css?v=cac22025232-20240425 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: text/css
last-modified: Mon, 15 Aug 2022 06:06:14 GMT
etag: W/"0fde1f6db0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5635
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N1tKbsHL6MiVllxv3HNEFGkU8DsDA2h3p6ftSo6W9eKRWDvb4kjReRfIFqIvHdS36gTmwVXghySzZ46jv5GiqznBAgBUtmN%2F2usmtgByDIZNeU1WxNYw%2BtAKVrMQSKfqojH6jA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797d8058b4056a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/a5313bbad0070d448d3e578dc6b0d156_600x.jpeg | 104.19.235.103 | 200 OK | 31 kB |
URL GET HTTP/2img.staticdj.com/a5313bbad0070d448d3e578dc6b0d156_600x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash9d77ef9cfe6a98a61310d134ede0a24f 562cd04b240d6670be9c2a7f3b7ad67384940a08 2ae4bb88c98b7f9d1249775a98d79b5fce7bf2d4addf09297d73363187a04cb6
GET /a5313bbad0070d448d3e578dc6b0d156_600x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: image/webp
content-length: 31200
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="a5313bbad0070d448d3e578dc6b0d156.webp"
expires: Thu, 18 Apr 2024 09:33:48 GMT
request-id: 4c33e91b-5a4c-40db-b7d3-1cc6b32b504e
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 4c33e91b-5a4c-40db-b7d3-1cc6b32b504e
x-xss-protection: 1; mode=block
last-modified: Thu, 18 Apr 2024 08:33:48 GMT
cf-cache-status: HIT
age: 550721
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tzJOaSX0%2FIrcomYjFPv4lxeSoexrGeowLHH8GDUhuusyzyvunSbp71qyHAl0GDdcBABYH%2F7ZYyZNhpgxQARvfgbYS6GSm5c9SCiHadOlLzsTB%2FrSFp4ywazsU8%2FF9%2B5CS9k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=27.999878
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d8076aee569b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img.staticdj.com/45e7cca5d661d046ffdadf61719de7f1_600x.png | 104.19.235.103 | 200 OK | 91 kB |
URL GET HTTP/2img.staticdj.com/45e7cca5d661d046ffdadf61719de7f1_600x.png IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash89d1a07d57b4a15346840cf07fb457d7 a7680bbb10f0fde0102d4a2c68c7eb8b5cfc96aa 75d2b3f1d1e690e7ce0b1b7af3d361737522a2343a8fb56f72561d996ca98621
GET /45e7cca5d661d046ffdadf61719de7f1_600x.png HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: image/webp
content-length: 91204
cache-control: public, max-age=31557600, max-age=3600, public
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=186954
content-disposition: inline; filename="45e7cca5d661d046ffdadf61719de7f1_600x.webp"
expires: Tue, 19 Mar 2024 16:00:20 GMT
request-id: 119ae4dc-511e-4420-b9a8-9ff669b3032d
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 119ae4dc-511e-4420-b9a8-9ff669b3032d
x-xss-protection: 1; mode=block
last-modified: Tue, 19 Mar 2024 15:00:20 GMT
cf-cache-status: HIT
age: 2540104
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ox1xz7n0XXvLrcf%2BBDWSUycTiGDwtCykyiYKweOIk%2BaZ9cz43fwWeRpca3pzfSjgwzTxbV6vzBp%2BzcfSUyN7Kr9x8uumI8I3CGkgTJaKR4rtyRtalRy480VvPloZG1FYoBY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=25.000095
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d8076af3569b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.rosequake.com/static/assets/sass/popup/popup.css?v=cac22025232-20240425 | 188.114.97.1 | 200 OK | 25 kB |
URL GET HTTP/3www.rosequake.com/static/assets/sass/popup/popup.css?v=cac22025232-20240425 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeASCII text, with very long lines (10522), with CRLF line terminators Hash482bbe70e21e778f2c511a467d994090 5ac17271181cc9bb17adc708b7645208b11c532f ada0ffd438f67248313dce1f0f7e7c391e48d0f1089a06900892f827b721dc17
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assets/sass/popup/popup.css?v=cac22025232-20240425 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: text/css
last-modified: Sat, 28 Oct 2023 21:20:33 GMT
etag: W/"8066b995e49da1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5635
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vl%2BgfMnTLFP7yvc6skdJxeA4PQ1NQqm9Gui8Mdnvrvf8amG%2FZSJtW2dq7%2FPohFfFBXdXJb5RRwsCf8sW4Qva8yxJ%2BVwfzyLBwTIoFxEnhsMRTnHrN%2FX4UI6kTxTycK%2FMVf%2F0sw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797d8058b4856a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/static/lib/fancybox/fancybox.css?v=cac22025232-20240425 | 188.114.97.1 | 200 OK | 35 kB |
URL GET HTTP/3www.rosequake.com/static/lib/fancybox/fancybox.css?v=cac22025232-20240425 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeASCII text, with very long lines (474), with CRLF line terminators Hash8934fc2cc6952be05b710c87d7476178 f305054afdaf4c1df87f57a53724754cd0bc052f 1a9d522b9594ba76d8def2c0e4a6d26b6497cbce380c7ac87b51dd5548153c98
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/lib/fancybox/fancybox.css?v=cac22025232-20240425 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: text/css
last-modified: Mon, 15 Aug 2022 06:06:14 GMT
etag: W/"0fde1f6db0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5635
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S%2FPxGreyKIgvptBnlgCYwRt6ZeknR%2Fte0Qp37BuB%2F5x6b6O6AxvUJjdYXXZBRG5AkvoDeqJqZZW30P4a50n%2FXaPLdUiH2yPAZXLRao%2F%2FhvHIfeYXbcQSgiIsUmi81vEkCSzFYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797d8058b4d56a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/theme.css?v=cac22025232-20240425 | 188.114.97.1 | 200 OK | 0 B |
URL GET HTTP/3www.rosequake.com/theme.css?v=cac22025232-20240425 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /theme.css?v=cac22025232-20240425 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:24 GMT
content-type: text/css
content-length: 0
cache-control: private
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: BYPASS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1ljpja9%2FYFu24jMZmMfN65RXmVik5BWdW7Knwp%2ByG1vi8i3a7gi%2BabjFmML%2BIa3XgksFnq3WCYahe7DXeeQdXCbjnlT6Fqy2HqepKN8Zs2CFrUKA0CJQLGTpA4tAstFJqWevtA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8797d8060c1e56a8-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/theme.js?v=cac22025232-20240425 | 188.114.97.1 | 200 OK | 0 B |
URL GET HTTP/3www.rosequake.com/theme.js?v=cac22025232-20240425 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /theme.js?v=cac22025232-20240425 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:24 GMT
content-type: application/x-javascript
content-length: 0
cache-control: private
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: BYPASS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u8foyakwgfYpqDOPrGcj53%2BwaX5m%2B7jkuAtDDJO3gEIdxwKlYJthDMPiVpqV3kwkzSAB6%2Ba9xkY%2Fx6RZRJe7bBAUVl1wHv6fDKq3COuL7UJhENPgiP%2B36LWovBo%2BfsY1ePSJ0g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8797d8060c1f56a8-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/bb3de54fb37fda938bcc812e9deb7652_600x.jpeg | 104.19.235.103 | 200 OK | 34 kB |
URL GET HTTP/2img.staticdj.com/bb3de54fb37fda938bcc812e9deb7652_600x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash374cde4a27f801ecf7e81024b92831a9 281794ccf7e3a8a7ca17005db32c1bd8cd432a16 e8201fabdd7291a3e2ae665bbca7ed0f68c1d631f5c9d9767b8a969f616bcc5b
GET /bb3de54fb37fda938bcc812e9deb7652_600x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: image/webp
content-length: 34478
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="bb3de54fb37fda938bcc812e9deb7652.webp"
expires: Wed, 06 Mar 2024 23:38:43 GMT
request-id: b68a624f-b866-4bad-8b0e-b37a05413959
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: b68a624f-b866-4bad-8b0e-b37a05413959
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 22:38:43 GMT
cf-cache-status: HIT
age: 550722
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7fhnQ5W99vAJ0RKW%2BaHiwv2fD78dj7%2Fu3zWJTQSsYmeuUo6poRO0ZQ8WJc9j5meMZMw67cO03qFfpQflPXBHf%2FHgauVhLuUEhbhdWKUKzppmDAXX8KsollDoYkw9RTt6plc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=31.999826
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d8076aef569b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.rosequake.com/static/assets/sass/style.css?v=cac22025232-20240425 | 188.114.97.1 | 200 OK | 74 kB |
URL GET HTTP/3www.rosequake.com/static/assets/sass/style.css?v=cac22025232-20240425 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeASCII text, with CRLF line terminators Hash9ecdc5fe4c25c939533d5613a560b7b3 c432fd1eff96051da782463f392531d7e25f8f80 1c84f82609078a0639992c996a8b7c55f2d5b75508494cfa58deee2dbef06a21
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assets/sass/style.css?v=cac22025232-20240425 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: text/css
last-modified: Wed, 27 Dec 2023 10:52:08 GMT
etag: W/"0fc93bcb238da1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5635
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7514FqWS7ldCUPYq9ZEKHIQogm4WmrMFfcYA8bq5tziBUEhkzXOhf%2FGM6ROG%2B38YGOG12xfdBRtT%2FZNWfMAUvimHFzafCp4SUhZI5d%2F1%2F7qt8653m5BecObDXOrDk1tE09gJFA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797d8056b2356a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/e4a8e7b7a3e1b362faf130557c5868ae_600x.gif | 104.19.235.103 | 200 OK | 67 kB |
URL GET HTTP/2img.staticdj.com/e4a8e7b7a3e1b362faf130557c5868ae_600x.gif IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash822d70389c3ea912ba3af9d94bac9937 f4a52f67da2b210b2073b06617e230807180999f 62afefba3b77626681c2b25e87cd7411bb661fec04aa8a4d91e024954b278607
GET /e4a8e7b7a3e1b362faf130557c5868ae_600x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: image/webp
content-length: 66984
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=166102
content-disposition: inline; filename="e4a8e7b7a3e1b362faf130557c5868ae_600x.webp"
request-id: dbebcfda-d5f7-4745-80aa-5b968df514c7
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Thu, 11 Apr 2024 23:14:08 GMT
cf-cache-status: HIT
age: 887736
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BbzGXSxrdpK6O1LCRlX64xwLItzjJdj5Ae0oc0PtrUx9aIY%2BIqyLX4Njgdf%2BX9G1OmFSMCCJR8tLOg3i%2BXAyjx7iNI6vewJpayfBfaw374c6TumD5YNkozxXPieSRMKQSdY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=29.999971
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d8076af1569b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img.staticdj.com/7dc7294d364026f639068e11fa703b18_600x.gif | 104.19.235.103 | 200 OK | 165 kB |
URL GET HTTP/2img.staticdj.com/7dc7294d364026f639068e11fa703b18_600x.gif IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Size165 kB (165198 bytes) Hash7dc7294d364026f639068e11fa703b18 5f594b9ed1b55a61858fc96fbc224614fed0b42d e2a7445b15a99a9ae4e87686a9f247a04d2e78da38f849fa9cec2646187549b0
GET /7dc7294d364026f639068e11fa703b18_600x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: image/gif
content-length: 165198
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: status=format_not_supported
request-id: a6c499b0-00d7-4780-b2b8-1598397d51cb
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Sat, 27 Jan 2024 14:39:00 GMT
cf-cache-status: HIT
age: 4773979
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hXDdnUIp34%2F%2BJqieyBlWeUoQ%2BACX9zIOmyJYDqtBkJkkl99WSkrOp4DX4fWBlM94uAcpgdKEcegIAAISiDN2U%2FLrbxrnh%2FmQbOaQzhlwzv0RvSkdWLdIeuQ0rH67ZvBw%2FSo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=36.000013
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d8075ad8569b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img.staticdj.com/8c6a27ad6c0d760d145addd96253ebaa_600x.png | 104.19.235.103 | 200 OK | 204 kB |
URL GET HTTP/2img.staticdj.com/8c6a27ad6c0d760d145addd96253ebaa_600x.png IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Size204 kB (204004 bytes) Hash79466905c32ff2a6d0c347b5e9515642 aa715ae401bdbc2e5778f3edc476b6438ffdba98 d62d135e95ca264042e19e4f9b50a106879d046a403e34847a13c4911d2f3a63
GET /8c6a27ad6c0d760d145addd96253ebaa_600x.png HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: image/webp
content-length: 204004
cache-control: public, max-age=31557600, max-age=3600, public
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=375970
content-disposition: inline; filename="8c6a27ad6c0d760d145addd96253ebaa_600x.webp"
expires: Thu, 11 Apr 2024 23:25:02 GMT
request-id: 9b4c627f-8025-435f-a73f-81a840b575bd
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 9b4c627f-8025-435f-a73f-81a840b575bd
x-xss-protection: 1; mode=block
last-modified: Thu, 11 Apr 2024 22:25:02 GMT
cf-cache-status: HIT
age: 887734
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yApM8QMiPWzI9MpIv%2Bnb3N6fx8Grq8SjWHFqHKEjahr%2B4SQeVCu8zmgyjJJVT1hFpz2QiRcbJ1yEYQYvQCu72wI6EakmPvOuLPSA9toQxflZ5KJAoSs3Q3yEeNmTG3u%2B%2BN0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=26.999950
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d8075adc569b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img.staticdj.com/83044eeea07045d893abc99643a74f88_600x.gif | 104.19.235.103 | 200 OK | 163 kB |
URL GET HTTP/2img.staticdj.com/83044eeea07045d893abc99643a74f88_600x.gif IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Size163 kB (162852 bytes) Hash83044eeea07045d893abc99643a74f88 fec1a9e1c4cd5099082aeab137b5197134bb1a05 8f9054814ffaaa62d81e5b5b753f8c4f9865caec4abf2f4885d064d9e6a4ee3e
GET /83044eeea07045d893abc99643a74f88_600x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: image/gif
content-length: 162852
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: status=format_not_supported
request-id: bd8a0901-e1a5-443a-9b2a-fe883e19e11a
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Sat, 27 Jan 2024 13:20:41 GMT
cf-cache-status: HIT
age: 4773979
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CxBAi%2Bd55t4hgKPB%2Bp1RMwHryVcJqF3SwA6PI3vLJHp7vnkVKnaCp0dsGqbP1xGvI%2BPcIbHKf1nRSg4hw4KdlZVDEacenpNuQxjR2skprwt929E7rmIH8NIJ%2FknlnRFBj1k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=39.000034
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d8075add569b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img.staticdj.com/99cd1036993157257e24ef187691b54b_600x.gif | 104.19.235.103 | 200 OK | 134 kB |
URL GET HTTP/2img.staticdj.com/99cd1036993157257e24ef187691b54b_600x.gif IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Size134 kB (134222 bytes) Hash2010a39646af76e3c478afa4e84d6aec 8f3628babd03ad9efa20a3f63945a26e37f4ac32 cca8f7d3fe8b4431ff1603a7e306f128d9c0d82b8a066b65a6f0cb3d14d6b010
GET /99cd1036993157257e24ef187691b54b_600x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: image/webp
content-length: 134222
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=333710
content-disposition: inline; filename="99cd1036993157257e24ef187691b54b_600x.webp"
request-id: da2ed250-afa9-4a7e-8047-2f35a3fd843a
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 22:36:30 GMT
cf-cache-status: HIT
age: 525557
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2wr08O5G6fgbq7T26vXxIi6gb%2F7L%2BuPvG7mmFgnVlEpzbGvDJVg51VTAbAZ66MSTva020BdyzdlHZ9qg6%2BIZBZqd2%2FtKPFGaiLbIitPeJ2eYiGM%2Fcs7mXxP%2BwANBIqwzIo4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=30.000210
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d8076ae9569b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img.staticdj.com/0bdfb387111342c9f79a5ed0a000e259_600x.gif | 104.19.235.103 | 200 OK | 112 kB |
URL GET HTTP/2img.staticdj.com/0bdfb387111342c9f79a5ed0a000e259_600x.gif IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Size112 kB (112056 bytes) Hash8e61e01c5c384a45493c35b8b67f25db ba74d4f3df6bb2c7f2d99bb5c4d3867f62588ea2 19be3c58378444aefd764cf358a68d5b91291c46a4e98f1bb1d04bc8d6a8f25e
GET /0bdfb387111342c9f79a5ed0a000e259_600x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: image/webp
content-length: 112056
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=155876
content-disposition: inline; filename="0bdfb387111342c9f79a5ed0a000e259_600x.webp"
request-id: 549646a7-189d-4877-9b90-150cfb5bf043
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Wed, 31 Jan 2024 08:06:01 GMT
cf-cache-status: HIT
age: 4773978
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7DiPe3LTB8G6rMYFQpQSj5T7yopRv5AZMVxkGLXmGcxe2%2By8cVyXXWu4NasXMEygxul4kPORFvjT8%2BJxdkczdQu3ezPfjzRpIGiyjrZ%2B6sDGYIYVn%2B7T9e3047yS9xCVGyk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=29.999971
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d8076adf569b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.rosequake.com/images/loading4.gif | 188.114.97.1 | 200 OK | 6.6 kB |
URL GET HTTP/3www.rosequake.com/images/loading4.gif IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeGIF image data, version 89a, 60 x 60 Hashee3e67267342c680d45aa26e7a766e0a 456c0413f2d2d7b41218ecc02207c05c31ab4737 ddaf92bbcc4785ceb3b77454898fae6603a82a75ff1b646dd8c387e9bbeb9922
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/loading4.gif HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: _gcl_au=1.1.68093794.1713980064
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:24 GMT
content-type: image/gif
content-length: 6581
last-modified: Wed, 13 May 2015 02:06:07 GMT
etag: "7c219c5f218dd01:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 6108
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3GSzf%2F96bKgGg6KmssUEPEKBBbEsFdxKaXeACKTIUjz9E5ZFQl1HFMlxglAdVhts0pKAj2ZaCF03zzjc9kF%2BcMgc1zacjmlHD1%2Bwg%2Bjh90Y08zCzzffJwbB4WpgWWPQ45GdhDw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8797d80c9b0c56a8-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/static/lib/fancybox/fancybox.umd.js?v=cac22025232-20240425 | 188.114.97.1 | 200 OK | 133 kB |
URL GET HTTP/3www.rosequake.com/static/lib/fancybox/fancybox.umd.js?v=cac22025232-20240425 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeJavaScript source, ASCII text, with very long lines (65501), with CRLF line terminators Size133 kB (132588 bytes) Hashb01da78c5d4905c9961b0f6edfa28c3f e51d3d15baa13e0cda9b2e6637925c74c8655a4c 691ffb9a7ea68f1b92aa89bfd4392bfe7de445a153c28ef4268aa192215d3ef7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/lib/fancybox/fancybox.umd.js?v=cac22025232-20240425 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2022 06:06:46 GMT
etag: W/"0dff0326db0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5635
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1ddsZQm9fzzjM7X8yqazbKO6JVSYdRbDyDwHgId2TZ7jwgv6t3AcSdjvBlOPLDfaat40UKmjEqMZkQTnmbrNxi1LOiTxYev5KNZUX9TBlN5rV5LDX%2FgT0b0QaE1R0rpSoVPFmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797d8059b6756a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/images/bg.png | 188.114.97.1 | 200 OK | 90 kB |
URL GET HTTP/3www.rosequake.com/images/bg.png IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typePNG image data, 750 x 900, 8-bit/color RGBA, non-interlaced Hashccf77e016e248189f1010ef460854b41 ba7980d6188a7581acc6e8e38c7bb3d3377af87b 58eab8be48f2cdd0eff40a5c8834dee3df3295020cc35104611ea2d0346357f9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/bg.png HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/static/CBDStyle.css?v=cac22025232-20240425
Cookie: _gcl_au=1.1.68093794.1713980064
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:25 GMT
content-type: image/png
content-length: 89690
last-modified: Mon, 16 Oct 2023 18:33:27 GMT
etag: "82b653415f0da1:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2108
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1RM88b%2BImtHLYwnDmx3fz%2FJBCmpxYX2CJChLnHYTvf70RjZk2wKfx%2FgKpgw%2BVUj3LofJMtrRiF7Vj3ZCeZ4a8WTN825edLE1Qu2fNMSoGaOfqidFlngcCaR4WfL57Ar%2FpqiNFw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8797d80e4cfd56a8-OSL
alt-svc: h3=":443"; ma=86400
|
|
| we.chatsoftly.com/js/im_load.js | 104.21.92.129 | 200 OK | 74 kB |
URL GET HTTP/2we.chatsoftly.com/js/im_load.js IP104.21.92.129:443
Requested byhttps://www.rosequake.com/ CertificateIssuerLet's Encrypt Subjectchatsoftly.com FingerprintB5:CE:E5:95:0F:6B:BB:E2:D4:E0:32:34:86:00:B8:EB:C8:3F:A6:E5 ValidityWed, 06 Mar 2024 04:41:15 GMT - Tue, 04 Jun 2024 04:41:14 GMT
File typeJavaScript source, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Hashcc1080d492f422ebfdcc091aa525580d 249685a9d4bec1dd1c3f7761254ef9d23265fad4 9c4416858603f97c66642e57c2a727280558f897be9cd9e52bee4e631ad48671
GET /js/im_load.js HTTP/1.1
Host: we.chatsoftly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:34:24 GMT
content-type: application/javascript
last-modified: Wed, 13 Sep 2023 15:41:56 GMT
etag: W/"07a42d358e6d91:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 6109
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wvR379ak0M2XDod2yJdo1R%2BIlm1Wtt53RNwdxO6emI1ZNlXqhf716HX34Yg1VrB8dw0%2BKzOoZihGsEeSIlMIXTMNzhhjwyc8rqpDBNrZxNJRbju5WKDe9MZLwBQ0HecyVlcogw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8797d80d9ca6b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.rosequake.com/static/assets/js/theme.js?v=cac22025232-20240425 | 188.114.97.1 | 200 OK | 164 kB |
URL GET HTTP/3www.rosequake.com/static/assets/js/theme.js?v=cac22025232-20240425 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with CRLF line terminators Size164 kB (163501 bytes) Hashc5469e9f0e448739e77e540bd0f1d8f5 8527e3f640254d4b9c23d5cc4f9cb205298eec58 dbabd00d3fa2893d1bef0085bc67ddb5624e3cfd72064d07f4b67bd63a011ba0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assets/js/theme.js?v=cac22025232-20240425 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: _gcl_au=1.1.68093794.1713980064
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:24 GMT
content-type: application/javascript
last-modified: Tue, 05 Mar 2024 22:04:51 GMT
etag: W/"80c34d25496fda1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5636
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CGvUKCYuZb9MNrXfgl8zDbrYfW1RvsPQJSRxCH%2FmhzPBcpJvZJFB5xwUYjZpOcIotRrg8v7mabxd9hezwJlD5z6%2BEU0oMp5HS14ViG9zOLDM6VjH6%2BD06Eotlm7WUf37mG%2BM3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797d80c9b1656a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| | 188.114.97.1 | 200 OK | 54 kB |
URL User Request GET HTTP/2IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (712), with CRLF, LF line terminators Hashe11a650dba45a0cd5e46e50331e4f99c 94187c386000a3a5461391d4f8ea8c3ceb7d394e c6134f4f69c1fc9701c1e97bc0fd5c54a3a655f500403abcbc4b9349ee96fdd3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: text/html; charset=utf-8
cache-control: private
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pFv1DkQylLJCLcgxJIJSjA1EqYMUaZ2XyJ%2B99vsvSKiswZ%2FQZXJKAvzuTBP8%2FIeJhB0Hu1Oc%2FFMJI2kp5Nh%2F%2B2reyhWQmV7V0GME4hqh%2B4h0oZZEymLC%2F9Q9bvc%2Bb%2BR0FGztmA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797d7f5981bb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.rosequake.com/css/iconfont/iconfont.woff2?t=1657020896111 | 188.114.97.1 | 200 OK | 38 kB |
URL GET HTTP/3www.rosequake.com/css/iconfont/iconfont.woff2?t=1657020896111 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 37788, version 1.0 Hashfda53bb64e7c76c9fd7a3feece87baf9 85ea2d508fa5da02d79f393b5779d61e1f3e0d46 868fa7e9273b2874aaa642ace965973f6ec2fba27d5da30211d42f299e54ea74
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/iconfont/iconfont.woff2?t=1657020896111 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/static/CBDStyle.css?v=cac22025232-20240425
Cookie: _gcl_au=1.1.68093794.1713980064
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:25 GMT
content-type: application/font-woff2
content-length: 37788
last-modified: Sun, 31 Jul 2022 07:35:49 GMT
etag: "80b86b27b0a4d81:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 6109
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nEwycfhZxgf6daulRHgRpYCTfciHl09q%2Fs%2BdtpR8vJBWOEDVHtnaHzRnvBniebizMcYbXMgE3O03uHOlTllYfPVHFZ5R6G5IDjI0BpIQiO9DxEaWLZFuuVgm6L0w4p4G9oaHww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8797d80f2db356a8-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/js/layer.mobile/need/layer.css?v=cac22025232-20240425 | 188.114.97.1 | 200 OK | 9.3 kB |
URL GET HTTP/3www.rosequake.com/js/layer.mobile/need/layer.css?v=cac22025232-20240425 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeASCII text, with very long lines (5260), with no line terminators Hash633915e62d14a714594b95b974ee0836 e11ebb64a70272c4f35b92fea064f27c4b87efad eecc7effcae5f246e6212c30c525cee9e11cadedc7d32aa6def213f1a90d98f6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/layer.mobile/need/layer.css?v=cac22025232-20240425 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: text/css
last-modified: Fri, 26 Aug 2016 09:35:36 GMT
etag: W/"024e0327dffd11:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5635
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ATTMiJoUNrVGH8eFiM9lVDF%2Bcf6ru4BqIJax5OkSInaN2VhUHY%2BE8sH1zTdjD9JAvuePDlY0V0spyXBPycYzSyT9ALdrhoEd9mzJbzIDI%2BIrDPCmJEN%2FH%2Fwx0M5%2BsuoZfFXY9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797d805cbca56a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 | 216.58.207.227 | 200 OK | 7.9 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 IP216.58.207.227:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7884, version 1.0 Hash9212f6f9860f9fc6c69b02fedf6db8c3 ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rosequake.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 03:21:03 GMT
expires: Wed, 23 Apr 2025 03:21:03 GMT
cache-control: public, max-age=31536000
age: 137602
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| global.akating.com/files/Country_list.js | 172.67.165.29 | 200 OK | 17 kB |
URL GET HTTP/2global.akating.com/files/Country_list.js IP172.67.165.29:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectakating.com FingerprintA8:7E:17:08:6D:10:CF:53:D4:98:D4:CE:50:7C:4A:15:9B:62:1D:62 ValidityFri, 19 Apr 2024 10:57:59 GMT - Thu, 18 Jul 2024 10:57:58 GMT
File typeASCII text, with very long lines (55293), with no line terminators Hash3dd00c1468c48f40ac11cf9715d34831 98691de8e84697877dfdbf2f9e87149621c64656 0512d7cec7a4d88356a2b50d5254c7884ad61cd7f343c8add98a4c8a4ca77eb2
GET /files/Country_list.js HTTP/1.1
Host: global.akating.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: application/javascript
last-modified: Tue, 28 Nov 2023 20:39:55 GMT
etag: W/"805f5eb3b22da1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 6108
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5KJ8wPXyGHKXUV9J2e6YwFwwUDD3vrB4ezoeBMJTjMq80%2BI49pYhcphyTf3yQZadxWrxUumqlW60LG56I2YwnY17fiksIhe0j7H%2BXtaR3EuV9s7ewib297MVHOITZasNqcakbP8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797d807392ab511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 | 216.58.207.227 | 200 OK | 7.8 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 IP216.58.207.227:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7816, version 1.0 Hash25b0e113ca7cce3770d542736db26368 cb726212d5d525021752a1d8470a0fb593e0c49e 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rosequake.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 Apr 2024 16:23:47 GMT
expires: Tue, 22 Apr 2025 16:23:47 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:00:32 GMT
content-type: font/woff2
age: 177038
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 | 216.58.207.227 | 200 OK | 7.7 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 IP216.58.207.227:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7748, version 1.0 Hasha09f2fccfee35b7247b08a1a266f0328 0da2d17e738f46d2a09e6fb7969da451719a9820 cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rosequake.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 03:25:26 GMT
expires: Wed, 23 Apr 2025 03:25:26 GMT
cache-control: public, max-age=31536000
age: 137339
last-modified: Fri, 22 Mar 2024 00:01:14 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.rosequake.com/js/jquery-ui-1.13.1.custom/jquery-ui.min.css?v=cac22025232-20240425 | 188.114.97.1 | 200 OK | 9.2 kB |
URL GET HTTP/3www.rosequake.com/js/jquery-ui-1.13.1.custom/jquery-ui.min.css?v=cac22025232-20240425 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeASCII text, with very long lines (15422) Hashb82ec717898908396b42e0c1a61913aa fc446948bfed0cb2907aed714f9a4babf4a246aa f6414e82ba7213ea861cdc0c5bff7b72a82a5e1fd484ee456dc6d4f8e4e0d795
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/jquery-ui-1.13.1.custom/jquery-ui.min.css?v=cac22025232-20240425 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: _gcl_au=1.1.68093794.1713980064
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:24 GMT
content-type: text/css
last-modified: Tue, 05 Apr 2022 13:25:12 GMT
etag: W/"0ec294f048d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5636
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3CWBC3QPcjmpJ0RCPpwyq9I4KEacK%2BNcBUoiNYIcQfYNgch06nIYRuAD%2BuUaLGW%2BmgQ%2BJDUV8Y6ov3YvabqSDhoBH6tE6ZOQbLuPoSvtWuPTWAPvbP8%2BorMS%2BDCZ5yqYOsDwig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797d80cab1b56a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/static/lib/jquery/jquery.min.js?v=cac22025232-20240425 | 188.114.97.1 | 200 OK | 40 kB |
URL GET HTTP/3www.rosequake.com/static/lib/jquery/jquery.min.js?v=cac22025232-20240425 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeJavaScript source, ASCII text, with very long lines (65446), with CRLF line terminators Hash3e4bb227fb55271bfe9c9d4a09147bd8 156837f75f6600ccb602b4efcbd393636c33f35e ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/lib/jquery/jquery.min.js?v=cac22025232-20240425 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2022 06:06:42 GMT
etag: W/"0858e306db0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5635
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HEA9NwjciVsAxhEcnoumj5cqzUFYqCUvnikD9kgplgpFCZE01XzaVAPuGeqpp6pcOKeAimzX8JACkTI9osLye2K%2FCOweiMskYJnNWQWIskUoKJ%2FPoZbriq9YGLcpuAHe5sIXIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797d8058b5e56a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| web.cbdcdn.com/file/2024/03/10/6af5f59f3be2493b978f6183f82438ab.jpg | 104.21.15.17 | 200 OK | 349 kB |
URL GET HTTP/2web.cbdcdn.com/file/2024/03/10/6af5f59f3be2493b978f6183f82438ab.jpg IP104.21.15.17:443
Requested byhttps://www.rosequake.com/ CertificateIssuerLet's Encrypt Subjectcbdcdn.com FingerprintBF:02:F6:35:4B:B4:AA:9C:11:18:17:94:E4:5F:36:DE:60:E1:F5:D0 ValiditySat, 06 Apr 2024 06:43:03 GMT - Fri, 05 Jul 2024 06:43:02 GMT
File typeJPEG image data, progressive, precision 8, 1920x667, components 3 Size349 kB (348684 bytes) Hashb5bf33f28c5fa82e80a08995f1c53d71 6d153ffd7cb82c18d4a6494295bf0276ff67d6f5 3b35651386715db3ce846c2af57dbc88e9861691886944711b31bbe8e9880766
GET /file/2024/03/10/6af5f59f3be2493b978f6183f82438ab.jpg HTTP/1.1
Host: web.cbdcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:34:25 GMT
content-type: image/jpeg
content-length: 348684
x-oss-request-id: 65FE1F60F1151CBBDD422DC0
etag: "B5BF33F28C5FA82E80A08995F1C53D71"
last-modified: Sun, 10 Mar 2024 12:39:54 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 2898822139854134682
x-oss-storage-class: Standard
content-md5: tb8z8oxfqC6AoImV8cU9cQ==
x-oss-server-time: 233
cache-control: max-age=14400
cf-cache-status: HIT
age: 2108
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mPzAu8pZ6uwKcLeaKyrTcEUej2VvY%2FnAuCL80AbGIqorlbmFKUvJ%2FQ8L8d8Xx5qdoq5%2F4SUJDi7k9XaQd3O4Vt89B3%2FDfnZbaagIZwNoktx5bZtlMHoMHQIIrV6qUnPjuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8797d810ef4c569c-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.shopify.com/videos/c/vp/5c4e8ab37b8f49b5823ee2567a37a3e0/5c4e8ab37b8f49b5823ee2567a37a3e0.HD-1080p-4.8Mbps-19618712.mp4 | 23.227.60.200 | 206 Partial Content | 3.2 MB |
URL GET HTTP/2cdn.shopify.com/videos/c/vp/5c4e8ab37b8f49b5823ee2567a37a3e0/5c4e8ab37b8f49b5823ee2567a37a3e0.HD-1080p-4.8Mbps-19618712.mp4 IP23.227.60.200:443
Requested byhttps://www.rosequake.com/ CertificateIssuerLet's Encrypt Subjectcdn.shopify.com Fingerprint34:CE:56:3A:83:8F:D8:06:E6:52:5C:6D:DE:D5:CD:92:EE:F0:79:DF ValidityTue, 05 Mar 2024 12:27:42 GMT - Mon, 03 Jun 2024 12:27:41 GMT
File typeISO Media, MP4 Base Media v1 [ISO 14496-12:2003] Size3.2 MB (3205331 bytes) Hashfd5e187806b02991081a2c8489f00301 b645a0b0b6e16013fbb595ce978300c38c57da22 115e483747fd69f0c0258846c9ec198896819a2853d5367a789b00de108a60de
GET /videos/c/vp/5c4e8ab37b8f49b5823ee2567a37a3e0/5c4e8ab37b8f49b5823ee2567a37a3e0.HD-1080p-4.8Mbps-19618712.mp4 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
date: Wed, 24 Apr 2024 17:34:25 GMT
content-type: video/mp4
content-length: 3205331
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Range, Access-Control-Allow-Origin
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/videos/c/vp/5c4e8ab37b8f49b5823ee2567a37a3e0/5c4e8ab37b8f49b5823ee2567a37a3e0.HD-1080p-4.8Mbps-19618712.mp4>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: 281143b7-4155-48b6-b2bf-cd9d30ba97d1-1709760439
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,gcp-us-east1
last-modified: Wed, 06 Mar 2024 21:27:19 GMT
cf-cache-status: HIT
age: 1876074
content-range: bytes 0-3205330/3205331
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jVP7EL93BwUKBSMNauPMv11U9%2FOnIv9msjoaDpi0U0txhVTZ6ZAw523OAYY0A84rwPD7MhnMRf79DlJJQl%2FlAYHMbUSnoaZk%2BI5ZQv5cb%2BgLZHYCw6b4BxMJSkXZm54F2w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server-timing: imagery;dur=145.663, imageryFetch;dur=145.133, cfRequestDuration;dur=15.000105
server: cloudflare
cf-ray: 8797d810cc1456a4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.rosequake.com/cdn-cgi/challenge-platform/scripts/jsd/main.js | 188.114.97.1 | 302 Found | 0 B |
URL GET HTTP/3www.rosequake.com/cdn-cgi/challenge-platform/scripts/jsd/main.js IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: _gcl_au=1.1.68093794.1713980064
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Wed, 24 Apr 2024 17:34:25 GMT
content-length: 0
access-control-allow-origin: *
cache-control: max-age=300, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FpWI4riNBbzuNqnD%2BD9yfLkcMbQ2DRBIwpkVOXeck8CzVQKFvRcmiDXssxy5oYcUcTkMFbvUTP%2Fi30LUlrMhEX2OYufdWgzwuUSFoT2ebc6p3B%2Fcu6%2B4jo1oxpiZ%2B4fXe7aTCw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8797d8132b1156a8-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/3767a66f878a8bb251fec712221a2809.png | 104.19.235.103 | 200 OK | 80 kB |
URL GET HTTP/3img.staticdj.com/3767a66f878a8bb251fec712221a2809.png IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash3c450f4f2e8970abb3da014e75c849b4 5778751906436229db18ac23694ee0269b2e9934 e534cf17aecbc3189015e7a225aa82c83be16b57036dc09ece578147ed1b9705
GET /3767a66f878a8bb251fec712221a2809.png HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:25 GMT
content-type: image/webp
content-length: 80406
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=128110
content-disposition: inline; filename="3767a66f878a8bb251fec712221a2809.webp"
request-id: 0763fafa-6c70-4e57-b825-e1dd52692035
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Thu, 08 Feb 2024 17:08:26 GMT
cf-cache-status: HIT
age: 4773980
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=id1hWons3AEqX9J3egG8okgnWwb5Ja9o6pMkEasqhye2V0w7LL%2FeawuId%2BbShMtQXRbYKiTZFVeI9tvoapH8trBm9K5tGOxGc1O5gQ%2BiLIOrCwoQayMJ1hRq7gQX2dzJiZM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=23.000002
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d813ed981c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/ajax/index.aspx?action=UserInfo | 188.114.97.1 | 200 OK | 15 B |
URL GET HTTP/3www.rosequake.com/ajax/index.aspx?action=UserInfo IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
Hash00d746e4b7a743d7815f126764dbf5c0 46247b4f29333cdfdf067dc2c5d449fffab7f77c 786a593906565372853a05afa202cc6228dd70e479befba3096965a06682529a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ajax/index.aspx?action=UserInfo HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: _gcl_au=1.1.68093794.1713980064; _ga_B1QS3P765Z=GS1.1.1713980065.1.0.1713980065.0.0.0; _ga=GA1.1.1956862707.1713980066
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: application/json; charset=utf-8
content-length: 15
cache-control: private
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y5KMRINai1SrEfDDCdBJvPwNWZBf6isJDpTJHpo9xq8uitHheRlmGzs%2Bc250230LSP4KaaZsR3jcsbuLIDS7P2OgKI2hpcMMa6YYIOus8uDUfbTxp44uKQQboAcMwTVaFIHdQg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797d813bbe056a8-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/b87aac99bbd03a02888546a08d17b466.png | 104.19.235.103 | 200 OK | 69 kB |
URL GET HTTP/3img.staticdj.com/b87aac99bbd03a02888546a08d17b466.png IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash59bdb4af411d24221dce1bbf4ca6f3c1 f6fdb8d63aa229a804cb2fe6a4854fa65ea445a3 5a495e6dde820a0f44a974b9986ecdf51626af58b151bd876f76734b63dd933d
GET /b87aac99bbd03a02888546a08d17b466.png HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:25 GMT
content-type: image/webp
content-length: 69166
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=117635
content-disposition: inline; filename="b87aac99bbd03a02888546a08d17b466.webp"
request-id: cfdf9f0a-909e-4f03-9d79-18ad9fc94ff2
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Wed, 21 Feb 2024 07:18:12 GMT
cf-cache-status: HIT
age: 4773981
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xYrBfRMPWJy36JRXmna3R%2Bm11TKFqyoN3bAWb46NhNoIhT%2BPdatfku00EBX6tKnrSUIj8bxWcwJ8GValp4BOPGvfBtk%2FBi2E74yBK26sPD0YwfnMjtdHT07AAFzUxDEw4bs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=21.999836
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d813fda21c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/c80e7270b6c98dd3e322f70f9a74991e.png | 104.19.235.103 | 200 OK | 49 kB |
URL GET HTTP/3img.staticdj.com/c80e7270b6c98dd3e322f70f9a74991e.png IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashe27f5f615b5930b51a047d2b0d592000 95c81f53184a61065aece44baaed693a161c39ad 9e45ed2d61fb56cd6e8f178566a794554355408531319f566b78e86fc93d213d
GET /c80e7270b6c98dd3e322f70f9a74991e.png HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:25 GMT
content-type: image/webp
content-length: 48948
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=83317
content-disposition: inline; filename="c80e7270b6c98dd3e322f70f9a74991e.webp"
request-id: 12589264-0535-4c27-8114-f9699de3d2f2
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Wed, 13 Mar 2024 20:29:12 GMT
cf-cache-status: HIT
age: 2540106
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GIVOfUdJzFp%2F%2FYCBXLgpDEkbYIx27kLydnyPGP8Ctp%2Bjc%2FDRmRkWeatH3xXitIB6iAJUqG%2BSLth2bQLmLIEYIEc3jc26jZ29vlNf2U6Es9Y7j3atw4ZuK2mbtD%2FE4xxYm9U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=25.000095
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d813fdac1c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/2374bf3561a464876edb3bc32113e8c2.png | 104.19.235.103 | 200 OK | 105 kB |
URL GET HTTP/3img.staticdj.com/2374bf3561a464876edb3bc32113e8c2.png IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Size105 kB (105384 bytes) Hashb8a9a8b11cfa4355c2bd061448263df7 f6973877a03918c6370afba48675782b124a35b2 27f93e215aaf90d8d6a44707b508dd79356b3f291d7ec1b0a11799a9f2c2c650
GET /2374bf3561a464876edb3bc32113e8c2.png HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:25 GMT
content-type: image/webp
content-length: 105384
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=135462
content-disposition: inline; filename="2374bf3561a464876edb3bc32113e8c2.webp"
request-id: e60920f5-bb2f-42bb-b2cb-bddb5ba7c591
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 20:09:37 GMT
cf-cache-status: HIT
age: 3398662
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=muwFBvUjmR89HX9VZWFuWC1DU3ZXUmpNthMr1E1YNPunm5%2BXAcgK6Nlk5qtvwyB%2F%2B%2BPDNx9NEy6%2Bk3HqIWyiP6x3B80SahGel4O4QHLJHHMLA75gjZEi3IOTvSCCifpgQgE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=26.999950
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d8140db41c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/cdn-cgi/challenge-platform/h/b/jsd/r/8797d7f5981bb515 | 188.114.97.1 | 200 OK | 0 B |
URL POST HTTP/3www.rosequake.com/cdn-cgi/challenge-platform/h/b/jsd/r/8797d7f5981bb515 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/jsd/r/8797d7f5981bb515 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12150
Origin: https://www.rosequake.com
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: _gcl_au=1.1.68093794.1713980064; _ga_B1QS3P765Z=GS1.1.1713980065.1.0.1713980065.0.0.0; _ga=GA1.1.1956862707.1713980066
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: cf_clearance=ud4b0tQM_RPRYCBzel8WrYCy3OCdM2MqVtBAgN7TT9c-1713980066-1.0.1.1-OnuGn2oEFweWO2770CCul0RU4shkIZV_VsW5NlbBGmUgXc5lUkyUmQhMH8G0U5DrALg0DTz2P71A0OF7GMURzw; path=/; expires=Thu, 24-Apr-25 17:34:26 GMT; domain=.rosequake.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UdV0hbyIaes%2FlgEllnqme59ZgvH32DFbloZmBqW%2Bv1pI%2BDsOn6qeQ9ks3om8XT9qVzQL9k7Cw9sSN%2Bo2eDrG%2FHFr8mAh9maOWw3W6JlLYHbudhqYMNEK4DrTVy3nEBvjJ7bLhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797d81818ed56a8-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/45a2c95a69cd27a85ef342bf2daa3c00_100x.gif | 104.19.235.103 | 200 OK | 24 kB |
URL GET HTTP/3img.staticdj.com/45a2c95a69cd27a85ef342bf2daa3c00_100x.gif IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashb015fe5843ec4ee5498184ac437d459f 0c4639d22722561f1d9497c59dc566045a8cdb11 a4a6cde65a86e5f12012f31a1e64b958244fc90395346fd43701a4385cfba28a
GET /45a2c95a69cd27a85ef342bf2daa3c00_100x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/webp
content-length: 24518
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=26770
content-disposition: inline; filename="45a2c95a69cd27a85ef342bf2daa3c00_100x.webp"
request-id: 162a42e8-c479-4617-a490-bf2e2c869789
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2024 12:51:34 GMT
cf-cache-status: HIT
age: 1143700
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AI7NdqWVyS9bUlKwieI8RXLDpxNTCIrbAq2qWBtzO01A4MDULeIXpznP3cv0pYSENbCJwukaSVmFQYqHb6drUtk2uxxuKKpxyhwUUDEdYLkREGYJOgluHr3UmTokoYi0XAU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=13.999939
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d8189a381c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.fantaskycdn.com/827b999bb490bb551615f723ad42c609.png | 104.18.21.211 | 200 OK | 48 kB |
URL GET HTTP/2img.fantaskycdn.com/827b999bb490bb551615f723ad42c609.png IP104.18.21.211:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectfantaskycdn.com Fingerprint28:2C:B4:60:08:32:85:B2:44:72:D4:B2:9F:55:62:DD:46:3C:5B:0F ValidityMon, 26 Feb 2024 11:44:05 GMT - Sun, 26 May 2024 11:44:04 GMT
File typeRIFF (little-endian) data, Web/P image Hasha77a437fff004d66111aa4e5d3ec78bf 6c78397103079d3cc58c5097b6a3ad1cb349f9e1 22d17248e9743be6da4f957f531503df1a875eb8091019718bcfd773099a8876
GET /827b999bb490bb551615f723ad42c609.png HTTP/1.1
Host: img.fantaskycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/webp
content-length: 48354
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=86396
content-disposition: inline; filename="827b999bb490bb551615f723ad42c609.webp"
request-id: 07a7dbd1-0805-4995-beed-13db4da529c0
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Apr 2024 22:54:57 GMT
cf-cache-status: HIT
age: 1143699
expires: Thu, 24 Apr 2025 23:34:26 GMT
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d818a9837131-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img.staticdj.com/e33588be6cde09c48fb6e061a2688ebb_100x.gif | 104.19.235.103 | 200 OK | 3.8 kB |
URL GET HTTP/3img.staticdj.com/e33588be6cde09c48fb6e061a2688ebb_100x.gif IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash2f02bb779ddb9bdb398e0fefdd465349 ba99cb7cb9caca4daac8c9da27a6a58a612cf742 fae85899b8b333f33bb0e5a15aea0948f15c27b4a2f8fdd53762ef3b037ff1a2
GET /e33588be6cde09c48fb6e061a2688ebb_100x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/webp
content-length: 3810
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=6119
content-disposition: inline; filename="e33588be6cde09c48fb6e061a2688ebb_100x.webp"
request-id: 27a6a0a7-3e31-4fb6-91b7-b2d73c05f98b
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Thu, 11 Apr 2024 22:51:43 GMT
cf-cache-status: HIT
age: 525552
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5nITI9idYtMVQPoBr6o2sqOrd9HZW4QvFdNWG%2F717UTojwsBKXMx1yaRfybMqjEbvUv8kB6Jpt%2F11tDmgjybzyLFJhHTeHGEIODTj4xqAXo8Oeg6w4u2GHXEoyiDL%2BCQiRk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=29.999971
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d8188a2a1c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/images/favicon_RoseQuake/favicon.ico | 188.114.97.1 | 200 OK | 50 kB |
URL GET HTTP/3www.rosequake.com/images/favicon_RoseQuake/favicon.ico IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeMS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel Hashf033c0b4ab01e492fb3fadb6ca951f06 33e214cc88ca96bb5ab7e5bab69ff93f0f67aa43 26b0ccd197318f6eafe8f4edb28a004830152274194774fe6821c6c3abdb38b3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/favicon_RoseQuake/favicon.ico HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: _gcl_au=1.1.68093794.1713980064; _ga_B1QS3P765Z=GS1.1.1713980065.1.0.1713980065.0.0.0; _ga=GA1.1.1956862707.1713980066
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:25 GMT
content-type: image/x-icon
last-modified: Tue, 03 Oct 2023 09:59:06 GMT
etag: W/"091d83ee0f5d91:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2106
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G1fGs1cDtRrFjOs5JkX0f2fVungNvfi2FnJ0AxYXQfiKNqiUkxX3Q267atTL59rYtO1WI%2FFXepCoThlMCLQRcTBLo4q9wBFm6cWEkNqo8X1ToncXrvtArp2ovxx8rPQnilw6QA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8797d8138bad56a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/ajax/user_view_history.aspx?r=0.5791473397938113 | 188.114.97.1 | 200 OK | 36 kB |
URL GET HTTP/3www.rosequake.com/ajax/user_view_history.aspx?r=0.5791473397938113 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
Hasha534a0ad2293f08580ea55206a7658f4 a76b0af8e2c603f7598c4ddd7029d91ef95ed94f 35ebeae4548c6d2023e8c71e0ca9ebac705b5e9faad5cc90317515a1680911c2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ajax/user_view_history.aspx?r=0.5791473397938113 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: _gcl_au=1.1.68093794.1713980064; _ga_B1QS3P765Z=GS1.1.1713980065.1.0.1713980065.0.0.0; _ga=GA1.1.1956862707.1713980066
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: text/html
cache-control: private
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jsU8FAGxLCPeBDtxRMVUugOlzh9vSc4JHskTYffWO0og1%2Fo9S1ESQG4Z6TxTIFT8AscvY37sx%2FNgwsN0t2rnbfaSnFqZtieR0i8FCYBJkgfVgdJX7pp%2FPZm1VXwblTGXLeXDXA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797d8140c5956a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| img.fantaskycdn.com/320c89a9b737fb5846663b47a6adb4e4_600x.png | 104.18.21.211 | 200 OK | 230 kB |
URL GET HTTP/2img.fantaskycdn.com/320c89a9b737fb5846663b47a6adb4e4_600x.png IP104.18.21.211:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectfantaskycdn.com Fingerprint28:2C:B4:60:08:32:85:B2:44:72:D4:B2:9F:55:62:DD:46:3C:5B:0F ValidityMon, 26 Feb 2024 11:44:05 GMT - Sun, 26 May 2024 11:44:04 GMT
File typeRIFF (little-endian) data, Web/P image Size230 kB (229610 bytes) Hash82d3cd9af783dc2a08b87f5069922b8b 9b3c3cefc8677a2254ac01e1751256888ec15275 dce44ec6dd6e2783bcf642d98f0c07d23c4f5ce7ef4a31de1f7216e90625e4b1
GET /320c89a9b737fb5846663b47a6adb4e4_600x.png HTTP/1.1
Host: img.fantaskycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/webp
content-length: 229610
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=537694
content-disposition: inline; filename="320c89a9b737fb5846663b47a6adb4e4_600x.webp"
expires: Thu, 24 Apr 2025 23:34:26 GMT
request-id: 3d381144-fe18-4443-8312-1e27d1060c06
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 3d381144-fe18-4443-8312-1e27d1060c06
x-xss-protection: 1; mode=block
last-modified: Thu, 18 Apr 2024 11:54:05 GMT
cf-cache-status: HIT
age: 525552
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d818b9a17131-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img.staticdj.com/bd2be3f97a8263d0c341798c28f90346_100x.gif | 104.19.235.103 | 200 OK | 3.5 kB |
URL GET HTTP/3img.staticdj.com/bd2be3f97a8263d0c341798c28f90346_100x.gif IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hasha54fff23d8193dcb16a5de6ecb236bf2 3eafc61d33c7ad871e5ef7ef10a9a9b69357e250 2b1217d010a990cb46e54c2fb7a92f872332a08b06aa807a2f69992d860580b5
GET /bd2be3f97a8263d0c341798c28f90346_100x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/webp
content-length: 3460
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=6844
content-disposition: inline; filename="bd2be3f97a8263d0c341798c28f90346_100x.webp"
request-id: 99328114-fabd-487a-93a0-19541baab3f3
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Fri, 19 Apr 2024 11:35:33 GMT
cf-cache-status: HIT
age: 441530
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bU9TuX7biOGiphUW2zpkX%2FhN5wL8dt%2BCilkKVQA6YQvqTSrhXeDKXei%2FjY%2FTCEWCIP8%2BH%2B0Yi5WZfFo39jl59VTd9NGJF1JFbmp4GHUPtUhB%2FYdoM9SHkh9K%2B5wtUa9gHrg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=14.000177
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d819eb591c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.fantaskycdn.com/d7d3c1935ec493796e9ea29c1c72fa35.png | 104.18.21.211 | 200 OK | 36 kB |
URL GET HTTP/3img.fantaskycdn.com/d7d3c1935ec493796e9ea29c1c72fa35.png IP104.18.21.211:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectfantaskycdn.com Fingerprint28:2C:B4:60:08:32:85:B2:44:72:D4:B2:9F:55:62:DD:46:3C:5B:0F ValidityMon, 26 Feb 2024 11:44:05 GMT - Sun, 26 May 2024 11:44:04 GMT
File typeRIFF (little-endian) data, Web/P image Hash15fba0b1d6e41d214d7ab9031a2516a1 260d5b5e284d6e69f2b774c298d7a9eb6044fa3a 67722342495e164a8f4eeb967474d8f1a56e21b5aa2012af6d9a7ee904bf8a42
GET /d7d3c1935ec493796e9ea29c1c72fa35.png HTTP/1.1
Host: img.fantaskycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/webp
content-length: 36064
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=78274
content-disposition: inline; filename="d7d3c1935ec493796e9ea29c1c72fa35.webp"
request-id: a2280487-077a-43e8-b5d7-f5471b674033
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Wed, 17 Apr 2024 21:36:52 GMT
cf-cache-status: HIT
age: 441530
expires: Thu, 24 Apr 2025 23:34:26 GMT
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d819ecbb56ba-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.fantaskycdn.com/13ed9a20da4686310481089ced22245c_600x.JPG | 104.18.21.211 | 200 OK | 98 kB |
URL GET HTTP/3img.fantaskycdn.com/13ed9a20da4686310481089ced22245c_600x.JPG IP104.18.21.211:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectfantaskycdn.com Fingerprint28:2C:B4:60:08:32:85:B2:44:72:D4:B2:9F:55:62:DD:46:3C:5B:0F ValidityMon, 26 Feb 2024 11:44:05 GMT - Sun, 26 May 2024 11:44:04 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], progressive, precision 8, 600x1059, components 3 Hashb9ad1f4b7fb9840363a9b893856d6a28 aa28392d4f8c3dfa7fa459ea34152c0d53f05dcd d8e9545e688f68cca472e98e8b61042f122feb10e4b4900e1a4f5f357048ae41
GET /13ed9a20da4686310481089ced22245c_600x.JPG HTTP/1.1
Host: img.fantaskycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/jpeg
content-length: 98074
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origSize=98176
content-disposition: inline; filename="13ed9a20da4686310481089ced22245c.jpg"
expires: Thu, 24 Apr 2025 23:34:26 GMT
request-id: 176dab8e-88d1-418d-89d4-5e7f2db14a2b
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 176dab8e-88d1-418d-89d4-5e7f2db14a2b
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2024 14:24:27 GMT
cf-cache-status: HIT
age: 441530
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d819ecbd56ba-OSL
alt-svc: h3=":443"; ma=86400
|
|
| global.akating.com/static/images/country/RU.png | 172.67.165.29 | 200 OK | 339 B |
URL GET HTTP/3global.akating.com/static/images/country/RU.png IP172.67.165.29:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectakating.com FingerprintA8:7E:17:08:6D:10:CF:53:D4:98:D4:CE:50:7C:4A:15:9B:62:1D:62 ValidityFri, 19 Apr 2024 10:57:59 GMT - Thu, 18 Jul 2024 10:57:58 GMT
File typePNG image data, 120 x 80, 8-bit/color RGBA, non-interlaced Hash793e22ff1f1919260bf5dfbfa4f49536 380584aaae3e07373545f567609e2dd3b0da1399 3155f1bcf967e2d240cdf21dab23ed98c92c2a4e9b77ccf3dbe9418c3ba053ca
GET /static/images/country/RU.png HTTP/1.1
Host: global.akating.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/png
content-length: 339
last-modified: Sat, 16 May 2020 04:28:08 GMT
etag: "8ed0c2663a2bd61:0"
x-powered-by: ASP.NET
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 2108
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HzGI0HfW6B8tUTdd55%2FM6KmVUMHdPiqtQStCrFYXw7oZLlAXSk5Zz%2FE%2BGWjMaOYt27C5qP9phRNlG0Y1G8nZJctR%2FzqwKjllNiTOTT24F0ijCB%2BDAokVOmvxqhbo3LeHmTjVEaA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8797d81a2bc1712e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| global.akating.com/files/ExchangeRate.js?v=cac22025232-20240425 | 172.67.165.29 | 200 OK | 3.1 kB |
URL GET HTTP/2global.akating.com/files/ExchangeRate.js?v=cac22025232-20240425 IP172.67.165.29:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectakating.com FingerprintA8:7E:17:08:6D:10:CF:53:D4:98:D4:CE:50:7C:4A:15:9B:62:1D:62 ValidityFri, 19 Apr 2024 10:57:59 GMT - Thu, 18 Jul 2024 10:57:58 GMT
File typeASCII text, with very long lines (10593), with no line terminators Hashfc715516fb030cd6858f16981ad2650c 9dc67c87ac8e4933d978c9b11a57b61d0755c6a2 c17ded04681c173e9e34c83d8666542405c276bf078da5ec06adf12ac815bbe7
GET /files/ExchangeRate.js?v=cac22025232-20240425 HTTP/1.1
Host: global.akating.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: application/javascript
last-modified: Tue, 28 Nov 2023 20:40:27 GMT
etag: W/"802f711e3b22da1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 5635
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p8ACOLQfeXwt2KgazPwL3BPtwX78KB1r9oaqkYe03yZxGuim9YCRfbz%2FXNmv3lo0lf8EIyzx6X4XG85mZRLktA00DRHxtqeaePV2XmzqXVEcs746XPCLbfpyzi1u9wCYz0y%2FyxU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797d8068856b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.rosequake.com/static/lib/jquery.elevateZoom/jquery.elevateZoom.min.js?v=cac22025232-20240425 | 188.114.97.1 | 200 OK | 5.9 kB |
URL GET HTTP/3www.rosequake.com/static/lib/jquery.elevateZoom/jquery.elevateZoom.min.js?v=cac22025232-20240425 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeJavaScript source, ASCII text, with very long lines (1299), with CRLF line terminators Hashc4ab6fa36490a0cccc26ac7bbdd04c89 84c2e019f93a8db7c1607d6d9a74e3f2f9f11e00 f83b8845cc1020d205c0e74e9d68882bdda292334a8d4e4c9cddf5d7ce07e3d7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/lib/jquery.elevateZoom/jquery.elevateZoom.min.js?v=cac22025232-20240425 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2022 06:06:44 GMT
etag: W/"0b2bf316db0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5635
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NhJ%2BvAH4fmZFdIEcxnYKs8x1vWr%2FLOUKwjJz1xiPk6NH6gcsUv1yHq0ifo8h9FQiAn%2BJTq8xC5N8kPdTcv3sUgmIaxaIUAdLC3656X0xW4DYQAvqiwnszR6ExQU4VEEISb9hPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797d8059b6b56a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/859b076550ebcc4204818a464b0e76d1_100x.jpeg | 104.19.235.103 | 200 OK | 5.0 kB |
URL GET HTTP/3img.staticdj.com/859b076550ebcc4204818a464b0e76d1_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashfe7359946541eae7f72fc32fb9a8647e 9a842bc5c44da6841d3de24a2bc4f3eb59d0fb11 251cb6002ca819e00a40ee07169c137d113f6eea202dcd480cf3d463d9ec5f7d
GET /859b076550ebcc4204818a464b0e76d1_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/webp
content-length: 5026
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="859b076550ebcc4204818a464b0e76d1.webp"
expires: Fri, 08 Mar 2024 06:51:30 GMT
request-id: 8d3d0442-ee35-4251-8a02-9d12f670b57a
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 8d3d0442-ee35-4251-8a02-9d12f670b57a
x-xss-protection: 1; mode=block
last-modified: Fri, 08 Mar 2024 05:51:30 GMT
cf-cache-status: HIT
age: 3398663
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tp5rydALeuJB08KaL2lhq7B%2FSs0jdx9l7UPwgZE%2F3e97gpZCItDJ40A%2Bi0%2FI2AFW%2BCI1r%2BBHuE1Bolwo06RbaBW045YXum6F%2Bc%2F0yXYpT2PffL5Q82XHrt8gZqcO8Sfq%2BN4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=14.999866
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d81a2b971c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/d4a340ce46744f358a4d324fe7dffc27_100x.jpeg | 104.19.235.103 | 200 OK | 4.0 kB |
URL GET HTTP/3img.staticdj.com/d4a340ce46744f358a4d324fe7dffc27_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash1d1cc3259f964e63a095acd3d0d2d3fc ad510ac4bbed99617c82f067b4ca0319c2dc792a d7f6a4632b5fdd255e7360c4dba402fab4a87ee8ec97afe519872eda47937065
GET /d4a340ce46744f358a4d324fe7dffc27_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/webp
content-length: 3998
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="d4a340ce46744f358a4d324fe7dffc27.webp"
expires: Wed, 10 Apr 2024 15:24:27 GMT
request-id: 48869618-ef5b-41ce-abb6-04bf991914bb
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 48869618-ef5b-41ce-abb6-04bf991914bb
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2024 14:24:27 GMT
cf-cache-status: HIT
age: 887737
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6f4mU3lEvRjpnw2cQavYRfgvs2b4lA8zckfsdQOVrH%2BkYvCH96wq5xDqsLTfg4b5fNTjezyYPk4MMQMWG3dAsjkwfla%2Bdh1yxpMRysP2zCoCngdnm8w3JZW08Or0vjrqpEY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=14.000177
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d81a2b9a1c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| global.akating.com/static/images/country/US.png | 172.67.165.29 | 200 OK | 1.7 kB |
URL GET HTTP/3global.akating.com/static/images/country/US.png IP172.67.165.29:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectakating.com FingerprintA8:7E:17:08:6D:10:CF:53:D4:98:D4:CE:50:7C:4A:15:9B:62:1D:62 ValidityFri, 19 Apr 2024 10:57:59 GMT - Thu, 18 Jul 2024 10:57:58 GMT
File typePNG image data, 120 x 80, 8-bit/color RGBA, non-interlaced Hash8d4c6abfb5a2710d832c9ccefe0aee40 fdb1f9fe27953b701fbd8c37b201c99e33910d77 4a22c5ebceef499edbb389f78c5d81fd3b1fcb43528adf5fb00fc40e2d9205bc
GET /static/images/country/US.png HTTP/1.1
Host: global.akating.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/png
content-length: 1662
last-modified: Sat, 16 May 2020 04:28:09 GMT
etag: "2afc4673a2bd61:0"
x-powered-by: ASP.NET
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 2108
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0%2FJU4meKXEck%2BIumrW6qPHr2fy1R7%2BDj1EbB6O1zx10xrgLUqI3B8vj4uKjN3%2BAKOnNCTLUMB4SOeEnmEOXivkiy9nZEkYsL3vv7Qtzijuxy3QDmtZ7cI%2BmiSyfPjZ0GGp%2FOGOQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8797d81a3bd9712e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/f8e07c16204b3275d317716ba745c3cb_100x.jpeg | 104.19.235.103 | 200 OK | 3.9 kB |
URL GET HTTP/3img.staticdj.com/f8e07c16204b3275d317716ba745c3cb_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashe152e1ef0f56a2cdcc94c35f82e65e39 2799d8ae9f98950cbb9b483b008c00cca0261f1a 6a24447bb7aeac36ea1f562d25991e8391ff58f622522da6c967a7c903bbb497
GET /f8e07c16204b3275d317716ba745c3cb_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/webp
content-length: 3870
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="f8e07c16204b3275d317716ba745c3cb.webp"
expires: Wed, 06 Mar 2024 20:06:11 GMT
request-id: 08561db1-25ba-4ce8-aa0e-dd4306916683
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 08561db1-25ba-4ce8-aa0e-dd4306916683
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 19:06:11 GMT
cf-cache-status: HIT
age: 550724
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V%2BXW81AMEyJAEdldz93SqKvOyH%2B1ON28AlxuO4HRqGV3i0hRhY6qIvIXanqQUwVzLkGNuXe2HQtWlMzXCbvLiDEI0TgyoYCf5zWTDHMD0LDJVeTI1cLcTOxLtmF9QYzoyBc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=19.999981
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d81a2b941c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/c0e7c8a730a4dd28ef807f72cb292f64_100x.jpeg | 104.19.235.103 | 200 OK | 4.9 kB |
URL GET HTTP/3img.staticdj.com/c0e7c8a730a4dd28ef807f72cb292f64_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hasha24b8f7ca9b2b2aa64f93a540efe9367 30e1c9048df38990b9d0dd4e63388d82d5a237ac 6cc5bcbbbda841e4d9d4aaa923c8f32bf7eb70d4a92a19238ea4be7c34f23e67
GET /c0e7c8a730a4dd28ef807f72cb292f64_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/webp
content-length: 4856
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="c0e7c8a730a4dd28ef807f72cb292f64.webp"
expires: Wed, 10 Apr 2024 15:24:27 GMT
request-id: f9882d34-330a-4335-96bd-ebfd0894ba77
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: f9882d34-330a-4335-96bd-ebfd0894ba77
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2024 14:24:27 GMT
cf-cache-status: HIT
age: 654980
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SbLYcW9YJprv1R5d%2BcYJar093ZYzyDxqFwJJpoS2DbV%2FGaqBnAQlKLi8E1HbVCsWEKW5iBAUlIHfobhiZ2vPoDv2kFx0qblXGpZ%2F6iPkHFWdgf2ODUFSKXNmGWFsQXfxfkY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=22.000074
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d81a2b951c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/0bca6197e2f237c278b094fbf18ce611_100x.jpeg | 104.19.235.103 | 200 OK | 2.3 kB |
URL GET HTTP/3img.staticdj.com/0bca6197e2f237c278b094fbf18ce611_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash4931fc397659b100726fa8468f144f8f 3a1eb1ce848c415578bbb343c507d990230bf3c0 aa252b2ee479b70900739c527fd08ace6585df0d0c6f58b4dabaea18b75d1713
GET /0bca6197e2f237c278b094fbf18ce611_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/webp
content-length: 2348
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="0bca6197e2f237c278b094fbf18ce611.webp"
expires: Wed, 06 Mar 2024 23:33:57 GMT
request-id: 8a1c6abb-c6aa-4ba2-874e-3343a53532b1
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 8a1c6abb-c6aa-4ba2-874e-3343a53532b1
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 22:33:57 GMT
cf-cache-status: HIT
age: 2540107
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7HxEswWyUH1XiTldeaOt3Xw0uLZPkuIcacZGSW9ugM1kBZZYn77y6Sp8MkJzZhE2B1Pfv29XmdcQ0FBdUrfJ4zIl3NJ44xHgKvf14OacUH0Y8pw5vJA47vohtRa9VlGyfNM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=14.000177
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d81a3ba51c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/b63ef38ff60cb0522be49f9cb061aaa9_100x.jpeg | 104.19.235.103 | 200 OK | 7.9 kB |
URL GET HTTP/3img.staticdj.com/b63ef38ff60cb0522be49f9cb061aaa9_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashecbaf1b4d3c71b95ddae6fd5fe22043d 2fe54209b696f37c0487e58e81c0e66d717aef9c 986a8f15245e0a37283c7d0cd57318ef01120a17d974f4e34f3dbc09b98cb50c
GET /b63ef38ff60cb0522be49f9cb061aaa9_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/webp
content-length: 7886
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="b63ef38ff60cb0522be49f9cb061aaa9.webp"
expires: Wed, 06 Mar 2024 21:09:38 GMT
request-id: c13116fa-f8f4-46c7-8df1-b5360a7d9752
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: c13116fa-f8f4-46c7-8df1-b5360a7d9752
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 20:09:38 GMT
cf-cache-status: HIT
age: 550724
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hgpBcHwDbtXmcJ45yMic8ofFQi9zRvtHdyLbBkF9F6hfXvfwmEQeIGegbtuUg5MKdyCBXjiGpqF6vj%2Bqp%2FX%2FeKqdtTdPk55BZThQ5VbjqYx1347HfoxZaLuWBGYy%2Bv7fFCo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=18.000126
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d81a2b9f1c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/509669b0dcedb24946c68f508b7d15b5_100x.jpg | 104.19.235.103 | 200 OK | 2.0 kB |
URL GET HTTP/3img.staticdj.com/509669b0dcedb24946c68f508b7d15b5_100x.jpg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash9da0c50c4f73310154a41d291b29e96e 4d00ccf2f146b253300004924818e182e9c1fe39 4ef972704c40f6af71e86ff5e3d7beb1562430de320bb3e749d083efe4d67032
GET /509669b0dcedb24946c68f508b7d15b5_100x.jpg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/webp
content-length: 1966
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="509669b0dcedb24946c68f508b7d15b5.webp"
expires: Fri, 22 Mar 2024 14:00:33 GMT
request-id: 585b675f-aeeb-46df-b84a-8006e16277cc
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 585b675f-aeeb-46df-b84a-8006e16277cc
x-xss-protection: 1; mode=block
last-modified: Fri, 22 Mar 2024 13:00:33 GMT
cf-cache-status: HIT
age: 550724
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nRzB2oDZnJoOzKTS49BRlSL6Q9YjEEKwM%2Bwl4B1jBFKQan14Cr5ZXX1IzOxoO37pGgO8haEtllK%2Bt48lrlVgxwUInI6pMcaZHqssQvx7%2FO433aHXnKG4NyTSICmuXDztfrY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=19.999981
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d81a2b9b1c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/06492e93ca2119d0630f802a7e1ff44f_100x.gif | 104.19.235.103 | 200 OK | 4.8 kB |
URL GET HTTP/3img.staticdj.com/06492e93ca2119d0630f802a7e1ff44f_100x.gif IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashb6f2cf67555c16d87455ae59d30772db aa5335a17b64cf596791f2212f6b38181ed870e2 efdd757999715a9a87df5aa50e8bec49252c4278d34779a911ffe5697ac957ed
GET /06492e93ca2119d0630f802a7e1ff44f_100x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/webp
content-length: 4790
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=8611
content-disposition: inline; filename="06492e93ca2119d0630f802a7e1ff44f_100x.webp"
request-id: 46cf847a-596c-4725-bbb9-31c6f19098f4
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 22:44:04 GMT
cf-cache-status: HIT
age: 1143700
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XAQNaGhNWXbEdhy%2F1JLuj7exvPAiEAqH%2FM2GCj5EcPhZjZXDSxY9WQpFk2WxehmfLHNweG5%2BFWlIR5kxvE7ug35tgoMmXEN0Hu8yVfO7wDm0OsvYI7K9BhgiB0XOy0Bx820%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=13.999939
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d81a3ba71c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/dd2f847011f9155460b01f52deeed91d_100x.jpeg | 104.19.235.103 | 200 OK | 7.1 kB |
URL GET HTTP/3img.staticdj.com/dd2f847011f9155460b01f52deeed91d_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash1128c40e76cd48449ad772f6e19089ac 2d8d89e3b76cae4f2035e8b14ca339d19784ba2e 6a8522e0ed15bebf6fed9dc5256fdc72afbdf6a3e272bd2ccd6f33b7be7b114c
GET /dd2f847011f9155460b01f52deeed91d_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/webp
content-length: 7094
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="dd2f847011f9155460b01f52deeed91d.webp"
expires: Wed, 06 Mar 2024 20:02:00 GMT
request-id: 318844bd-34b4-4d5d-873f-44fa6cab3acf
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 318844bd-34b4-4d5d-873f-44fa6cab3acf
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 19:02:00 GMT
cf-cache-status: HIT
age: 1072223
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hMixb%2FSVecRcrBIs1ZPQNnNDal%2Bh%2FI7ca38IcVSZYIX6%2F1TLHvyGbQZ2EB0FTjYj6%2B%2FKjWQPm%2FQF2bmXNhd%2BSqIrWRRxxDZz5ijNpVfK%2Fn3%2Bxeq1hPayig%2BdfRgHC86rfPo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=19.999981
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d81a2b9d1c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/bab7df84c94a403c00a0e4dc7dba2b59_100x.jpeg | 104.19.235.103 | 200 OK | 6.7 kB |
URL GET HTTP/3img.staticdj.com/bab7df84c94a403c00a0e4dc7dba2b59_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash9ea0fedf1d8f2c80fa822762ca4a6eae c92733b5af62413fcdfa7007ead0f231d690e01e 1d34b017428f695b9583036322927ee0d89e92a3bdd6cebe58c94fb043235563
GET /bab7df84c94a403c00a0e4dc7dba2b59_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/webp
content-length: 6680
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="bab7df84c94a403c00a0e4dc7dba2b59.webp"
expires: Fri, 08 Mar 2024 06:23:51 GMT
request-id: cacd44b8-ab45-4b81-bf1d-09f37840e4c1
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: cacd44b8-ab45-4b81-bf1d-09f37840e4c1
x-xss-protection: 1; mode=block
last-modified: Fri, 08 Mar 2024 05:23:51 GMT
cf-cache-status: HIT
age: 2540107
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RLsJUfphdgJXdLLaooyohxZwLuKvbpjBLDsk6ThP%2BH5N1SVdYXXlZmsTKQa93ofX2YCHGcNsU%2BVpqMg2UNGhRsg98CavrJlkga%2FaospFCp2OqxuaUuHzYme7%2B9t3f1Cfo9c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=17.999887
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d81a3ba21c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/41b845def7e42bc7961689e9013d6eec_100x.jpeg | 104.19.235.103 | 200 OK | 8.3 kB |
URL GET HTTP/3img.staticdj.com/41b845def7e42bc7961689e9013d6eec_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash43fe7306dba178012b0dd66f571c08da 1101a6dc7beac9b33ac596fdac099426c2a2fadc 86c72c75bc10c29a434cfee02dcf017dbb7f43ca930d4172bdae036eff2d465c
GET /41b845def7e42bc7961689e9013d6eec_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/webp
content-length: 8294
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="41b845def7e42bc7961689e9013d6eec.webp"
expires: Wed, 10 Apr 2024 15:24:27 GMT
request-id: 6d91a8f6-6132-438f-b2be-ca5dfdd3da0e
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 6d91a8f6-6132-438f-b2be-ca5dfdd3da0e
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2024 14:24:27 GMT
cf-cache-status: HIT
age: 1143700
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VAfaQAQ2uEvC55RyggrYpIw8u9UTud1KANi2JdSUwpw3tqobU7XUoL0UR3x8rV2tB7%2BoFxfJ59d30IKY2tBGg3xtX1Xt4ccr4XSm%2FzHFKEPF20rsy555A6Qgm48lmNhnGlo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=19.999981
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d81a3ba31c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/27779eaff6b7a7c50edbe7e82f0ad420_100x.jpeg | 104.19.235.103 | 200 OK | 5.1 kB |
URL GET HTTP/3img.staticdj.com/27779eaff6b7a7c50edbe7e82f0ad420_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash5705c377831b7547072fc32420d24220 d1f3502312f4fdb33b50608dbde7cd68e3c5d20e 057dea6dbb5dfbe45fd2e8c18e2cb44737e363a390142a2730bb0deb28ce5799
GET /27779eaff6b7a7c50edbe7e82f0ad420_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/webp
content-length: 5056
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="27779eaff6b7a7c50edbe7e82f0ad420.webp"
expires: Thu, 29 Feb 2024 06:04:02 GMT
request-id: b63c18da-eb6e-403c-993b-cf15787dae64
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: b63c18da-eb6e-403c-993b-cf15787dae64
x-xss-protection: 1; mode=block
last-modified: Thu, 29 Feb 2024 05:04:02 GMT
cf-cache-status: HIT
age: 4773981
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5%2BVsAZEt1Gsji2tb5gA4IE6wBQO5hmwinogtbsDrlFheFoNFtVozaaHASFwitDC9K4rbZuVTKg3DEc0xCFFNVGp8nol5lNtteEktZ6QbH7G%2FBwfdkHZOjpVIfkQA67g532M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=20.999908
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d81a3bab1c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/8da1e1a7efc32d52933797747822caad_100x.jpeg | 104.19.235.103 | 200 OK | 5.5 kB |
URL GET HTTP/3img.staticdj.com/8da1e1a7efc32d52933797747822caad_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashb8d6601b5dd6fced248d5ae1b3908f2c c7c69ff0ba15031f2054e75af3a5c64d0bbecce9 c488c65d3ca13fa9098c13f23f090838176968ccf0e4e5158a9943a6188fc864
GET /8da1e1a7efc32d52933797747822caad_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/webp
content-length: 5468
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="8da1e1a7efc32d52933797747822caad.webp"
expires: Wed, 06 Mar 2024 20:02:02 GMT
request-id: 71063f1c-84a3-486f-93bc-6a350396ead9
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 71063f1c-84a3-486f-93bc-6a350396ead9
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 19:02:02 GMT
cf-cache-status: HIT
age: 550724
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fVFGc7lN6gJV0mJdeiXW3rYvApySu2kbHcqvz7vC3erTM5nRiP3PYIU5vZbefvPOpaJyinLJE1zc3tZHPt1FzWp4KWUxk22Ao9IMbMZcJyPc1gfPou1JfWQMtOfo6G%2BvJLU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=16.000032
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d81a4bb31c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/de4fef1b05b5f0293d6da27bf9e0b08d_100x.gif | 104.19.235.103 | 200 OK | 10 kB |
URL GET HTTP/3img.staticdj.com/de4fef1b05b5f0293d6da27bf9e0b08d_100x.gif IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashf2380f44185ac131e1c0006431820336 70cc1a582645574994f4c8ab0ee5dadd439a68a8 7abc9aea7d80701fd38d241fb1a79863a900a2abad12bbb4a969642b3f6d25eb
GET /de4fef1b05b5f0293d6da27bf9e0b08d_100x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/webp
content-length: 10206
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=15145
content-disposition: inline; filename="de4fef1b05b5f0293d6da27bf9e0b08d_100x.webp"
request-id: 41f84ad3-12b9-4cfe-891e-7be0fc0f448b
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Apr 2024 21:57:08 GMT
cf-cache-status: HIT
age: 525559
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VxSAIeL5wLVNwh6eXQI9joWshCP31ytdvCZtLZgNt2N4J0mcCH8uOMRfJUsT%2BhtmP4g8CYjmZMPt13R7e9KhVwtXjF0h4HlO9gOBpC5h1sJySPBBihZm%2FyIRdIJzL6UGJW0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=15.999794
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d81a4bb51c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/9d9dbd8ea6715a73d4d5cb2ce1725091_100x.jpeg | 104.19.235.103 | 200 OK | 1.2 kB |
URL GET HTTP/3img.staticdj.com/9d9dbd8ea6715a73d4d5cb2ce1725091_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash1d17aa8bb93899e1ff114b3e6d7cb4f4 03fd77ee47933914aba1bc1372cb4df2f3302e9d 923d4264aa50ec355e4e7588c8c2b433e83cd800ea6fb7a45187572e7203196a
GET /9d9dbd8ea6715a73d4d5cb2ce1725091_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/webp
content-length: 1168
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="9d9dbd8ea6715a73d4d5cb2ce1725091.webp"
expires: Sat, 23 Mar 2024 09:48:21 GMT
request-id: 0fcdb0ae-b792-4518-b0ff-0be574989c20
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 0fcdb0ae-b792-4518-b0ff-0be574989c20
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Mar 2024 08:48:21 GMT
cf-cache-status: HIT
age: 550724
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FfILUQlUm38JNtTNUlGba1KnvE9Ezvlf9K%2FFrynKNVovzVoLkpCDB6dCx8HfDb0GAaIzW8Q2fBOhj8qAKyR7INczQK0rRL%2FnXIy6%2BOSWg1oSG6gBPdP56J8MVfG3tHTf3Xo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=13.999939
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d81a4bb71c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/ff4edc9f8feb23fad74ef845533b1046_100x.jpeg | 104.19.235.103 | 200 OK | 3.1 kB |
URL GET HTTP/3img.staticdj.com/ff4edc9f8feb23fad74ef845533b1046_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashaea58abc1821b06e732cbf48902b0d3e fdc8d79a2c906037af1eb76bc3291c52356c12c7 f935a617dde7953226058623b60e00f0b3fd5041c12a10e440378868d5bbc441
GET /ff4edc9f8feb23fad74ef845533b1046_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/webp
content-length: 3142
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="ff4edc9f8feb23fad74ef845533b1046.webp"
expires: Sat, 23 Mar 2024 09:13:55 GMT
request-id: 4191f7d8-81e0-4791-a9bf-5c0941007ec4
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 4191f7d8-81e0-4791-a9bf-5c0941007ec4
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Mar 2024 08:13:55 GMT
cf-cache-status: HIT
age: 550724
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=923UW9YL4Bz7rliY1mV5si%2BUkqq0wvJzPqqSl0dPpqQKR5pzVEhgSzcErZ4cE9VQBag0E%2BkLX0XOl%2BVn7Vxu7AOS%2FNBjsTnmp01f%2FIT0Lsfgc8eLCuffpYPxd1FJD0Ru9xs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=15.000105
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d81a4bb91c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/b7ac1b47d7f7fc902a851d7f23e3dd77_100x.jpeg | 104.19.235.103 | 200 OK | 5.4 kB |
URL GET HTTP/3img.staticdj.com/b7ac1b47d7f7fc902a851d7f23e3dd77_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash9d0002b9d6279b0cd8aba311f21ad1c9 15ae4708187a343dd72d70b4891f676f0695ac75 42c7b978aac7e579e40943d18a132e2f33ab902d4d042eb0433254cb50c920b5
GET /b7ac1b47d7f7fc902a851d7f23e3dd77_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/webp
content-length: 5432
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="b7ac1b47d7f7fc902a851d7f23e3dd77.webp"
expires: Wed, 06 Mar 2024 21:09:38 GMT
request-id: f9b05066-3cd7-4765-8590-cedeabdd4f41
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: f9b05066-3cd7-4765-8590-cedeabdd4f41
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 20:09:38 GMT
cf-cache-status: HIT
age: 550724
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8bkvv7Wf92rM01JVTQhO34fwF0c5afAqcRaIJiPsIX6XvZoS1PDiGrcs9xIxtLxHj%2Bqi8790HM3HEOO8szFVmGqUXvVDj%2BDouzQ9ofNxLLoP17mdn8%2BtrjtQOUBxUAkNAbU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=22.000074
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d81a3baf1c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/e7a0a7e798092ef2c5aa9d37afa9af98_100x.jpeg | 104.19.235.103 | 200 OK | 5.2 kB |
URL GET HTTP/3img.staticdj.com/e7a0a7e798092ef2c5aa9d37afa9af98_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashe5ac08d5ca7814fda72e410b69e84e1a c30663198c84e979d505aa405c42492cf58c8c5e 99d82ef5165f59fb83a8fe8fcd6e1bf6b36ecf8d3f372b7e491d81dc01f6d901
GET /e7a0a7e798092ef2c5aa9d37afa9af98_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/webp
content-length: 5150
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="e7a0a7e798092ef2c5aa9d37afa9af98.webp"
expires: Fri, 08 Mar 2024 06:35:35 GMT
request-id: 7c026fce-d467-4649-81f5-2803c1b12ad3
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 7c026fce-d467-4649-81f5-2803c1b12ad3
x-xss-protection: 1; mode=block
last-modified: Fri, 08 Mar 2024 05:35:35 GMT
cf-cache-status: HIT
age: 887737
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B%2F46T9%2FrCjLIwVPF2prmb%2FAES5l6knSB2xb%2BblvfSmPAAlzi2trtBUBpeNvzbgPrPeuNWdy%2ByUxjcknmVZcxEx1gs8%2BKMtor%2BShvk9rd9bTB%2F%2FMIiaZGDkIoUYWpfmpym%2Bg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=26.999950
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d81a3ba91c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/7d4637f42da9f26b0e94393645ca4f3a_100x.jpeg | 104.19.235.103 | 200 OK | 2.8 kB |
URL GET HTTP/3img.staticdj.com/7d4637f42da9f26b0e94393645ca4f3a_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashb8f3269a332fede9bb5f20b820297bb3 dce9378a49941c0a3406c312123779c87ee44f3d 7b90577cb4fa5037984994ace576984e96e26871816cb1663eae7a771923adbf
GET /7d4637f42da9f26b0e94393645ca4f3a_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/webp
content-length: 2780
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="7d4637f42da9f26b0e94393645ca4f3a.webp"
expires: Thu, 04 Apr 2024 20:19:31 GMT
request-id: acce577c-3680-4691-8d5f-34af43b5db59
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: acce577c-3680-4691-8d5f-34af43b5db59
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Apr 2024 19:19:31 GMT
cf-cache-status: HIT
age: 887737
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eRq4bnZql%2FtFK7dzu1%2BIQAMfPYQYBdto0yR%2FGi530YZ1amXEmWrmFVVjwk467qdhip4fpHiK8U1hz07h0XcR%2BkushPA8EKJhvNvF5rv7av%2FFBjjbonPjzieD6HH7cdsK4b0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=14.999866
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d81a4bbc1c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/a3cda8b10a3f1c83bbf760b52726d866_100x.gif | 104.19.235.103 | 200 OK | 1.9 kB |
URL GET HTTP/3img.staticdj.com/a3cda8b10a3f1c83bbf760b52726d866_100x.gif IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashda5ad54473a7f27739e5ec1143faac0d 0f2fd05b65b04156154580bd264d2c94a3b6b90f 5f8a052bf202c49f27bd28c076cbf4a77554d45011911898e22a59ee2c23c4a7
GET /a3cda8b10a3f1c83bbf760b52726d866_100x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/webp
content-length: 1894
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=6250
content-disposition: inline; filename="a3cda8b10a3f1c83bbf760b52726d866_100x.webp"
request-id: 9e3b3106-e8c3-4a20-b571-36b6a88fcb23
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Mon, 11 Mar 2024 18:48:13 GMT
cf-cache-status: HIT
age: 3398663
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DrqqlnkQJdrAUkhBADNCXCI%2FHkyf8RObbrr%2FTOvJ1bvFyROW3RyGiFWhIp7SKwiiXxpV16ZUL5wkL%2B7YqSYalREAjrfraaY0bBwC2%2FdoEFouvSDqJqGkdVgPgg5SFlZXTz4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=13.999939
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d81a5bd01c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/f6ff1ab35c2b89fc58a2bf4e809179da_100x.jpeg | 104.19.235.103 | 200 OK | 2.2 kB |
URL GET HTTP/3img.staticdj.com/f6ff1ab35c2b89fc58a2bf4e809179da_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashf4e47c1bab71137930bee821d12ec9d2 78de080f41c8c2e96cc3c8b53446df6d0523562e b688a8cd498558db5d55fdcbefe1c1d1cac13119b0eeba82ea9643390ba4fc70
GET /f6ff1ab35c2b89fc58a2bf4e809179da_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/webp
content-length: 2234
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="f6ff1ab35c2b89fc58a2bf4e809179da.webp"
expires: Mon, 18 Mar 2024 20:54:13 GMT
request-id: 36c1f59e-428e-4905-a39f-6795cc028d9c
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 36c1f59e-428e-4905-a39f-6795cc028d9c
x-xss-protection: 1; mode=block
last-modified: Mon, 18 Mar 2024 19:54:13 GMT
cf-cache-status: HIT
age: 550724
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jgQ7FSoKoiqk8rjuv37ENy2omMvabjLQcVwogGWgGSL80JaZTHB8TD7Jbs8n0hvK3DMrvBWa4801iLA1y6EmRmYbq7XINq1daT1jstq8SH%2FO80ohX3c9xV4yEUpqfZU2uu8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=13.999939
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d81a5bcf1c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/eb1c5479ebc24fcab7025b76859a14ae_100x.jpeg | 104.19.235.103 | 200 OK | 2.4 kB |
URL GET HTTP/3img.staticdj.com/eb1c5479ebc24fcab7025b76859a14ae_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashe0352f0066966ca91244aa5df1800f63 0784e3930264c7dec58feb8bc79ac7978bd41495 2803c73fe763d464c634a1b2a6e0daf9f021578eb8c98819972e0930f799af1e
GET /eb1c5479ebc24fcab7025b76859a14ae_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/webp
content-length: 2412
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="eb1c5479ebc24fcab7025b76859a14ae.webp"
expires: Fri, 22 Mar 2024 09:22:58 GMT
request-id: c84f91b1-f923-41b8-bda2-0f16a08eb483
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: c84f91b1-f923-41b8-bda2-0f16a08eb483
x-xss-protection: 1; mode=block
last-modified: Fri, 22 Mar 2024 08:22:58 GMT
cf-cache-status: HIT
age: 2540106
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vQ0SQwM7Af9T9f51R1RyHLWsp%2B05HHnYGLzhDLgefqx31lToWAP1e9kfKV74cQWVV6MAljZVDwGyaXYRjAgCYs4uBWNG4kxe%2BhivKtIQn1f64sSNrqUqWjDiKyl5z4qs8jw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=23.999929
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d81a4bb81c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/debfb8e4dacf20f6c4af762c205ab1e5_100x.jpeg | 104.19.235.103 | 200 OK | 3.1 kB |
URL GET HTTP/3img.staticdj.com/debfb8e4dacf20f6c4af762c205ab1e5_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash22e1aa1d218c8b6ed19fbac3879737e9 09b90ce6e7ea66d455f65a0bce5f98e33d1e2732 a58dfee137102ebbdf58f3d24b1565616c46adf0d47cf7dc034dd5a1ec9ab1fa
GET /debfb8e4dacf20f6c4af762c205ab1e5_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/webp
content-length: 3102
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="debfb8e4dacf20f6c4af762c205ab1e5.webp"
expires: Wed, 06 Mar 2024 20:02:05 GMT
request-id: 4410643d-c9a2-4c3c-bb3d-8fc78711e4dc
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 4410643d-c9a2-4c3c-bb3d-8fc78711e4dc
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 19:02:05 GMT
cf-cache-status: HIT
age: 887737
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=luJTEiZT3%2F6sHLiYhgEyvFHW3Ads0WMCEoINEGXgQFetWsIkdFyix%2BwcP0iVDKae0LQ5tPDYKv1AFWzfBvdoc8%2FKxZ5ZXJ0mwLhajDcYOKI8ZBKu5pR1oI%2FE%2BjGuE04%2Fifs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=13.999939
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d81a5bdb1c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/390237f8831322dc5db1f4a87c8d4cb4_100x.jpeg | 104.19.235.103 | 200 OK | 2.4 kB |
URL GET HTTP/3img.staticdj.com/390237f8831322dc5db1f4a87c8d4cb4_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash309e70a7e11577476a73c203935caa99 d702149af3fa2dffc6f697e2cdb9ea265cb630b9 ff535ef033b0e906e7fabcb17346c61b1018068b4f358a71c345bb67fa0ac5dc
GET /390237f8831322dc5db1f4a87c8d4cb4_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/webp
content-length: 2370
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="390237f8831322dc5db1f4a87c8d4cb4.webp"
expires: Wed, 06 Mar 2024 23:34:19 GMT
request-id: 2ca2ae89-7d89-4074-b3c9-d1f6bc901230
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 2ca2ae89-7d89-4074-b3c9-d1f6bc901230
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 22:34:19 GMT
cf-cache-status: HIT
age: 887737
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XaF2WxVoTpFDDks1AAWebVt3V5eFIFahr2%2FvU6WMVG8LL1%2Bp8J549MBZ8cnLz49gOo5kcncrXkWKJnpI%2BeZjIM8Q4pYNXkAj9Y1H0OcnTYpUHKy8eAS1Le3cFQSmWAB76H0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=15.000105
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d81a5bdc1c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/2be646a2364d0fd4ada1c0df823e96e6_100x.jpeg | 104.19.235.103 | 200 OK | 2.2 kB |
URL GET HTTP/3img.staticdj.com/2be646a2364d0fd4ada1c0df823e96e6_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash500eb6360bf696f982722d078af4f7b0 8a8da7948e09aa85a5f9295070000b4951b35c70 a073b9f4ff059d81451655d61a79f76de5c9d1d5fbca61fbfb70cd8095c25fee
GET /2be646a2364d0fd4ada1c0df823e96e6_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/webp
content-length: 2214
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="2be646a2364d0fd4ada1c0df823e96e6.webp"
expires: Mon, 18 Mar 2024 21:49:24 GMT
request-id: 5e4ab6f5-c2b0-4a14-a5db-0bb55f28a9a2
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 5e4ab6f5-c2b0-4a14-a5db-0bb55f28a9a2
x-xss-protection: 1; mode=block
last-modified: Mon, 18 Mar 2024 20:49:24 GMT
cf-cache-status: HIT
age: 2540106
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BZl6F8GKtY2WjkgvotUgurRyxg%2BS%2FMxlGNzZkTxFtLz4HVZKKnUYeS1TsuXxPLwymGuWm5GcijdMyGf4eNDES8sd3PcYDM2m5%2FKPe54xTmdVQkMypPkyIEa2WJo3x4h%2B780%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=15.000105
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d81a5bda1c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/84cc7e684561de314cde018b6a020908_100x.jpeg | 104.19.235.103 | 200 OK | 2.6 kB |
URL GET HTTP/3img.staticdj.com/84cc7e684561de314cde018b6a020908_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashb79df0caa544f5f6dd9109393e98b81b fc9af4731ac7003396090d5b9452df202d66de51 6e1dbf2a2d6374ae56638eb40ab6fa2008585d6b9497293f90acc02824e7640c
GET /84cc7e684561de314cde018b6a020908_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/webp
content-length: 2578
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="84cc7e684561de314cde018b6a020908.webp"
expires: Fri, 01 Dec 2023 12:54:38 GMT
request-id: 12b9e180-b02a-41df-9722-6125d9734dea
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 12b9e180-b02a-41df-9722-6125d9734dea
x-xss-protection: 1; mode=block
last-modified: Fri, 01 Dec 2023 11:54:38 GMT
cf-cache-status: HIT
age: 4773981
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qPrxhbJn9R6hajg5QWSlyPrJQTDA226g5%2BsGyxGyozd3S6Zpyi%2BEACORu%2B4PmXxLpIytNZ%2BqEZoYk9dxCR6VPRKVrCIKj1AKsqOlwQi%2FE4bOXv7EYGB%2FI%2Bg5s8A%2FhJphIvo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=14.000177
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d81a5bde1c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/ca7576731760e11e12dcc5eb9f3744fe_100x.jpeg | 104.19.235.103 | 200 OK | 5.3 kB |
URL GET HTTP/3img.staticdj.com/ca7576731760e11e12dcc5eb9f3744fe_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash612cb7dd2d785cb4784a26df05e4b5c7 bae921244322088a1f3d1a48f8074c12beb47de1 2e054dd90deba4cf6fcbf8af70b65216afc754d593a7bf110652141a24303cc3
GET /ca7576731760e11e12dcc5eb9f3744fe_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/webp
content-length: 5300
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="ca7576731760e11e12dcc5eb9f3744fe.webp"
expires: Wed, 06 Mar 2024 20:02:06 GMT
request-id: c91ce225-31a4-4870-b20e-e8d02fb2c2ae
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: c91ce225-31a4-4870-b20e-e8d02fb2c2ae
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 19:02:06 GMT
cf-cache-status: HIT
age: 2249389
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4hv0phFC14Ks2maxqp0X1zN14U7IWBneerw9v7b9JJKrL%2BTpUTbT7z5LWClbjJZlpMOSOBist%2FmrRH8qdIkm5B57iL0l7yDIr7iroLAsvcXQl9qn5zc6giGFFHuq6ncFgk8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=13.999939
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d81a5be11c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/dd51b3cbd397fca23e13c19abea4b9ff_100x.jpeg | 104.19.235.103 | 200 OK | 5.5 kB |
URL GET HTTP/3img.staticdj.com/dd51b3cbd397fca23e13c19abea4b9ff_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash5a7decf8f4229f976e0140f63c42c3c9 8fed3d8f86165021156bee40a499d58b0f7f783e 083cd65b8a726ca0b91db7d07ab3199f2a5509363270f788adaa2068941a6768
GET /dd51b3cbd397fca23e13c19abea4b9ff_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/webp
content-length: 5476
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="dd51b3cbd397fca23e13c19abea4b9ff.webp"
expires: Sat, 23 Mar 2024 10:43:57 GMT
request-id: 70eacc54-d9cf-48cb-b85f-803d469a64ae
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 70eacc54-d9cf-48cb-b85f-803d469a64ae
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Mar 2024 09:43:57 GMT
cf-cache-status: HIT
age: 525559
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dr0YKRNHvOLk5jyU5%2BPJzUEpm7CApRe%2BfxYehhknZ4CrFB8Qg21uWUGR9F0MDvKn5EgmtHDR%2F4tW7OqyHrM3osGp0Y0tyWFBCL0wG%2F8FQVXzXcgnUmrMs8YVUkKar%2FtF66g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=13.999939
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d81a5be21c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/de5a984e245ee620a2f7c425177d3d4b_100x.jpeg | 104.19.235.103 | 200 OK | 5.3 kB |
URL GET HTTP/3img.staticdj.com/de5a984e245ee620a2f7c425177d3d4b_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash9d1b45ee034353742e39192622718559 bc2436642677db17d3832e4fa7b8e0a4422bbbc1 14a610e1f8e437b27b40ced462fd8d895c8dfe222f18b759025349d2a09e06f1
GET /de5a984e245ee620a2f7c425177d3d4b_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/webp
content-length: 5296
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="de5a984e245ee620a2f7c425177d3d4b.webp"
expires: Wed, 06 Mar 2024 22:17:41 GMT
request-id: 8be29516-538c-438d-b26c-69e3d41ea6b9
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 8be29516-538c-438d-b26c-69e3d41ea6b9
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 21:17:41 GMT
cf-cache-status: HIT
age: 2540106
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QL2EceUruwnUKJxSpVWXeCNewgQRI5Ar%2Fr4%2B10MLtiTVG9VreAJcHUNad5%2F5M2An0mQT3HdNy%2BJBechmY8PxBY4OY2vrFwh2uKTX45ZOjLiQf7OJpgmAL0pb3pFdnqoU0AM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=39.999962
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d81a3bad1c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/df40a88624b210c98b1d8221f8539b79_100x.jpeg | 104.19.235.103 | 200 OK | 5.6 kB |
URL GET HTTP/3img.staticdj.com/df40a88624b210c98b1d8221f8539b79_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash46416c5ba10e11325d905a330124ad6f 32ba931880dc2a4f250d2b25e164b6418153a5f2 231f73b33d461b965eb8aad74a34c69c5dca0b2c27858c7f852bd554aa3d5d77
GET /df40a88624b210c98b1d8221f8539b79_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/webp
content-length: 5590
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="df40a88624b210c98b1d8221f8539b79.webp"
expires: Wed, 06 Mar 2024 23:44:04 GMT
request-id: 3c23a506-97e7-4fb5-8103-dd939a5e9817
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 3c23a506-97e7-4fb5-8103-dd939a5e9817
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 22:44:04 GMT
cf-cache-status: HIT
age: 2540107
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EWWns3HfTLC69vIP297Q6aLcKNYrRJFqWc%2Bihe8nVVnhGQ5d84wzCF6z68opTUzZBiDnUCT9JUuHyWmbB6%2F7NC7RKp0gT2GNTORhiDZNAMl2cK6pX0jSoiDsB8FxxQ23%2FW8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=16.999960
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d81a6be41c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/images/starIcon.png | 188.114.97.1 | 200 OK | 2.8 kB |
URL GET HTTP/3www.rosequake.com/images/starIcon.png IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typePNG image data, 80 x 96, 8-bit/color RGBA, non-interlaced Hash80b32f34f8b4a9310abfc8d91ca5a6f8 29b5f72686bfe80f4f1ed1ad4765645285cc13c2 74c692972ae3c1c83ac74969fc5c7891d5de6abdfb69625a21a2e777739bb16a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/starIcon.png HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/static/CBDStyle.css?v=cac22025232-20240425
Cookie: _gcl_au=1.1.68093794.1713980064; _ga_B1QS3P765Z=GS1.1.1713980065.1.0.1713980065.0.0.0; _ga=GA1.1.1956862707.1713980066; cf_clearance=ud4b0tQM_RPRYCBzel8WrYCy3OCdM2MqVtBAgN7TT9c-1713980066-1.0.1.1-OnuGn2oEFweWO2770CCul0RU4shkIZV_VsW5NlbBGmUgXc5lUkyUmQhMH8G0U5DrALg0DTz2P71A0OF7GMURzw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/png
content-length: 2824
last-modified: Thu, 17 Aug 2023 21:46:57 GMT
etag: "8f436e5854d1d91:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 3809
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vSI1i5jTg5Aa4B9%2BboVJWDf9x5ZX7vrTgsDSyVj3hq0u8ySyvbbhBtF8f0g97SWUUxWICyyJ2Yems8h47Sa4dEuPqs%2FnB9eB%2FLBR5%2Bu2o33Ow9v8N0KZNAT5NgQXQzULuWtFtg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8797d81a7c3f56a8-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/74ef331e09d70cfa31f8b60255227d84_100x.jpeg | 104.19.235.103 | 200 OK | 4.4 kB |
URL GET HTTP/3img.staticdj.com/74ef331e09d70cfa31f8b60255227d84_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashb050e4ba5a7966a4debaee837cea66de 892a45a8ee95cbdebd36b255b333f88468681726 3954ae88fb4fcc818e9f86f16fe903f84261d493e074d4ddaa137d9f5b4c3827
GET /74ef331e09d70cfa31f8b60255227d84_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/webp
content-length: 4384
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="74ef331e09d70cfa31f8b60255227d84.webp"
expires: Mon, 18 Mar 2024 20:54:13 GMT
request-id: c978d044-650a-4502-ae47-a73966d88ec0
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: c978d044-650a-4502-ae47-a73966d88ec0
x-xss-protection: 1; mode=block
last-modified: Mon, 18 Mar 2024 19:54:13 GMT
cf-cache-status: HIT
age: 2540106
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yu3sJ1Pj%2Fo0RvAEn2vQT2kRGI9BVYKt%2FKp%2BbQf%2F2YoDKAHx4y96pff6GuYC5bfTbo9FKIuDcn90zzyQ8pw59AvvMrNMq%2FpMOU74TlMuLo5vYleJ041%2BwTQLr678jlPqdqCY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=24.999857
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d81a5bd71c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/b2439535bc4d1194f5e3698c8beffa37_100x.jpeg | 104.19.235.103 | 200 OK | 6.1 kB |
URL GET HTTP/3img.staticdj.com/b2439535bc4d1194f5e3698c8beffa37_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash00ec29b63d622a98dd7cc28600480349 7489431bd7be61d351cd4e8f1d635aa70074b9c6 7f40e82134f1f1cbe7a47a2911c5d13d3fe65fec874f3e6e2ce7dc5cf8d1603d
GET /b2439535bc4d1194f5e3698c8beffa37_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/webp
content-length: 6056
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="b2439535bc4d1194f5e3698c8beffa37.webp"
expires: Tue, 19 Mar 2024 12:01:08 GMT
request-id: 7375877b-f21a-4430-a92a-e6751d248376
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 7375877b-f21a-4430-a92a-e6751d248376
x-xss-protection: 1; mode=block
last-modified: Tue, 19 Mar 2024 11:01:08 GMT
cf-cache-status: HIT
age: 2540106
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BapIsgpJSH9uMo0%2BSFVzIp%2FLP9%2BwgTVbWs5ma13Sirvs3uWXKTnEYdsUGa1aZg9u01JPgZbAXXy%2FWZJL8l3RCfkONwiAS%2FfNztnT2MuCCdCC6glQw1a5nBemmNLIk8HalLk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=23.999929
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d81a5be31c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/d31eb7a33614c54bc564e6fd60428233_100x.jpeg | 104.19.235.103 | 200 OK | 3.4 kB |
URL GET HTTP/3img.staticdj.com/d31eb7a33614c54bc564e6fd60428233_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash9f110dfa3d480cb689b095677850243a 9830750faf525ce0895bb1a05c7dc36f6df31645 3ce3f447f9a267e4d7d9b182ef3a390cb448732e9832bd6048ed1b692e1fbaad
GET /d31eb7a33614c54bc564e6fd60428233_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/webp
content-length: 3392
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="d31eb7a33614c54bc564e6fd60428233.webp"
expires: Fri, 22 Mar 2024 13:20:10 GMT
request-id: 1e31eb3f-bdd5-4ec0-a3cc-aa75dd7ca298
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 1e31eb3f-bdd5-4ec0-a3cc-aa75dd7ca298
x-xss-protection: 1; mode=block
last-modified: Fri, 22 Mar 2024 12:20:10 GMT
cf-cache-status: HIT
age: 887737
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IRR%2B4sW6wuLTtGBMqm7Xa6sOIH1MwkUDecpGZlWcEnsxJae%2FrGf%2BjRYLbmAsPDYQUg%2F1rPcdzAgDhTWGPbdTVTgG%2FgHbBekVZhQlM7k%2F3ceIFfwaY41WsppREwmxpHMwUZw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=14.999866
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d81a6bfa1c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/2aa3496fd6f3aa7cf73f523f4eeac087_100x.jpeg | 104.19.235.103 | 200 OK | 3.8 kB |
URL GET HTTP/3img.staticdj.com/2aa3496fd6f3aa7cf73f523f4eeac087_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash4238b0b941b556b27d945b8f137fa635 f7df95772c3c8807f8476058e764de4c9d8d5c2e f7d77298c937ae5c90b3d970f8f2c5e7b723e40bf79de6269bd9229b54918884
GET /2aa3496fd6f3aa7cf73f523f4eeac087_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/webp
content-length: 3788
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="2aa3496fd6f3aa7cf73f523f4eeac087.webp"
expires: Fri, 22 Mar 2024 09:22:58 GMT
request-id: 5859122e-b02d-47b9-9fab-cb93dcc0f697
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 5859122e-b02d-47b9-9fab-cb93dcc0f697
x-xss-protection: 1; mode=block
last-modified: Fri, 22 Mar 2024 08:22:58 GMT
cf-cache-status: HIT
age: 887737
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cqoxsih1UWK37h%2FAcSmIpRpq1VppnwQlQ%2BjTH5tjrG0YWGkETy6jdkcV%2B2%2Ba0s4IUdv56Tb7sJtLDCJCPddSuNyleuUG%2Bm1dvScfiM%2B8hRLpc0lKxrPlE8Rw3q9l6EtI7SY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=16.000032
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d81a6bfb1c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/54fe4a6cce98f14244804e0c43ff48d0_100x.jpeg | 104.19.235.103 | 200 OK | 1.9 kB |
URL GET HTTP/3img.staticdj.com/54fe4a6cce98f14244804e0c43ff48d0_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashc2f88f71eee4da1c3a42c6b7ef72668c 862e9da4023b60dffa58d4e725506240369df751 147c70483c2776c5aeeada3e45e6f07ab92b1bcc68753021e59988e6fa2bdf27
GET /54fe4a6cce98f14244804e0c43ff48d0_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/webp
content-length: 1904
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="54fe4a6cce98f14244804e0c43ff48d0.webp"
expires: Thu, 30 Nov 2023 14:13:56 GMT
request-id: c51b5f37-806a-461e-8cb5-55238ceaf532
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: c51b5f37-806a-461e-8cb5-55238ceaf532
x-xss-protection: 1; mode=block
last-modified: Thu, 30 Nov 2023 13:13:56 GMT
cf-cache-status: HIT
age: 4773981
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wOLv13G4Kv0uzw%2Ft74PiLE8bEwsfM17wp6FTRYKmJjEQyGpfgLebe0ZXnq6csLxPqLrBO4v7L8uEAWrAGB068lmr2npBYvsdinLUltN2w3LM%2FNHMaEhhJC5btnaEmrV8KiQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=16.000032
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d81a6bf91c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/dab6e69237c3b8b86ad69740387af70a_100x.jpeg | 104.19.235.103 | 200 OK | 3.5 kB |
URL GET HTTP/3img.staticdj.com/dab6e69237c3b8b86ad69740387af70a_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashaf0fa7b3c972b176b247e43da921cdf9 d6625b8fa81f90dc54770cb644e78dc5706ec582 53198496bd049832588634b7b28494d029a6e95d2f95cc63a3a315cce1af7cac
GET /dab6e69237c3b8b86ad69740387af70a_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/webp
content-length: 3504
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="dab6e69237c3b8b86ad69740387af70a.webp"
expires: Wed, 06 Mar 2024 22:17:41 GMT
request-id: 4509fb2d-c2be-4abc-bd5a-f88a629cbc33
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 4509fb2d-c2be-4abc-bd5a-f88a629cbc33
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 21:17:41 GMT
cf-cache-status: HIT
age: 2249389
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PAhv7u%2BeUitnQMrmaZVesDrj3JRhtBPPw3%2Bsf4QvRIEmEE9iH5uxD9eLXVXtYMClh3Ub1ihH8Poc0Gx8ZvUmBwji0T6oZIEIu5kfT%2FSxma8%2F99yKPiJPNw7dzc8dTJi9ihw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=16.000032
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d81a6bfd1c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/d4c160624c8818a0376061feb47462ac_100x.jpeg | 104.19.235.103 | 200 OK | 5.7 kB |
URL GET HTTP/3img.staticdj.com/d4c160624c8818a0376061feb47462ac_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hasha563f0adf30eba05a3ed6048fe85411a 936e77c87224f2a0ea9c1b547f2feba39ec00143 95486c5aecb81d6bf32bc7b71900a4949329a1aeb98e40985a52d41030f63617
GET /d4c160624c8818a0376061feb47462ac_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/webp
content-length: 5672
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="d4c160624c8818a0376061feb47462ac.webp"
expires: Thu, 21 Mar 2024 10:36:40 GMT
request-id: 378762c7-f82b-41f8-a808-70b3e4f19049
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 378762c7-f82b-41f8-a808-70b3e4f19049
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Mar 2024 09:36:40 GMT
cf-cache-status: HIT
age: 2540107
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UxhZ3HmjcfhIaW1NF5jzIZiIConswtRK%2BS1LO97P8Q4sBANy17KIcVBBpCmqTzixP%2FQ1bZWxgS0l76E7gpVC%2BgrQvhu6xFao4lm4YDKJA2cxqaKAzGTx9slp3KGIr3xDCB0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=16.000032
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d81a6bfe1c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/8a173242d6b06f7e37d207e9a52fabfe_100x.jpeg | 104.19.235.103 | 200 OK | 7.1 kB |
URL GET HTTP/3img.staticdj.com/8a173242d6b06f7e37d207e9a52fabfe_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash843d4c52ee68e2a33c80d1f765aa9f8f 9dbdcdc3241892b89f0d2c9d15a3af3cd2cb818a 3aa500027d61aebc2c869077a3557c875fa2ce2d8b6e68d06bcfb40053fff457
GET /8a173242d6b06f7e37d207e9a52fabfe_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/webp
content-length: 7070
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="8a173242d6b06f7e37d207e9a52fabfe.webp"
expires: Wed, 06 Mar 2024 22:17:41 GMT
request-id: 5771b02e-9e4b-4d38-b5db-a5fa40cbd19b
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 5771b02e-9e4b-4d38-b5db-a5fa40cbd19b
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 21:17:41 GMT
cf-cache-status: HIT
age: 887737
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zDFfeh6y8FKVIp1cl1LwwJgZts34SHUuLXn29WA8ZhQt1yPcm%2FUx0R8DrUygQkjwyq1VFuSp88k4UFMXJCDH3V4st3XtFuX7heZ3zcRXTDyHLV3F0bFsV8LP69z7pbXFx%2B8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=16.000032
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d81a7bff1c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/ce1685b8c6ee64f0a6a62616900beaca_100x.jpeg | 104.19.235.103 | 200 OK | 5.5 kB |
URL GET HTTP/3img.staticdj.com/ce1685b8c6ee64f0a6a62616900beaca_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashbab263567cbbc100807a7c743527816d 50583c81a6b091a98ec9f13a4ff992be59427fc1 37065fe7a81138315e3f7d1be66f941b4ee1641d1bb15d919601a157d94c44ca
GET /ce1685b8c6ee64f0a6a62616900beaca_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/webp
content-length: 5518
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="ce1685b8c6ee64f0a6a62616900beaca.webp"
expires: Thu, 21 Mar 2024 09:36:37 GMT
request-id: 5761189e-823d-49fb-a0df-acc0a3e67f2a
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 5761189e-823d-49fb-a0df-acc0a3e67f2a
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Mar 2024 08:36:37 GMT
cf-cache-status: HIT
age: 887737
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SLmkzAxWzHGWJgJ7y4LV62rMXzmnuWNuaa%2FVE%2BBjJ2iipoCU8EY7HFc15u5TKWGHqiZD1I8bTvVClx0%2FEryKpPXQrrZJlve1N9GzKKhNPQpDO4tpd9NuM5Iaanq9wCdiokE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=23.000002
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d81a6bf11c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/c07c90db188eb5558686d6e3cba11863_100x.jpeg | 104.19.235.103 | 200 OK | 2.3 kB |
URL GET HTTP/3img.staticdj.com/c07c90db188eb5558686d6e3cba11863_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash159a287adca47ba28cc23f7007b512de acf6fa74ab7fea8014fb4464c77f254cda490468 269f0e3ee6df922cd2fc38d9c16a64d4c434224ee5fdd10689befdba2c2b2b70
GET /c07c90db188eb5558686d6e3cba11863_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/webp
content-length: 2280
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="c07c90db188eb5558686d6e3cba11863.webp"
expires: Fri, 08 Mar 2024 06:19:35 GMT
request-id: 8324d96d-0653-4f64-960f-042266a8e765
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 8324d96d-0653-4f64-960f-042266a8e765
x-xss-protection: 1; mode=block
last-modified: Fri, 08 Mar 2024 05:19:35 GMT
cf-cache-status: HIT
age: 2540107
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=faQELL%2FUAwgwpuKXjGsupfWeVCkkGOj5rQUi94Kb%2Fq8fDocc7IeyI8W1Hj2S4z%2B5yTGriBjCb5NbTdPEvrTFmMiyMe8iM9bRO%2BCbwgf2CDVV11T7Mfx5RkCFrmgo14jTqsE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=17.999887
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d81a6bf81c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/a8ef1b6b0b5bb394bf747c2d7581916e_100x.gif | 104.19.235.103 | 200 OK | 9.3 kB |
URL GET HTTP/3img.staticdj.com/a8ef1b6b0b5bb394bf747c2d7581916e_100x.gif IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hasha833a97ba6f247894e9921bac9c2efb9 17e01c550fb24bc7cdba378e9e6e4e247a3bcf5a db278bfed75528096b3e6e5b4601bf69b6dfed032059472b104e91b0cb274a90
GET /a8ef1b6b0b5bb394bf747c2d7581916e_100x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/webp
content-length: 9286
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=21271
content-disposition: inline; filename="a8ef1b6b0b5bb394bf747c2d7581916e_100x.webp"
request-id: 93ab2e69-4bff-437c-b58a-c9863c0a0d4a
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Fri, 22 Mar 2024 00:11:04 GMT
cf-cache-status: HIT
age: 2540107
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XWBgLY1KecPmeptqY%2BiMu1D%2BgKFPQ8Zb%2BPYl%2Buir0PqSRTYY7kvgeuWwGrR6csEdSekPf33TxB0f6nU0qRefX%2FUkH3xbHqPAu49M8GSWhJTS7yDKJKBj0Dy5ut0bHiHFOes%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=15.000105
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d81a7c081c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/ee9abcbc18be04ca41d287a786c6eb40_100x.jpeg | 104.19.235.103 | 200 OK | 5.8 kB |
URL GET HTTP/3img.staticdj.com/ee9abcbc18be04ca41d287a786c6eb40_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash1b587e71059ad839e608324aca95ccfb 7ff274bd3c3dfb32eee6ec395602642580adb490 49ed4dce56ab4ee84d1e56a3f916c9130a105f3de70738c3df06c8573e25b382
GET /ee9abcbc18be04ca41d287a786c6eb40_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/webp
content-length: 5776
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="ee9abcbc18be04ca41d287a786c6eb40.webp"
expires: Thu, 21 Mar 2024 10:36:40 GMT
request-id: 5602b8ba-2854-4a43-9169-f127ecb861b4
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 5602b8ba-2854-4a43-9169-f127ecb861b4
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Mar 2024 09:36:40 GMT
cf-cache-status: HIT
age: 887737
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZIbPT2InCDgDtP3lrJ155iYDtL%2FfOW5I35TIzTflbjmRg3ByI7IwbQi6q7O8qEMGmroFD7Me0B%2Bnidk4ny8La11nff9M3Cq9LZ9t8c9HjoCB8cGdwBY9A1WkA2u2qQVdagE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=15.000105
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d81a7c041c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/0d9b5d0e5320655d89515246767e012c_100x.jpeg | 104.19.235.103 | 200 OK | 4.6 kB |
URL GET HTTP/3img.staticdj.com/0d9b5d0e5320655d89515246767e012c_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashf5ce53c174243ecfea2bb0f9cc50df71 5d76d76dec34219cc2a10892463e4c68a1a1e109 06bc2fe9ffb45512dfa6700b6d67a69088ca46df624912415e894fdbafec925d
GET /0d9b5d0e5320655d89515246767e012c_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/webp
content-length: 4580
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="0d9b5d0e5320655d89515246767e012c.webp"
expires: Wed, 06 Mar 2024 20:02:08 GMT
request-id: 89d28de3-8ef6-40c3-a2ab-ae320afe6cc5
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 89d28de3-8ef6-40c3-a2ab-ae320afe6cc5
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 19:02:08 GMT
cf-cache-status: HIT
age: 1798202
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fU3Qk0Dq3j8rPx3xgqxIi0essSkc3mIijUS9ZuIKpN7L%2B30RO15Aw9iSV%2BhVmlkKSWfMpoUmwF77eXHBQ3053Ya%2Bnzm8ygaRCeNcCSKZYDhcvcZZUgWN6GYYWaDZ4o5I%2FTY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=16.000032
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d81a7c061c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/706b0aab69dd77b0c961cf8dbb30c37e_100x.gif | 104.19.235.103 | 200 OK | 5.5 kB |
URL GET HTTP/3img.staticdj.com/706b0aab69dd77b0c961cf8dbb30c37e_100x.gif IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashd3ac7e59e47e3e859f675b70f56ef667 fa71cd2b734a7a4748c30b30f995a80c765280f7 b15b7e1e98284d3c2234947b8934d974e0740992c0ec3b2a07bf92c72fa23a0c
GET /706b0aab69dd77b0c961cf8dbb30c37e_100x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/webp
content-length: 5474
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=9718
content-disposition: inline; filename="706b0aab69dd77b0c961cf8dbb30c37e_100x.webp"
request-id: a83a6198-c30e-47ed-8d18-90fcff605c38
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Thu, 18 Apr 2024 10:00:30 GMT
cf-cache-status: HIT
age: 525559
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2T7zUQOk04paT9Gx72ZPG1dNq6VaV3soy4HEiMJebJIo16ky1rCFxLXv8%2Fe3%2FmRutbxQ5q0ZpX5E8IVf52CU1fXEfVLKILEwxpzqAIwCBXs66OvjdmsO4je1cNRwci%2B9lAE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=22.000074
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d81a6bf71c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/2f931445ef6ce220d149806eec5bfef9_100x.jpeg | 104.19.235.103 | 200 OK | 7.9 kB |
URL GET HTTP/3img.staticdj.com/2f931445ef6ce220d149806eec5bfef9_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash57707a103590555bf483df57b1f76bd5 22270f1fbbe3d8ffd8283813126debd748667d7f 2a29004e5c4c66eb954004a01d14307ebaece558236fa7ae06b361a7456b7cc4
GET /2f931445ef6ce220d149806eec5bfef9_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/webp
content-length: 7854
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="2f931445ef6ce220d149806eec5bfef9.webp"
expires: Wed, 06 Mar 2024 20:02:08 GMT
request-id: cd7a1d3b-56f1-4c49-9ef7-d67cc2934875
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: cd7a1d3b-56f1-4c49-9ef7-d67cc2934875
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 19:02:08 GMT
cf-cache-status: HIT
age: 1143700
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MDUVw3kPu3Z0YZX03rso9XyFun742tXPfStVZF9WVviNckLd5MhuDGCQ5TeTqKgB%2B%2BAToZFwZ5XmvN2Gi37e4WZm9Yw%2BAcBQ7In63wYi8CQj7%2FfvYZFim2YtXvrMyJ968yY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=21.999836
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d81a7c001c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.shopify.com/videos/c/o/v/8deef709fc1e4f858ae6e3cd945ff6d3.mp4 | 23.227.60.200 | 206 Partial Content | 37 MB |
URL GET HTTP/2cdn.shopify.com/videos/c/o/v/8deef709fc1e4f858ae6e3cd945ff6d3.mp4 IP23.227.60.200:443
Requested byhttps://www.rosequake.com/ CertificateIssuerLet's Encrypt Subjectcdn.shopify.com Fingerprint34:CE:56:3A:83:8F:D8:06:E6:52:5C:6D:DE:D5:CD:92:EE:F0:79:DF ValidityTue, 05 Mar 2024 12:27:42 GMT - Mon, 03 Jun 2024 12:27:41 GMT
File typeISO Media, MP4 v2 [ISO 14496-14] Size37 MB (37328679 bytes) Hash9ab9fd23f134c9b0b520f69bec16627b 15527f9473336348b7c226244a67325ee4953543 a47113700f9487a82fe476f05928cf2ddd6e4600f560f7663d79a712a44c0a3c
GET /videos/c/o/v/8deef709fc1e4f858ae6e3cd945ff6d3.mp4 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
date: Wed, 24 Apr 2024 17:34:25 GMT
content-type: video/mp4
content-length: 37328679
access-control-allow-origin: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/videos/c/o/v/8deef709fc1e4f858ae6e3cd945ff6d3.mp4>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: 5a3f9918-08eb-4bc1-aa0c-fb9e2fa7337a-1709764376
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,gcp-us-east1
last-modified: Wed, 06 Mar 2024 22:32:57 GMT
cf-cache-status: HIT
age: 525558
content-range: bytes 0-37328678/37328679
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6RHTUVTGq%2BRXEMw41ZuSkBPiPjr8Ew1TzgKSFYShHN3EXFFW8Gi0oBOYhfgWbIv8nWGZ4y1aeaH0llGJ1wU8OJb%2FWrZMWamIzaE8V%2FAHNocoLjAgG7%2FmHHTlZC%2FMVixHvg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server-timing: imagery;dur=469.952, imageryFetch;dur=436.675, cfRequestDuration;dur=15.000105
server: cloudflare
cf-ray: 8797d810cc1f56a4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| global.akating.com/static/js/pixel2023.js?v=cac22025232-20240425 | 172.67.165.29 | 200 OK | 7.8 kB |
URL GET HTTP/2global.akating.com/static/js/pixel2023.js?v=cac22025232-20240425 IP172.67.165.29:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectakating.com FingerprintA8:7E:17:08:6D:10:CF:53:D4:98:D4:CE:50:7C:4A:15:9B:62:1D:62 ValidityFri, 19 Apr 2024 10:57:59 GMT - Thu, 18 Jul 2024 10:57:58 GMT
File typeJavaScript source, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Hash6b4310c26fdbf0c65584a98947bad848 bab77d8461ebf358bdd46dd0e343a58f0ba3e530 773ebdc02861c4fb6499935f65324aba975086c072c1affc9118d49468452b95
GET /static/js/pixel2023.js?v=cac22025232-20240425 HTTP/1.1
Host: global.akating.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: application/javascript
last-modified: Sat, 10 Feb 2024 17:00:24 GMT
etag: W/"0c468a3425cda1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 5635
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2I7xN%2BNoF5Q4qr21VXIDJL2XakOBCfMjBE5cT6IFKkgJqj2HRK0mzrM0mQur4gQ3epjgN%2BllXzr67z9e3mL%2BMi%2FithlYGxIGoKL3bSSsaeUGAa3i5AGMYgscIdtnpK8fOHd6vY4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797d8068852b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| global.akating.com/images/e7324f65a97f479eae35dea57525995b.jpg | 172.67.165.29 | 200 OK | 166 kB |
URL GET HTTP/3global.akating.com/images/e7324f65a97f479eae35dea57525995b.jpg IP172.67.165.29:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectakating.com FingerprintA8:7E:17:08:6D:10:CF:53:D4:98:D4:CE:50:7C:4A:15:9B:62:1D:62 ValidityFri, 19 Apr 2024 10:57:59 GMT - Thu, 18 Jul 2024 10:57:58 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 24.7 (Windows), datetime=2023:10:29 15:20:47], baseline, precision 8, 1900x600, components 3 Size166 kB (165578 bytes) Hash93ed4410afe4d281d98ed1fe5f887098 12bee450a2725f1a0441fc8b4c4b80c4d34f7140 736a26f8c9508e3d094d96999cab2845e0389abd9bce3cfd194cfa50dad3727e
GET /images/e7324f65a97f479eae35dea57525995b.jpg HTTP/1.1
Host: global.akating.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:29 GMT
content-type: image/jpeg
content-length: 165578
last-modified: Tue, 28 Nov 2023 21:41:01 GMT
etag: "46d99f944322da1:0"
x-powered-by: ASP.NET
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 2109
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FTOt3rPKFl1QbT74%2FFLFyEmaL0W%2FHWkAvfoeoX44bi%2F54lww1aHycNY3ESfyy07IuI%2Fbes5blYlzYRWp1hu8hViQn70stBrMB%2FGOpBdwXYBcKAJC2GXdgiE%2BwXnutYD73KHCxOg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8797d82d6bc3712e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js | 188.114.97.1 | 200 OK | 13 kB |
URL GET HTTP/3www.rosequake.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeJavaScript source, ASCII text, with very long lines (7830), with no line terminators Hashd27e071ee10f558cd883de4ae4d6386b 52d9e10c621571309352e81c75d8fba4c331e56e 7d059fff5b6ac93e2455f1061c8b8cb19172270d7e46af99619d3d276eefad72
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: _gcl_au=1.1.68093794.1713980064; _ga_B1QS3P765Z=GS1.1.1713980065.1.0.1713980065.0.0.0; _ga=GA1.1.1956862707.1713980066
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: application/javascript; charset=UTF-8
content-encoding: br
cache-control: max-age=14400, public
vary: accept-encoding
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FYvNLyPrWE1ABpJy8UNpzAxfUFiwcxvrZzizl75KgCfnCrRwrgzdkOxmCVh%2BtAJ1jc3nl79bCb%2FIJU4pZX8OhldM4Y9KeNsikXbbPKgw5TaamoN9eUT9wKCixyKlFHZbLGHZYg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797d816cf7e56a8-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/images/rose/07b6e3s5debve63c9e9.jpg | 188.114.97.1 | 200 OK | 728 kB |
URL GET HTTP/3www.rosequake.com/images/rose/07b6e3s5debve63c9e9.jpg IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1900x600, components 3 Size728 kB (728405 bytes) Hash07b6e375a5deb69b6d1aa3be7e63c9e9 4c7993ef917884ffb1f9ecc77b29f12501e6fdcf bf5f7ca6102bc3c0668bc498a3854136a36d9301bc8a1b7162c386ec04c7f09f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/rose/07b6e3s5debve63c9e9.jpg HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: _gcl_au=1.1.68093794.1713980064; _ga_B1QS3P765Z=GS1.1.1713980065.1.0.1713980065.0.0.0; _ga=GA1.1.1956862707.1713980066; cf_clearance=ud4b0tQM_RPRYCBzel8WrYCy3OCdM2MqVtBAgN7TT9c-1713980066-1.0.1.1-OnuGn2oEFweWO2770CCul0RU4shkIZV_VsW5NlbBGmUgXc5lUkyUmQhMH8G0U5DrALg0DTz2P71A0OF7GMURzw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:35 GMT
content-type: image/jpeg
content-length: 728405
last-modified: Tue, 10 Oct 2023 19:39:16 GMT
etag: "537b5874b1fbd91:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2112
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PnURdaOjVCQF2ZtOLtLdQBsoRoyzEJCjU%2BZZ3NJRqG59duj56RxNYZj%2Fdx%2B5RqZsimRmonpNoy%2BlicFvjDwlH9%2BX4PmKxbQ64WbOlep0t425aaXTLGI8KaBEMm0%2BtclAfHHfuA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8797d850cb3356a8-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/images/rose/07b6e3s5debve63c0.jpg | 188.114.97.1 | 200 OK | 222 kB |
URL GET HTTP/3www.rosequake.com/images/rose/07b6e3s5debve63c0.jpg IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2023:10:11 03:50:16], progressive, precision 8, 1900x600, components 3 Size222 kB (222417 bytes) Hashfdc2b3b7d952a2bc8e01d3986045ca81 36836d21cf2e5a58df6a99cbc48e2d076914a47c 2a921ee0e9fb9e05f8d29612835cfc1aa4f28dc7f96c15ce9799d4ac84fff7b8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/rose/07b6e3s5debve63c0.jpg HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: _gcl_au=1.1.68093794.1713980064; _ga_B1QS3P765Z=GS1.1.1713980065.1.0.1713980065.0.0.0; _ga=GA1.1.1956862707.1713980066; cf_clearance=ud4b0tQM_RPRYCBzel8WrYCy3OCdM2MqVtBAgN7TT9c-1713980066-1.0.1.1-OnuGn2oEFweWO2770CCul0RU4shkIZV_VsW5NlbBGmUgXc5lUkyUmQhMH8G0U5DrALg0DTz2P71A0OF7GMURzw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:35 GMT
content-type: image/jpeg
content-length: 222417
last-modified: Tue, 10 Oct 2023 19:50:17 GMT
etag: "27495bfeb2fbd91:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 2108
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6v2i8DjRD2DwY8B5TJ0fVZ4yCG2821d%2B9ReWUgOEcopebIYAC1GEjpLRV8sFNKvT%2BxifsFzyd7DpZzqgtcuPC8vtfPA7dhRkDFPFDnajEaQS7zag%2FByVEMV2MeBzUmVZjMvxFg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8797d850eb7756a8-OSL
alt-svc: h3=":443"; ma=86400
|
|
| we.chatsoftly.com/agents/images/cbdshop/agent_offline.png | 104.21.92.129 | 200 OK | 4.5 kB |
URL GET HTTP/3we.chatsoftly.com/agents/images/cbdshop/agent_offline.png IP104.21.92.129:443
Requested byhttps://www.rosequake.com/ CertificateIssuerLet's Encrypt Subjectchatsoftly.com FingerprintB5:CE:E5:95:0F:6B:BB:E2:D4:E0:32:34:86:00:B8:EB:C8:3F:A6:E5 ValidityWed, 06 Mar 2024 04:41:15 GMT - Tue, 04 Jun 2024 04:41:14 GMT
File typePNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced Hashf31b27f2dd78d85a52e0588a7e7698ec a601d2b2098b159d3ebe1508ff87b76131a691d6 585a9c155c15c0ba3be761b5ea54fa8fa897e888ad1d415edacf1792d7ee2c54
GET /agents/images/cbdshop/agent_offline.png HTTP/1.1
Host: we.chatsoftly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:36 GMT
content-type: image/png
content-length: 4458
last-modified: Wed, 14 Apr 2021 15:07:35 GMT
etag: "54f5cbe63f31d71:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5939
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nlQX4v0%2Fk0z56F6ow8TJJtwuX4v2hjdblNJ%2B3U%2FkE%2Bp039nENFT7KyIfMhFlk3N%2B%2FnSpWB%2BgWwiU4mnYBpcJmt5%2FBVcTi%2B9hg2gCZmxBL0Hhw3JPiOREYaxkFJjsMo4KHWvcuA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8797d853aa3556b1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| services.addons.mozilla.org/api/v4/addons/search/?guid=default-theme%40mozilla.org%2Caddons-search-detection%40mozilla.com%2Cgoogle%40search.mozilla.org%2Cwikipedia%40search.mozilla.org%2Cbing%40search.mozilla.org%2Cddg%40search.mozilla.org%2Cfirefox-compact-light%40mozilla.org%2Cfirefox-compact-dark%40mozilla.org%2Cfirefox-alpenglow%40mozilla.org%2Camazon%40search.mozilla.org&lang=en-US | 54.230.111.21 | | 82 B |
URL services.addons.mozilla.org/api/v4/addons/search/?guid=default-theme%40mozilla.org%2Caddons-search-detection%40mozilla.com%2Cgoogle%40search.mozilla.org%2Cwikipedia%40search.mozilla.org%2Cbing%40search.mozilla.org%2Cddg%40search.mozilla.org%2Cfirefox-compact-light%40mozilla.org%2Cfirefox-compact-dark%40mozilla.org%2Cfirefox-alpenglow%40mozilla.org%2Camazon%40search.mozilla.org&lang=en-US IP54.230.111.21:0
Hash4f822d39c269d2c47e3174b6c6bad3b7 d56bd07959c766e9c18faa9cf1070548f9236b65 cda00e555c758b1c13b6cbd17049ca8471057d16c60f08f551dbc331308eecf3
GET /api/v4/addons/search/?guid=default-theme%40mozilla.org%2Caddons-search-detection%40mozilla.com%2Cgoogle%40search.mozilla.org%2Cwikipedia%40search.mozilla.org%2Cbing%40search.mozilla.org%2Cddg%40search.mozilla.org%2Cfirefox-compact-light%40mozilla.org%2Cfirefox-compact-dark%40mozilla.org%2Cfirefox-alpenglow%40mozilla.org%2Camazon%40search.mozilla.org&lang=en-US HTTP/1.1
Host: services.addons.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 82
server: openresty
date: Wed, 24 Apr 2024 17:24:45 GMT
allow: GET, HEAD, OPTIONS
x-amo-request-id: e8ad2e1bf615471fb02f38604d954703
content-security-policy: img-src 'self' blob: data: https://addons.mozilla.org/static-server/ https://addons.mozilla.org/user-media/; connect-src 'self' https://*.google-analytics.com; default-src 'none'; frame-src https://www.recaptcha.net/recaptcha/; font-src 'self' https://addons.mozilla.org/static-server/; style-src 'unsafe-inline' https://addons.mozilla.org/static-server/; child-src https://www.recaptcha.net/recaptcha/; script-src https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/js https://www.recaptcha.net/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://addons.mozilla.org/static-server/; media-src https://videos.cdn.mozilla.net; object-src 'none'; form-action 'self'; report-uri /__cspreport__
x-frame-options: DENY
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: same-origin
cross-origin-opener-policy: same-origin
cache-control: max-age=3600
public-key-pins: max-age=5184000; includeSubDomains; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="
via: 1.1 google, 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
etag: "4f822d39c269d2c47e3174b6c6bad3b7"
vary: origin,X-Country-Code,Accept-Language
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NVcCfeEl8kWqsby5ZBoOBVDHMJG7Fq7fT0v-eCvzVWj-0IFCN9bcLA==
age: 604
X-Firefox-Spdy: h2
|
|
| aus5.mozilla.org/update/3/SystemAddons/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml | 35.244.181.201 | | 42 B |
URL aus5.mozilla.org/update/3/SystemAddons/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml IP35.244.181.201:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typeXML 1.0 document, ASCII text Hashf8f24fa0c857d8f2ee493e131b85ab62 cb6049f830a54d14a19d4104fc0bb5ab5fdedbe6 e0dadbc9cd1f1bd8ce3118cc3383e0d0f6d147f055265d498d99deea956ba00f
GET /update/3/SystemAddons/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 17:34:49 GMT
content-type: text/xml; charset=utf-8
content-length: 42
rule-id: unknown
rule-data-version: unknown
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
via: 1.1 google
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| www.rosequake.com/css/country-flag.css?v=cac22025232-20240425 | 188.114.97.1 | 200 OK | 29 kB |
URL GET HTTP/3www.rosequake.com/css/country-flag.css?v=cac22025232-20240425 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/country-flag.css?v=cac22025232-20240425 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: text/css
last-modified: Fri, 04 Aug 2023 21:08:05 GMT
etag: W/"80e8c4c217c7d91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5635
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=noOGsm0Ql1vBznT1YCdcezryUSPo12WtwiYmn1lnNjdJu99uGJzYbtPe%2Frmp9nMX1FvpdZP6jVgd%2BUvfKlLcnfscXQY4YIwDHaGYUxadsjB1Va3%2F8UGbE%2Bm7k4XGbMxRj6PNQg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797d805ab8556a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| global.akating.com/files/js/chosen_v1.8.7/chosen.jquery.js?v=cac22025232-20240425 | 172.67.165.29 | 200 OK | 48 kB |
URL GET HTTP/2global.akating.com/files/js/chosen_v1.8.7/chosen.jquery.js?v=cac22025232-20240425 IP172.67.165.29:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectakating.com FingerprintA8:7E:17:08:6D:10:CF:53:D4:98:D4:CE:50:7C:4A:15:9B:62:1D:62 ValidityFri, 19 Apr 2024 10:57:59 GMT - Thu, 18 Jul 2024 10:57:58 GMT
File typeJavaScript source, ASCII text, with very long lines (326), with CRLF, LF line terminators Hash89081048f3bf7c9d5985d79e4976f359 50bb8dde91c4f95c98716d7d702617dbea18bbc7 811ec63ebf47f8ccdafdc6c39280dff6c51b980b2a94547a8b78a3e6cc0b853f
GET /files/js/chosen_v1.8.7/chosen.jquery.js?v=cac22025232-20240425 HTTP/1.1
Host: global.akating.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: application/javascript
last-modified: Sat, 20 Jul 2019 16:38:39 GMT
etag: W/"80115e95193fd51:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 5635
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aoeXPu5cThzIFkVYSXZ0WxUEgJfuvuTPfaVI5O%2BPtwkV8dqUpoef%2BoEi9cY5KV17Cvme2uCM1YjQD4meGj5%2B%2BYiMJdFUXAXfvS%2Bd9deXi%2BzoS3kGgM50dZL4ZNgcpR7EA0QBdeQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797d8075947b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.rosequake.com/static/assets/sass/index.css?v=cac22025232-20240425 | 188.114.97.1 | 200 OK | 7.5 kB |
URL GET HTTP/3www.rosequake.com/static/assets/sass/index.css?v=cac22025232-20240425 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeASCII text, with very long lines (7486), with no line terminators Hash3bbb8940622d7dd97a3260f901c63cb0 013008f7cea48d4a3210ebd75e3dbb84723dc6b3 07539259863772d787aaccb3ce853d5121d49398c36ebe0c1c4d57f544db04b8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/assets/sass/index.css?v=cac22025232-20240425 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: text/css
last-modified: Sat, 14 Oct 2023 18:20:10 GMT
etag: W/"029ee10cbfed91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5635
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FHJg07CUyxmKWxaC6NueUXeBtBbHpQ8%2FxHss5X3aWVWl7WTvbtpqEkKt7FBc75rYCMwJgJhlIvmTd1VwxxELyQ%2FYnGUO65rH8umHDbGxXQqJoUZRxfBxDRDiczTxFhyoRbKZRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797d8057b2a56a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/js/shop-section.js?v=cac22025232-20240425 | 188.114.97.1 | 200 OK | 6.2 kB |
URL GET HTTP/3www.rosequake.com/js/shop-section.js?v=cac22025232-20240425 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeJavaScript source, ASCII text, with very long lines (6664), with no line terminators Hash30646f583611251216ba6744265c3b53 3ebf48e6c5d758c2848df18970f2a914cb01f624 7ed4c532b51119ff2c8dc8ffdd31036a1d300070bf16c9abca3816ba5a56157c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/shop-section.js?v=cac22025232-20240425 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: application/javascript
last-modified: Sun, 17 Dec 2023 19:47:57 GMT
etag: W/"8094beee2131da1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5635
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FrWT5%2B5cBcQrs1Q0lE4j1w1Q9tkWRMyORbdrFXJfLmK7lhNf0dSL4R0ynVKlUv2jU46zBhzfiRwEuSk5r4RC6WXdxmTpRyuMpPcltZ3i3lIZn7wdcD167NlJylqw%2Byl117NKoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797d8060c1b56a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| img.fantaskycdn.com/75e2af75b44da5f6cd9c193aecb5a548_600x.jpg | 104.18.21.211 | 200 OK | 43 kB |
URL GET HTTP/2img.fantaskycdn.com/75e2af75b44da5f6cd9c193aecb5a548_600x.jpg IP104.18.21.211:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectfantaskycdn.com Fingerprint28:2C:B4:60:08:32:85:B2:44:72:D4:B2:9F:55:62:DD:46:3C:5B:0F ValidityMon, 26 Feb 2024 11:44:05 GMT - Sun, 26 May 2024 11:44:04 GMT
File typeRIFF (little-endian) data, Web/P image Hash1d002d2cceb28edf9f4f802f7e448a21 ce2ef5c9c01a667fac09936fec61a6fe3b81cf0b 549619640a9ba26ec114ededd8af8772d1b554b7d584c3ea15bdd809861d75b9
GET /75e2af75b44da5f6cd9c193aecb5a548_600x.jpg HTTP/1.1
Host: img.fantaskycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/webp
content-length: 43186
cache-control: public, max-age=31557600
content-disposition: inline; filename="75e2af75b44da5f6cd9c193aecb5a548.webp"
expires: Thu, 24 Apr 2025 23:34:26 GMT
request-id: 103ec4cd-2ec2-4f15-a3ed-a542425bd3a2
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 103ec4cd-2ec2-4f15-a3ed-a542425bd3a2
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 22:34:41 GMT
cf-cache-status: HIT
age: 525552
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d818b9867131-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/poppins/v21/pxiDyp8kv8JHgFVrJJLmy15VF9eO.woff2 | 216.58.207.227 | 200 OK | 8.6 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiDyp8kv8JHgFVrJJLmy15VF9eO.woff2 IP216.58.207.227:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 8596, version 1.0 Hash858549c2cb50c37c733cfa191fdb07ea 50900cbabf4ae9e1e174162f091404e343585c65 4b0864712c6e7ca75f8c003f7bc1a9270af33d6becd4119463771593274c48d2
GET /s/poppins/v21/pxiDyp8kv8JHgFVrJJLmy15VF9eO.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rosequake.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8596
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 Apr 2024 20:43:57 GMT
expires: Tue, 22 Apr 2025 20:43:57 GMT
cache-control: public, max-age=31536000
age: 161428
last-modified: Fri, 22 Mar 2024 00:00:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.rosequake.com/js/layer.mobile/need/layer.css?2.0 | 188.114.97.1 | 200 OK | 5.3 kB |
URL GET HTTP/3www.rosequake.com/js/layer.mobile/need/layer.css?2.0 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeASCII text, with very long lines (5260), with no line terminators Hash633915e62d14a714594b95b974ee0836 e11ebb64a70272c4f35b92fea064f27c4b87efad eecc7effcae5f246e6212c30c525cee9e11cadedc7d32aa6def213f1a90d98f6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/layer.mobile/need/layer.css?2.0 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: _gcl_au=1.1.68093794.1713980064
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:24 GMT
content-type: text/css
last-modified: Fri, 26 Aug 2016 09:35:36 GMT
etag: W/"024e0327dffd11:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 6109
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EK%2FF5P6ZCvKxqgV4phIrPenkHdRPkV7GK6UIzhuQdwfc5KMbYwG%2Bk3cVIdkZzPCoYufhkjXwE4HAsnokx%2F2JqjpFzVFH0knrfGD9cWiKPS7XAzg%2FnqBc28oRroBgMhZx2yTjwA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797d80d5bce56a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/js/layer.mobile/layer.js?v=cac22025232-20240425 | 188.114.97.1 | 200 OK | 3.3 kB |
URL GET HTTP/3www.rosequake.com/js/layer.mobile/layer.js?v=cac22025232-20240425 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (3402), with no line terminators Hashe478b122e8abdf168128444b1ed90258 303da5ec2c81191f06cddce2217684781cc0738b 8954e9b18e9e49b9384409b17b5e3f5912c320d78eee9ecf850e04d964f35eb1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/layer.mobile/layer.js?v=cac22025232-20240425 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: application/javascript
last-modified: Fri, 19 Mar 2021 17:46:56 GMT
etag: W/"0a886dae71cd71:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5635
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sgfzAq7lMv%2BwHD4h%2BIxOhd5ai%2BUzXZAfkSDuOT7HyDiCpqu8aTotf%2F%2Fl2A5Ns3JPi%2BDohYyWnhHw34%2BTQ9tKpgtRV9LZnYORSBiLx%2FQ8M7JRioagmgIT%2BvPCs2PB5bZB0ROjPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797d805cbbb56a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/css/shop-section.css?v=cac22025232-20240425 | 188.114.97.1 | 200 OK | 20 kB |
URL GET HTTP/3www.rosequake.com/css/shop-section.css?v=cac22025232-20240425 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/shop-section.css?v=cac22025232-20240425 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: text/css
last-modified: Thu, 28 Dec 2023 19:18:46 GMT
etag: W/"06f9cadc239da1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5635
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xr7s3EgQUisjG6OTyTyKy2woPLRpLJ9pS3NZ8kkPRPvV1ePAsSvew8F6oOcDeyXLJicniguXYSbdWl%2FnOIJY0XBHjHBW5a8zdzb%2FLL9%2BlsqC6m7PHza0lIEIeBB%2FwYSCiuVgZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797d805cbcf56a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/static/base.js?v=cac22025232-20240425 | 188.114.97.1 | 200 OK | 84 kB |
URL GET HTTP/3www.rosequake.com/static/base.js?v=cac22025232-20240425 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/base.js?v=cac22025232-20240425 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: application/javascript
last-modified: Sat, 06 Apr 2024 09:48:33 GMT
etag: W/"80ee6196788da1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5635
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B0hFlVO4t%2BF697rGgXs%2BMjYFzsVh1XcYIjO0XE9fXI4SskG5RCDUbSUVfUEUh%2FQu1FIPhLq36EGjcF26Pb%2FAmohlB6r3TQFUwtJB5ydozxiochkqKINMWEdi2WlsJeBlNOLWEA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797d805cbb756a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| global.akating.com/static/images/country/GB.png | 172.67.165.29 | 200 OK | 1.7 kB |
URL GET HTTP/3global.akating.com/static/images/country/GB.png IP172.67.165.29:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectakating.com FingerprintA8:7E:17:08:6D:10:CF:53:D4:98:D4:CE:50:7C:4A:15:9B:62:1D:62 ValidityFri, 19 Apr 2024 10:57:59 GMT - Thu, 18 Jul 2024 10:57:58 GMT
File typePNG image data, 120 x 80, 8-bit/color RGBA, non-interlaced Hash7395045bdbb57b20e5aa639f1ab3c0f7 4b26239d94e6e14a41bc7cec5d7f2064ecbb3e47 78516cab66e3a8dfa9b964b4c397fecd1ccd9d6b7322380d1bc39760c0f43e1a
GET /static/images/country/GB.png HTTP/1.1
Host: global.akating.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/png
content-length: 1674
last-modified: Sat, 16 May 2020 04:28:12 GMT
etag: "9e97ce683a2bd61:0"
x-powered-by: ASP.NET
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 2108
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LL4aWoKFnNjjJji1dTqgp%2Fs7MAHCjrjLcgZ4QwNDRBRRQkYGab%2B3PrGrAi9hG68DhO8E%2FhfQsAkXrzInJNxXCQNhO%2B9pJSIQKhlqgt1LvOCCzpA%2F%2FdLQmGp9dddVHDpGcujDim8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8797d81a2bcd712e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/static/lib/bootstrap/popper.min.js?v=cac22025232-20240425 | 188.114.97.1 | 200 OK | 19 kB |
URL GET HTTP/3www.rosequake.com/static/lib/bootstrap/popper.min.js?v=cac22025232-20240425 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeJavaScript source, ASCII text, with very long lines (18706), with CRLF line terminators Hash777f8a32fe7ad62a6c5f1e649bc3616e 41feeaacdff5f9714848b7bbe55739185462f2ab 7a409fd037337862ad8373afd1e77781984d6961c90c00d901ae04664768b01b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/lib/bootstrap/popper.min.js?v=cac22025232-20240425 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2022 06:06:44 GMT
etag: W/"0b2bf316db0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5635
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nLFk1pEbhnMeR4yUo%2F7xU%2F9EreFKMk0p6Tt%2Bz6Kau7j2BKpNJhj10DmiLtYWQCOkwHQs9SAahks8rEJSF1p451bSJJGKSdcItioqpaLvC3DF58gUkN%2B%2B3tqfbRVv8vSvJDgu6w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797d8058b6356a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| global.akating.com/Images/country_list_bg.png?v=d | 172.67.165.29 | 200 OK | 73 kB |
URL GET HTTP/3global.akating.com/Images/country_list_bg.png?v=d IP172.67.165.29:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectakating.com FingerprintA8:7E:17:08:6D:10:CF:53:D4:98:D4:CE:50:7C:4A:15:9B:62:1D:62 ValidityFri, 19 Apr 2024 10:57:59 GMT - Thu, 18 Jul 2024 10:57:58 GMT
File typePNG image data, 20 x 5477, 8-bit/color RGBA, non-interlaced Hash6c82c39a53d564744f41787731157fe9 c1ed91eb19f49725887d7b8b5d72607500744b5a 0584c02871ac6487ab8a93f4d6a5c1d1b8100061d7485cae1de3e7dcab8ad347
GET /Images/country_list_bg.png?v=d HTTP/1.1
Host: global.akating.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://global.akating.com/files/css/countryFlag_s.css?v=cac22025232-20240425
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:25 GMT
content-type: image/png
content-length: 72595
last-modified: Sun, 03 Jul 2022 14:09:02 GMT
etag: "0d36072e68ed81:0"
x-powered-by: ASP.NET
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 2108
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a57XjthQ0naXmw8j3cTm8TzH11ywlvr6kgM9jHwdBfXEZwg7RCW%2FWqyBEX%2FVOW0mc%2FooPFBX9qCbNo%2B8qBovllH%2BZYeHNvopH6uHU1u95Z3dKwoauAV%2FE5WHdvbipmV9ZU93fhg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8797d80e3d44712e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/3245df1dd364f2b1284301de13e1f57a_600x.gif | 104.19.235.103 | 200 OK | 32 kB |
URL GET HTTP/2img.staticdj.com/3245df1dd364f2b1284301de13e1f57a_600x.gif IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hasha6409efe2766bf6ca61a9fbb47b13d19 539281a4af53e949e0758c08acde561cd9b733fc 1ea89e37fd0728b37764328658726f9d3c9e2d81d8d9e4ab4895a77a93ee413f
GET /3245df1dd364f2b1284301de13e1f57a_600x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: image/webp
content-length: 31462
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=92940
content-disposition: inline; filename="3245df1dd364f2b1284301de13e1f57a_600x.webp"
request-id: 3731b15a-11e2-42fc-959d-5e73e776e91f
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Thu, 18 Apr 2024 00:37:28 GMT
cf-cache-status: HIT
age: 525556
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HCBZN4h%2F%2B0Clu3HQolhtUk3%2B1rjJnblu%2BwmanHUQurTmR1hSJzU1y5kKlBk4inro2V7TYqv9L9I%2Bzr1iC8aJem030yCBHDvl5rj8H1Ycq3BjAjNxtYDyv%2F60G4Tm47pCRaQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=30.999899
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d8076ae4569b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.rosequake.com/images/loading.gif | 188.114.97.1 | 200 OK | 781 B |
URL GET HTTP/3www.rosequake.com/images/loading.gif IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeGIF image data, version 89a, 16 x 16 Hash21ab0717cf57aea00e222e6570678b35 d76c0624c7598ffa603475a1ece2ba4e18355879 82d0c69a839a750eeb6bd5d94b7a94ab87b006924e97479ce8c55dc13b39ee11
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/loading.gif HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/static/CBDStyle.css?v=cac22025232-20240425
Cookie: _gcl_au=1.1.68093794.1713980064
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:25 GMT
content-type: image/gif
content-length: 781
last-modified: Wed, 13 May 2015 02:03:29 GMT
etag: "c16ee41218dd01:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 3808
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HdR0QCg7dp7r7vLZOmrEXHlshYp2in%2BWQ88Tmcv9TOksHuIzu%2BjfvC01bN83HuA%2B%2BxalrCgbANX5Jh73wDMwnO0SgHqISGTmZAyamHbw2oG3Py65MZAcyGYEyYtK7F%2BHze2ZqA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8797d80e4d0556a8-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/070d153349c79c7deb2c73960de15682_600x.jpeg | 104.19.235.103 | 200 OK | 21 kB |
URL GET HTTP/2img.staticdj.com/070d153349c79c7deb2c73960de15682_600x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash5c691090b454f1b36126b4d03ea1bf34 d47cf6b47047b65f231e4f9fa28dd95b0f693d0e 593bcf24ea1da41a5482b63134228ac274d503963897129fa24f268a460eed20
GET /070d153349c79c7deb2c73960de15682_600x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: image/webp
content-length: 20786
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="070d153349c79c7deb2c73960de15682.webp"
expires: Wed, 06 Mar 2024 20:01:56 GMT
request-id: c6fc1e99-4d63-44b5-9e8f-f22db30bda9d
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: c6fc1e99-4d63-44b5-9e8f-f22db30bda9d
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 19:01:56 GMT
cf-cache-status: HIT
age: 550722
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4RToXFjfdqwXjNv1Da8BjiVZ%2Bg3aYwO9B0uE%2FQXCLnrmpO6YrxsKwY8arDWNQkY5LmurwgWQs6jIyzvwabRXSz9%2FulILPGpinEKOy%2Bfj4EPyKBVV3blidDyNoWxEXDrJSk4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=24.999857
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d8076ae1569b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.rosequake.com/static/lib/slick-carouse/slick.min.js?v=cac22025232-20240425 | 188.114.97.1 | 200 OK | 44 kB |
URL GET HTTP/3www.rosequake.com/static/lib/slick-carouse/slick.min.js?v=cac22025232-20240425 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeJavaScript source, ASCII text, with very long lines (32026), with CRLF line terminators Hash04f7e97a54f61407f230196b17a3b5c8 e3d1d3bdc40c2e3788e2b83b1cf70084e330eaa3 254d80a49d0c9fced2fd0c272e7b868ca726df8189dc9c5735c56a33e7853dfc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/lib/slick-carouse/slick.min.js?v=cac22025232-20240425 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2022 06:06:42 GMT
etag: W/"0858e306db0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5635
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rm58LwT8YuypNt1PfzH1xk%2FeU5daNormj4iv8HXZ7zgGBZA2aZIWqi%2FCxBK6z2oYNlHCIE8Wpuk9tJ0oYMYFB215p6T1rcaBqI58Ew1X4vIJ26Asf%2Fw0GJJo5PEiMEy09Ft4qA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797d8059b6556a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/Apis/Reviews.aspx?pageSize=8&pageIndex=1 | 188.114.97.1 | 200 OK | 12 kB |
URL GET HTTP/3www.rosequake.com/Apis/Reviews.aspx?pageSize=8&pageIndex=1 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
Hashb78649165192b13a47ed346f880ec210 54341ed793694d7f0710344d91bee65e18c8118c 7aff79a2c12432917c9853e4480e1fc2dfa328e1b24a24ed6f1d9350569d67f3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Apis/Reviews.aspx?pageSize=8&pageIndex=1 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: _gcl_au=1.1.68093794.1713980064; _ga_B1QS3P765Z=GS1.1.1713980065.1.0.1713980065.0.0.0; _ga=GA1.1.1956862707.1713980066
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: application/json; charset=utf-8
cache-control: private
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yw60WydKZ0Or%2BUT5Vihlum6eH%2BUqLcyN10efLhDItADNiHG0NWsTPZQaslQRAd%2FIuqenXxBe%2BftTO24dwZS7j%2FjkbK7%2BcIYxoo07B0xg7lMuMVPKY9VJEw%2FEuHW9rv2HO5Rm%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797d817381756a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/8307b2cbbae637fbb0ec9875f97cd77a_100x.jpeg | 104.19.235.103 | 200 OK | 4.6 kB |
URL GET HTTP/3img.staticdj.com/8307b2cbbae637fbb0ec9875f97cd77a_100x.jpeg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashc1ad399fbe0d6deefaf527512761101d 17ef3e81913b00955285125c15703712a59f5f5f fce729ffd412787adabd423740ebeeb7ed97bcc5139a84b3c8c569e296bd8748
GET /8307b2cbbae637fbb0ec9875f97cd77a_100x.jpeg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/webp
content-length: 4614
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="8307b2cbbae637fbb0ec9875f97cd77a.webp"
expires: Wed, 06 Mar 2024 23:34:20 GMT
request-id: 651c5c8f-fab6-4b6f-9af9-ca535576ed27
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: 651c5c8f-fab6-4b6f-9af9-ca535576ed27
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 22:34:20 GMT
cf-cache-status: HIT
age: 1143700
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G2nytzy1BVAef7bibodm1pkmxpoaGeVnCx4CrGjkWJeoctfXfCTRmL57ym37NJKIhbuEOpzp3vPvoQXIoWbUwQ9woEwO2Ry7Q4Ly8R6CYqVm7iS2nC76LYj2XKytDRKNMsw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=13.000011
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d81a2b981c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/c9253861e40edd923d3ac7749c815e14_600x.gif | 104.19.235.103 | 200 OK | 20 kB |
URL GET HTTP/2img.staticdj.com/c9253861e40edd923d3ac7749c815e14_600x.gif IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash5ceb632798d21262b562c46b8731325b 15c2e19115d1d84d98ebd93faae96ec5ab66bc2f f7c6f035c0a34447033bf25c1a0b75b8634a12b329da11e045ec3217b05581c8
GET /c9253861e40edd923d3ac7749c815e14_600x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: image/webp
content-length: 19630
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=57609
content-disposition: inline; filename="c9253861e40edd923d3ac7749c815e14_600x.webp"
request-id: 741bbce0-5b35-43c7-8ebf-d926da1639d6
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Mar 2024 05:14:12 GMT
cf-cache-status: HIT
age: 1143697
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=566W3o2JGJE%2Fau6zDuElf3UcdZ57OZl6M%2B4dM30xHeckWqx7vFMEt5jT8M%2BMrcDcfOA0HzCqHCNAWjV6w30QkcHMpgNgw0Ua43dsnS2Gw4Bsay8h%2BwtNsJwPE9SocPlKYDY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=29.999971
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d8076ae2569b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img.staticdj.com/de4fef1b05b5f0293d6da27bf9e0b08d_600x.gif | 104.19.235.103 | 200 OK | 152 kB |
URL GET HTTP/2img.staticdj.com/de4fef1b05b5f0293d6da27bf9e0b08d_600x.gif IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Size152 kB (151866 bytes) Hash2777d2f066ac9a81e5ab09d9b2be6561 0c19384068669134195e35dd8858e2a13e28a0ca f21bc908138664cd6014fc302599665a19309c92f3dd85c43be7889a078e9a92
GET /de4fef1b05b5f0293d6da27bf9e0b08d_600x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: image/webp
content-length: 151866
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=443294
content-disposition: inline; filename="de4fef1b05b5f0293d6da27bf9e0b08d_600x.webp"
request-id: 6d404eb4-a304-40c2-9415-feeb99bc8540
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Mar 2024 19:32:12 GMT
cf-cache-status: HIT
age: 2278548
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S8H6%2BGuseTa23wSI4pW%2BaqBbDsCJkzL262gqsfpsFiL9xnmxuNwBtB1SBiZUbPH1nH6xtp%2BIuAjhjZx5fQECPylxlCSdpvI0EPfEkYhrgZ1%2BH9YPNuEm1OQSwQNPd%2BYYSo4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=22.000074
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d8076aea569b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/poppins/v21/pxiDyp8kv8JHgFVrJJLmg1hVF9eO.woff2 | 216.58.207.227 | 200 OK | 8.5 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiDyp8kv8JHgFVrJJLmg1hVF9eO.woff2 IP216.58.207.227:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 8504, version 1.0 Hash88042d51a299f20ab0ddf917838fe403 a99a6d584385f86f84e893330f6ae158372b5d63 1ddb074f9963be8f6275c42dbd54d18625da8f91c85803121094ec81649f488b
GET /s/poppins/v21/pxiDyp8kv8JHgFVrJJLmg1hVF9eO.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rosequake.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8504
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 07:15:31 GMT
expires: Wed, 23 Apr 2025 07:15:31 GMT
cache-control: public, max-age=31536000
age: 123534
last-modified: Fri, 22 Mar 2024 00:00:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| we.chatsoftly.com/agents/free.aspx?im_web_plugin_id=9&session_key=&callback=udesk_jsonp1 | 104.21.92.129 | 200 OK | 37 B |
URL GET HTTP/3we.chatsoftly.com/agents/free.aspx?im_web_plugin_id=9&session_key=&callback=udesk_jsonp1 IP104.21.92.129:443
Requested byhttps://www.rosequake.com/ CertificateIssuerLet's Encrypt Subjectchatsoftly.com FingerprintB5:CE:E5:95:0F:6B:BB:E2:D4:E0:32:34:86:00:B8:EB:C8:3F:A6:E5 ValidityWed, 06 Mar 2024 04:41:15 GMT - Tue, 04 Jun 2024 04:41:14 GMT
File typeASCII text, with no line terminators Hash7672beac85cebbe185cf4731eff557a6 18d088bf4ac76689a6c766cbb33f4a76d2863c93 b459a79f09145d4fdc335e4028a544d6a9c49ce7c4056775ee94bf29b697d60b
GET /agents/free.aspx?im_web_plugin_id=9&session_key=&callback=udesk_jsonp1 HTTP/1.1
Host: we.chatsoftly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:36 GMT
content-type: text/javascript; charset=utf-8
cache-control: private
vary: Accept-Encoding
set-cookie: ASP.NET_SessionId=ugjzrlm015gp110lio4zkwwx; path=/; HttpOnly; SameSite=Lax
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pUXkAlwTXbAo%2FHm562dGh4qXTg1S8V9Lxo%2FZFFmdkxWb0eMQctKpkNPdbeD6VVAjXeZ62b4spDL3QP4RwNpQLRZv%2FmcdagYCvqdiToey9bq5wgOE%2BYUQpsEHW0%2BvWMEHnvO3DA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797d853ba4b56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap | 142.250.74.106 | 200 OK | 14 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap IP142.250.74.106:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
Hashdce36a48bcf330832152e582d29373b8 cd44276b28cf6be734f61e45644ed6ea0ad08e6e 3f6e8efb65dff0486271d787d60be7d84387c203bebd36159794e6e2c28c31f3
GET /css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 24 Apr 2024 17:34:24 GMT
date: Wed, 24 Apr 2024 17:34:24 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.rosequake.com/static/extra.css?v=cac22025232-20240425 | 188.114.97.1 | 200 OK | 650 B |
URL GET HTTP/3www.rosequake.com/static/extra.css?v=cac22025232-20240425 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeASCII text, with very long lines (650), with no line terminators Hashc99be612fbce82182d83923efc718b6a 6ad887b258ec267c4bb6ce6e73b496cd825b37a6 437a0cfa54d982b2fe6090623a98b8084d4591565cf0104767e7ca42f35f3628
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/extra.css?v=cac22025232-20240425 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: text/css
last-modified: Sat, 29 Jul 2023 10:11:15 GMT
etag: W/"e2944125c2d91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5635
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w4r%2F6OQ2lONzMlU2nhODYTr%2Fn4Rcot05am1EhZ7gK4MX3ao%2BMx93WVzR7Um8A4O8RBN7RmyDtc0lhJoOnAPBRiWUuYsHWKObS%2F5Yz50CGg2PaSkapBz5TTgjrGDeq5kPOXBINw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797d805cbcc56a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| img.staticdj.com/632746d706da83e4fdc5052971513462_600x.jpg | 104.19.235.103 | 200 OK | 58 kB |
URL GET HTTP/2img.staticdj.com/632746d706da83e4fdc5052971513462_600x.jpg IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashc90e5d16403043deb84d1b8b24689b4c 76d24ed464c7437b70cb4aa415ea5a3e0024273b 3f1cf1e27f4478a0f2af432d725f4a6413d17fff2dce1a12e6a11010c91a914f
GET /632746d706da83e4fdc5052971513462_600x.jpg HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: image/webp
content-length: 58254
cache-control: public, max-age=31557600, max-age=3600, public
content-disposition: inline; filename="632746d706da83e4fdc5052971513462.webp"
expires: Wed, 06 Mar 2024 23:44:02 GMT
request-id: ba400a9e-cdfb-4468-a707-8b6a473cfab2
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-request-id: ba400a9e-cdfb-4468-a707-8b6a473cfab2
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Mar 2024 22:44:02 GMT
cf-cache-status: HIT
age: 550722
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0FfbopZAQzsl6OoY12j8TWVezgg6r%2FwV3EBQ7RBQIy%2FOQWzjtKHjh0KdbtBbFgazKmHOuvAc0PeXgQxUdiRHvqw9lj2qpgibv9TqXzhiBqUhorPh5djLw4CfgWZmOkZgycc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=31.000137
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d8076aeb569b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| we.chatsoftly.com/im_client/js/udeskApi.js | 104.21.92.129 | 200 OK | 122 kB |
URL GET HTTP/3we.chatsoftly.com/im_client/js/udeskApi.js IP104.21.92.129:443
Requested byhttps://www.rosequake.com/ CertificateIssuerLet's Encrypt Subjectchatsoftly.com FingerprintB5:CE:E5:95:0F:6B:BB:E2:D4:E0:32:34:86:00:B8:EB:C8:3F:A6:E5 ValidityWed, 06 Mar 2024 04:41:15 GMT - Tue, 04 Jun 2024 04:41:14 GMT
Size122 kB (122466 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /im_client/js/udeskApi.js HTTP/1.1
Host: we.chatsoftly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:35 GMT
content-type: application/javascript
last-modified: Fri, 13 May 2022 16:02:26 GMT
etag: W/"095cfd6e266d81:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 6117
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fIoB3yDIJtQDp%2FOZL3P7deGlFHOy5ftJKPsHRsFPiuyvYU4GvMXz6Jyfjsp8CFrUJUbv2Rc1DpFAbwZyHUKZ5fzlHzA1TykMDPvTI%2BvwoMP9Fl8jgYrIbn1SSeGR5LD3u6cvkw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8797d850eeca56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/js/jquery-ui-1.13.1.custom/jquery-ui.min.js?v=cac22025232-20240425 | 188.114.97.1 | 200 OK | 38 kB |
URL GET HTTP/3www.rosequake.com/js/jquery-ui-1.13.1.custom/jquery-ui.min.js?v=cac22025232-20240425 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeJavaScript source, ASCII text, with very long lines (37264) Hashb74c18de0056ed87c5e712eb21074f98 fc1fa797cac8bb89a1416aa2662b2cd74d851d60 4502cf3c096b98c6ed963242ce158fce517d3afd00982d2a8daddce91f30375a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/jquery-ui-1.13.1.custom/jquery-ui.min.js?v=cac22025232-20240425 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: _gcl_au=1.1.68093794.1713980064
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:24 GMT
content-type: application/javascript
last-modified: Tue, 05 Apr 2022 21:33:12 GMT
etag: W/"05c40c03449d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5636
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qYMHEyRAS8RKvlZmOYmtu9dRkKqce3UPXaz6tW3irJ3QOMAqBMreCICh0aABN6AJ0brqdwB1msR2Nt3Hq5yufVPLa4TOygBIYcUbGH%2FXVDcmvJOyQgtZF%2B9vUwdMaZXde7digA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797d80cab1956a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/js/video-js.min.css | 188.114.97.1 | 200 OK | 46 kB |
URL GET HTTP/3www.rosequake.com/js/video-js.min.css IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeASCII text, with very long lines (45950), with no line terminators Hashfbc92259a04709e2f8a10960e574e5fc c03562e5c2c407426076f7f844f0c634631ea0f0 48876176ecb5cf6cdb8e7d91c8d63b89f6bc3fa8fb4b67a595c0a59940a433a6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/video-js.min.css HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: text/css
last-modified: Thu, 26 Oct 2023 05:20:16 GMT
etag: W/"0687d1acc7da1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 6108
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hGeBnDp%2BOT7QvQSviZ0Xep9jBBiupi%2B3tbtLTlERcvlOcn63a1a3sZ9n6htwF1f5NC0QtJ4SWnF%2BTus%2B%2FaQbwgHmxRmKpdowH2gmv79L4jzimowC2H0X2jDwSv3I%2F%2BIA6uX%2B0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797d8060c1c56a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/static/image/loading-0.gif | 188.114.97.1 | 200 OK | 5.8 kB |
URL GET HTTP/3www.rosequake.com/static/image/loading-0.gif IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeGIF image data, version 89a, 60 x 24 Hasha72011ccdc2bcd23ba440f104c416193 ba81388bbac5bc223f94489b97a95a13f3c78e47 07236f6814a40623bab43f2043860c97678bc7deedbf06feff92f0d6e6673bf5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/image/loading-0.gif HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/static/CBDStyle.css?v=cac22025232-20240425
Cookie: _gcl_au=1.1.68093794.1713980064
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:25 GMT
content-type: image/gif
content-length: 5793
last-modified: Tue, 05 Dec 2017 03:57:25 GMT
etag: "5ac952297d6dd31:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 6109
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7pHFwAYcbv17UpWExwuavQGyvI0aSN2krRcJpdc%2FclBlb67AK4SEf22TcaAUoop5pYVZC%2BbSGXANJhYYcOC5sMmWbghnFyxtR2GDp%2BVHSWvaCuO%2Bn00iZjkPTXsgI6wW4l%2FgBw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8797d8108f2b56a8-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/static/lib/bootstrap/bootstrap.min.css?v=cac22025232-20240425 | 188.114.97.1 | 200 OK | 164 kB |
URL GET HTTP/3www.rosequake.com/static/lib/bootstrap/bootstrap.min.css?v=cac22025232-20240425 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
Size164 kB (163880 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/lib/bootstrap/bootstrap.min.css?v=cac22025232-20240425 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: text/css
last-modified: Mon, 15 Aug 2022 06:06:20 GMT
etag: W/"09671236db0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5635
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JQPKNOhtSNS9QpOqIDw95dYIafOKusTjJFM9Syw40LdHRf6g9Lz0k5svh8pjO0bDdXByMryB01EsXk7FdqAeVu80v1IaO7NJWV%2Bv0A1yydoUcEYU%2By2UuYPIx%2BgEUYIeuuYehw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797d8056b1c56a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/Ajax/GetMinCart.aspx?type=&r=0.4219457949539448 | 188.114.97.1 | 200 OK | 56 B |
URL POST HTTP/3www.rosequake.com/Ajax/GetMinCart.aspx?type=&r=0.4219457949539448 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash67281efb80814ce084ebfc6a4a15fd9c b5a64ea8a096b95a697bcc3d18b2cfb408564452 d928ba697d2f378263311848ceed5c3ed7f97b8090f8a23af46914560dc7a955
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /Ajax/GetMinCart.aspx?type=&r=0.4219457949539448 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 11
Origin: https://www.rosequake.com
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: _gcl_au=1.1.68093794.1713980064; _ga_B1QS3P765Z=GS1.1.1713980065.1.0.1713980065.0.0.0; _ga=GA1.1.1956862707.1713980066
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: application/json; charset=utf-8
cache-control: private
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bbHJidfEPmkTWomuDdZGIEAjH0wMwhrRLOHmvhIo1vXvjML4sUBu7euFKV1JudnQHiXOX6kvdNoxFFUsHFG91TSIL3zz0iVUutaoDRcK9451N92krScM%2BeG6hZibsrFy3Pv%2BTw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797d813cbf356a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 | 216.58.207.227 | 200 OK | 8.0 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 IP216.58.207.227:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 8000, version 1.0 Hash72993dddf88a63e8f226656f7de88e57 179f97ec0275f09603a8db94d4380eb584d81cd5 f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.rosequake.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 Apr 2024 22:05:29 GMT
expires: Sun, 20 Apr 2025 22:05:29 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:00:59 GMT
content-type: font/woff2
age: 329336
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| img.staticdj.com/72767f2271b74ee198e09a21d56e3541_600x.gif | 104.19.235.103 | 200 OK | 19 kB |
URL GET HTTP/2img.staticdj.com/72767f2271b74ee198e09a21d56e3541_600x.gif IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashb27276b892f3c67098c0947293ed666a 435595e3bbfb2e6198331d3ca8eccdb01be2b937 ff19b713d662bd5a49453dd486265f365d5a32d8c50b1c210ce313727940b8d8
GET /72767f2271b74ee198e09a21d56e3541_600x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: image/webp
content-length: 19084
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=63049
content-disposition: inline; filename="72767f2271b74ee198e09a21d56e3541_600x.webp"
request-id: e3676804-8c34-4fdc-9850-38a06ed24b0a
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Thu, 07 Mar 2024 20:44:31 GMT
cf-cache-status: HIT
age: 3398661
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XElnhWEkTi3AoAlEk62mY2u0iFN%2Fx5vVqyQzyjbbjVl0mweIlT%2FYbWC9MaGEv3dBtq4cOpHsXmtt1Jkg7lGAe8VxLqQlPYUapquwWShwcUbvdPs7UCrvdSbEB7tdEgOMXrM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=23.999929
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d8076ae3569b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| nicesis.com/cdn/shop/files/preview_images/5c4e8ab37b8f49b5823ee2567a37a3e0.thumbnail.0000000000.jpg | 0.0.0.0 | | 0 B |
URL GET nicesis.com/cdn/shop/files/preview_images/5c4e8ab37b8f49b5823ee2567a37a3e0.thumbnail.0000000000.jpg IP0.0.0.0:0
Requested byhttps://www.rosequake.com/
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn/shop/files/preview_images/5c4e8ab37b8f49b5823ee2567a37a3e0.thumbnail.0000000000.jpg HTTP/1.1
Host: nicesis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| img.staticdj.com/4aa192c5ff5f15ea00730eeeb2f98e56_600x.gif | 104.19.235.103 | 200 OK | 36 kB |
URL GET HTTP/2img.staticdj.com/4aa192c5ff5f15ea00730eeeb2f98e56_600x.gif IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashddf34d8a6ae904b02838324a148d581c b33cde025e395b28ee2b51968e95fb4a86edd716 440b6848b4f9cdc605eebc75fbbb67e4434fc0d88afea3895ec812e8a4f7b585
GET /4aa192c5ff5f15ea00730eeeb2f98e56_600x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: image/webp
content-length: 36548
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=158108
content-disposition: inline; filename="4aa192c5ff5f15ea00730eeeb2f98e56_600x.webp"
request-id: 9081220b-317a-4b98-996d-ff5695cf5f41
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Wed, 17 Apr 2024 22:52:20 GMT
cf-cache-status: HIT
age: 525556
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KKQakj2z%2FWS6niqrElC%2FeCFhbvmmlvPLma1LvPkXYROgAmuA99oEN%2FYmYTTNiF2CmX%2F9JlSLRyP1VF0y74CJlEj%2B3rEITeS9izJQGq2iMtQprBcaMVPv7O5sQXNi4urNW8o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=29.999971
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d8075ad9569b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.rosequake.com/static/lib/jquery.cookie/jquery.cookie.min.js?v=cac22025232-20240425 | 188.114.97.1 | 200 OK | 1.7 kB |
URL GET HTTP/3www.rosequake.com/static/lib/jquery.cookie/jquery.cookie.min.js?v=cac22025232-20240425 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeJavaScript source, ASCII text, with very long lines (1787), with no line terminators Hashc57933c2ac908dee0f6ef18b2e872b72 68c436f1d7535121e501c528c014c6d75d68e2d6 d6b9dbdce63d206416502fd7b8e3b92e5a65158a45854fc6d0c0cb21909515a0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/lib/jquery.cookie/jquery.cookie.min.js?v=cac22025232-20240425 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2022 06:06:42 GMT
etag: W/"0858e306db0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5635
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q9of3Qiv21qSdk69hc9dI1Gc4oY4EyKtAZAWYhzPc6mnwbdvtYicdrSTuefqpoqUfAIfeTtgJ8%2FNa6MhjVIS74qOHGhtRld8rc7DkA%2FGgTeuEopnPfcM5wndTzYQYvsBGk%2B%2BSg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797d8058b5f56a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/static/lib/bootstrap/bootstrap-grid.min.css?v=cac22025232-20240425 | 188.114.97.1 | 200 OK | 85 kB |
URL GET HTTP/3www.rosequake.com/static/lib/bootstrap/bootstrap-grid.min.css?v=cac22025232-20240425 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeASCII text, with CRLF line terminators Hash7dbc3c16a7a1e0d4941608290b1cb218 d9fcde029ae22c446ced020bd143bc4c47eb7d9c 871f218ccbc29aea08acee4ff6164888af936d0b6f604c1658e3b19094660e9a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/lib/bootstrap/bootstrap-grid.min.css?v=cac22025232-20240425 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: text/css
last-modified: Mon, 15 Aug 2022 06:06:14 GMT
etag: W/"0fde1f6db0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5635
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pftvBZsiRppk2MJEnIcdXT9lxXjr7Y6JQH%2BsO3lPtjEWr%2FmXEayTsq2I3ESQPi5NBrf2fUWnIW7g8HHPeSQwSS0NPeo6injvAaBDiALRnPfq7XwCpccWzIWRYEIMiiwQfhwjlA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797d8056b1e56a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| global.akating.com/files/css/countryFlag_s.css?v=cac22025232-20240425 | 172.67.165.29 | 200 OK | 25 kB |
URL GET HTTP/2global.akating.com/files/css/countryFlag_s.css?v=cac22025232-20240425 IP172.67.165.29:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectakating.com FingerprintA8:7E:17:08:6D:10:CF:53:D4:98:D4:CE:50:7C:4A:15:9B:62:1D:62 ValidityFri, 19 Apr 2024 10:57:59 GMT - Thu, 18 Jul 2024 10:57:58 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /files/css/countryFlag_s.css?v=cac22025232-20240425 HTTP/1.1
Host: global.akating.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: text/css
last-modified: Sun, 03 Jul 2022 14:40:24 GMT
etag: W/"03c23d4ea8ed81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 5635
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FKZ7vFL5g6KTZoan8tcUoEsw2w0LAU7wLXJOhgaBSUkWSgGm2znTXfzDkcfEjMppvZVSuLPhxxxVNfrhzShd4aJnpCBdj29EukrQZCVFuK84bf9o4BlxZ22v0lZAlyfPUaAkVrg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797d806783db511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.rosequake.com/js/video.min.js | 188.114.97.1 | 200 OK | 626 kB |
URL GET HTTP/3www.rosequake.com/js/video.min.js IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
Size626 kB (625751 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/video.min.js HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: application/javascript
last-modified: Thu, 26 Oct 2023 05:20:34 GMT
etag: W/"0fd3725cc7da1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 6108
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QuYPhowxAMa4wKqYGiu8PCzN7muFVyKihuGjxAUVBBhy2eliq235kvYeN%2FGzsywpyIv01iQXKc3hItEluV%2BW7oDWqA2jFBBBQTJzCqg9ggPGv0nJNGmMPBCs%2Fy%2BXGlNiYGp9%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797d8060c1d56a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| global.akating.com/files/js/chosen_v1.8.7/chosen.css?v=cac22025232-20240425 | 172.67.165.29 | 200 OK | 12 kB |
URL GET HTTP/2global.akating.com/files/js/chosen_v1.8.7/chosen.css?v=cac22025232-20240425 IP172.67.165.29:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectakating.com FingerprintA8:7E:17:08:6D:10:CF:53:D4:98:D4:CE:50:7C:4A:15:9B:62:1D:62 ValidityFri, 19 Apr 2024 10:57:59 GMT - Thu, 18 Jul 2024 10:57:58 GMT
Hashf9e4f602d90605d2dae0d32979c69029 d8c7700cbf92f6100c9aa5de69ac6d4390802ee7 89945fcb95372714ec719cfed9a0ad20f35bc6f0d1d471662dba38c6f46b0f75
GET /files/js/chosen_v1.8.7/chosen.css?v=cac22025232-20240425 HTTP/1.1
Host: global.akating.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: text/css
last-modified: Sat, 25 Jun 2022 10:07:28 GMT
etag: W/"0f0f95f7b88d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 5635
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sUApkTwS24QFe0hRnwObpp%2B8upkv25XalVcNM76aF33s0DF3CAm3kniSuJFaYgV9%2B7SpB2T4I6BXMltC7M0T9Az0S7MlCrs3ydNuvRbfJ9gelU12Rk1m0zV0P9TtTEEuljsb1kU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797d8068843b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| global.akating.com/files/css/CBDCurrency.css?v=cac22025232-20240425 | 172.67.165.29 | 200 OK | 12 kB |
URL GET HTTP/2global.akating.com/files/css/CBDCurrency.css?v=cac22025232-20240425 IP172.67.165.29:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectakating.com FingerprintA8:7E:17:08:6D:10:CF:53:D4:98:D4:CE:50:7C:4A:15:9B:62:1D:62 ValidityFri, 19 Apr 2024 10:57:59 GMT - Thu, 18 Jul 2024 10:57:58 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /files/css/CBDCurrency.css?v=cac22025232-20240425 HTTP/1.1
Host: global.akating.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: text/css
last-modified: Sat, 23 Sep 2023 14:39:28 GMT
etag: W/"09068c12beed91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 5635
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p%2B9C9PkrN9i1PeHlSsvncdbjlLvJZ%2Bs8T%2FCSlet86gOPi8G3RDytmIMit%2Br6dfErfNje%2FFTM9iuHxsKxhAVHC%2BQGu3I3jZHWkCT3pdg7do60VZVWDWb0vNWHRfFqhY6iXJN%2FywY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797d8068859b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img.staticdj.com/0d6e8d0701e53234033de17232ab13c6_600x.gif | 104.19.235.103 | 200 OK | 33 kB |
URL GET HTTP/2img.staticdj.com/0d6e8d0701e53234033de17232ab13c6_600x.gif IP104.19.235.103:443
Requested byhttps://www.rosequake.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint4B:A2:4D:C6:60:04:EF:AF:EF:49:ED:3C:08:D9:87:A6:AE:B5:AF:08 ValiditySat, 08 Jul 2023 00:00:00 GMT - Sun, 07 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashc17bb512354bbad0517858a438ecc209 5d5b12c99f9bfb905d44670014a1deba173698b5 4161427620af49b7e95d31529bf41f533bd00854e0b425cc27fa59c4f1879b51
GET /0d6e8d0701e53234033de17232ab13c6_600x.gif HTTP/1.1
Host: img.staticdj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: image/webp
content-length: 33024
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=88577
content-disposition: inline; filename="0d6e8d0701e53234033de17232ab13c6_600x.webp"
request-id: 41fe087b-3e90-4908-a042-de198929d72f
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Tue, 23 Jan 2024 23:13:25 GMT
cf-cache-status: HIT
age: 4773979
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q2mDdnd9J%2BVxFVPy8xYz6%2F6r5pZ7q2BH8ahj6AbMmGeq0d2Gp6%2FksdPNuNOBxqDoTSzL7lVY2jkz3%2BCQbszC7XCcRgXoOLLgiHgNI%2BATjpxzYA7p0BqLyivZkOmt63BPMDI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=23.000002
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d8076ae6569b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| we.chatsoftly.com/spa1/im_web_plugins/out_config.aspx?id=9&company_code=RoseQuake&language=en-us&session_key=&callback=udesk_jsonp0 | 104.21.92.129 | 200 OK | 2.9 kB |
URL GET HTTP/3we.chatsoftly.com/spa1/im_web_plugins/out_config.aspx?id=9&company_code=RoseQuake&language=en-us&session_key=&callback=udesk_jsonp0 IP104.21.92.129:443
Requested byhttps://www.rosequake.com/ CertificateIssuerLet's Encrypt Subjectchatsoftly.com FingerprintB5:CE:E5:95:0F:6B:BB:E2:D4:E0:32:34:86:00:B8:EB:C8:3F:A6:E5 ValidityWed, 06 Mar 2024 04:41:15 GMT - Tue, 04 Jun 2024 04:41:14 GMT
File typeUnicode text, UTF-8 text, with very long lines (3214), with no line terminators Hash408f2c9d63f1e7af9d4a8200447db87b f957cac386de976c2ba64a21d743e532908692f1 0093ddcbd914ff7f056efd7f17f9e721c9cb261a8e539d61e642d6064b8e4cc1
GET /spa1/im_web_plugins/out_config.aspx?id=9&company_code=RoseQuake&language=en-us&session_key=&callback=udesk_jsonp0 HTTP/1.1
Host: we.chatsoftly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:36 GMT
content-type: text/javascript; charset=utf-8
cache-control: private
vary: Accept-Encoding
set-cookie: ASP.NET_SessionId=p3xsmru5ee5uaho5ywuh04o3; path=/; HttpOnly; SameSite=Lax
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J6fqAuwD%2BXkSwTA%2BeBdLY4HOxq%2Fw5%2BBPNrfewGU6mWE1n7CEjHMceaNzh3tYNTmv0Dj4OUQlCE73iwVNCjqeNwhua%2BrNsSR32ii280xZYT75725fiSNbEBjKALUrGAEGraIaCA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797d852185056b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| we.chatsoftly.com/im_client/css/ui/emotion.css | 104.21.92.129 | 200 OK | 8.1 kB |
URL GET HTTP/3we.chatsoftly.com/im_client/css/ui/emotion.css IP104.21.92.129:443
Requested byhttps://www.rosequake.com/ CertificateIssuerLet's Encrypt Subjectchatsoftly.com FingerprintB5:CE:E5:95:0F:6B:BB:E2:D4:E0:32:34:86:00:B8:EB:C8:3F:A6:E5 ValidityWed, 06 Mar 2024 04:41:15 GMT - Tue, 04 Jun 2024 04:41:14 GMT
File typeASCII text, with very long lines (8088), with no line terminators Hash0601a7fa15320d262c32d050937ab498 3ae94833f07968a04db7bcd6cbc4b4ea337dbaac fb81e6ff71af364456416500277a0179fef4e3ca52d5d4aa0e3db0675ee61725
GET /im_client/css/ui/emotion.css HTTP/1.1
Host: we.chatsoftly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:36 GMT
content-type: text/css
cf-bgj: minify
etag: W/"804093a28c5ed61:0"
last-modified: Mon, 20 Jul 2020 11:55:17 GMT
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5939
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rs0NbB0EWaNSC68EpY2ZnnZzF28cuC2U0yZBKRs4TTUVWqfC5%2F%2FA69NqSM15so%2FJHX0vXZFPEyK25YNbjcxMhvvsn2Jk2AG30BV39A%2FxD7oib7caMj2pDywCO26RcRbTtGrKTw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797d853aa2d56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/apis/ImConnectInfo.aspx?guid= | 188.114.97.1 | 200 OK | 931 B |
URL GET HTTP/3www.rosequake.com/apis/ImConnectInfo.aspx?guid= IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeASCII text, with very long lines (1081), with no line terminators Hash4dab23163ebae0ac59e031105b125677 1193b0513d9c8e2a2e631c9b007e5c7121285e37 983792013080b298464f8e5ebeca553472e603adb5609ff15cf799ebed130a31
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /apis/ImConnectInfo.aspx?guid= HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: _gcl_au=1.1.68093794.1713980064; _ga_B1QS3P765Z=GS1.1.1713980065.1.0.1713980065.0.0.0; _ga=GA1.1.1956862707.1713980066; cf_clearance=ud4b0tQM_RPRYCBzel8WrYCy3OCdM2MqVtBAgN7TT9c-1713980066-1.0.1.1-OnuGn2oEFweWO2770CCul0RU4shkIZV_VsW5NlbBGmUgXc5lUkyUmQhMH8G0U5DrALg0DTz2P71A0OF7GMURzw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:30 GMT
content-type: application/json; charset=utf-8
cache-control: private
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aS2IHkkign5ROeF0JpEKlGoQJvGLHorgUl55%2FU905bTjI%2ByuHuZY9W%2FzBmTqhmNS8bxQ6cAsWWlXLbhiFHTk7qQflnWlVveiFzKU63kfgeeXCqvziFcfk2lBfGy3tgIOgDAXww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797d82d69de56a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/static/lib/masonry/isotope-masonry.pkgd.min.js?v=cac22025232-20240425 | 188.114.97.1 | 200 OK | 36 kB |
URL GET HTTP/3www.rosequake.com/static/lib/masonry/isotope-masonry.pkgd.min.js?v=cac22025232-20240425 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeJavaScript source, ASCII text, with very long lines (32019), with CRLF line terminators Hash5fb7c19c9c51cfb99f5ff942629f0f21 14c7f59e73d2a99aa688c2443a9a9b24acbff43c a931e5af561b1f0efaf6cdb96aeac4c035c30756dd6edd1091da1a68747d35bc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/lib/masonry/isotope-masonry.pkgd.min.js?v=cac22025232-20240425 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Cookie: _gcl_au=1.1.68093794.1713980064
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:24 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2022 06:06:48 GMT
etag: W/"0c22346db0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5636
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wCn6%2BRtGKfze1SGllewfnhfqZ1ptVEOb1FFAN7nS9ysOvxw8QOmEkYfmFI0FmfbMIdzWngc7%2B2XgOSCSZr3bBcpLwJH%2FJbFE29YJbFirHfSPyRAApF29uxwI4tgrkEVQfvCZ7A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797d80c9b1356a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/Images/country_list.png?v=dw11211221 | 188.114.97.1 | 200 OK | 151 kB |
URL GET HTTP/3www.rosequake.com/Images/country_list.png?v=dw11211221 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typePNG image data, 48 x 9428, 8-bit/color RGBA, non-interlaced Size151 kB (151317 bytes) Hash161094bc7dd657d7e721cb097797d48b 46239a5b5d7a4c0c0139e75389356d9a72cc0928 6f97ccec9e464f5cf66d78ad6713a62bb949d02ec98ba7fa4cfcf4587dae7ae5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Images/country_list.png?v=dw11211221 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/css/country-flag.css?v=cac22025232-20240425
Cookie: _gcl_au=1.1.68093794.1713980064
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:25 GMT
content-type: image/png
content-length: 151317
last-modified: Fri, 04 Aug 2023 21:08:11 GMT
etag: "fe4e7dc617c7d91:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 6109
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MiTZOQqSHHCIkPnE58A%2FIQSrlzxvBS4v2WGKONbsadPS8CgiJssU6VoDtVI1Jz5dCmPPpH1rY%2BQokYIel60%2BmQTZ6fUXNQs%2Bo0ozPgSNErDNWWeG%2BLjDO2G35d%2F3Z%2BmqoGQgVA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8797d80e4d0056a8-OSL
alt-svc: h3=":443"; ma=86400
|
|
| nicesis.com/cdn/shop/files/preview_images/5c4e8ab37b8f49b5823ee2567a37a3e0.thumbnail.0000000000.jpg | 0.0.0.0 | | 0 B |
URL GET nicesis.com/cdn/shop/files/preview_images/5c4e8ab37b8f49b5823ee2567a37a3e0.thumbnail.0000000000.jpg IP0.0.0.0:0
Requested byhttps://www.rosequake.com/
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn/shop/files/preview_images/5c4e8ab37b8f49b5823ee2567a37a3e0.thumbnail.0000000000.jpg HTTP/1.1
Host: nicesis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| www.googletagmanager.com/gtag/js?id=G-B1QS3P765Z&l=dataLayer&cx=c | 142.250.74.40 | 200 OK | 302 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-B1QS3P765Z&l=dataLayer&cx=c IP142.250.74.40:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (5945) Size302 kB (301612 bytes) Hash00402493b9d855e6af3b43ae2310f5c3 7a6960750aa67ec55bbeeb365f33b153896bb9b5 23b5818e25d0431d0591367aacda970c5ec3bd7b5e333e7efc37ce89f3e65570
GET /gtag/js?id=G-B1QS3P765Z&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 24 Apr 2024 17:34:24 GMT
expires: Wed, 24 Apr 2024 17:34:24 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 100467
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| global.akating.com/files/js/CBDCurrency.js?v=cac22025232-20240425 | 172.67.165.29 | 200 OK | 44 kB |
URL GET HTTP/2global.akating.com/files/js/CBDCurrency.js?v=cac22025232-20240425 IP172.67.165.29:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectakating.com FingerprintA8:7E:17:08:6D:10:CF:53:D4:98:D4:CE:50:7C:4A:15:9B:62:1D:62 ValidityFri, 19 Apr 2024 10:57:59 GMT - Thu, 18 Jul 2024 10:57:58 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /files/js/CBDCurrency.js?v=cac22025232-20240425 HTTP/1.1
Host: global.akating.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: application/javascript
last-modified: Wed, 20 Dec 2023 13:12:33 GMT
etag: W/"80b660314633da1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 5635
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s5a90CgqRzcGX1MiJ16WQB66AAVEZNgBP4MKRGxMOt40BGD9xJpwBkBbfnjM09m2SQ7JmOTOde7a5bdRgJiaQtb%2Bdeyjt5F0CLbrHll%2BN%2BgjVzjboXJY0n4B2iuvIc7ysW0XJb0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797d807392cb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.rosequake.com/static/lib/bootstrap/bootstrap.bundle.min.js?v=cac22025232-20240425 | 188.114.97.1 | 200 OK | 78 kB |
URL GET HTTP/3www.rosequake.com/static/lib/bootstrap/bootstrap.bundle.min.js?v=cac22025232-20240425 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65226), with CRLF line terminators Hash831c0d53f60fd798a1954bab7fa67a88 e6c20115332ee2e46ac5f604850b56e551bfa547 0f97c4d4ed48b57ceb649f3fc47fbc99fab591298da09507861af8b7efbe99ea
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/lib/bootstrap/bootstrap.bundle.min.js?v=cac22025232-20240425 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2022 06:23:40 GMT
etag: W/"0fe548f6fb0d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5635
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wy%2BYi7X4qWP974heflCM%2BU%2F2tQl8dIawdAFz64mRt4IuI1sN5JdJzvZ2FXw%2BcucnJ9GR%2BfbNQBxSu8uWiujWsR4rFODKoOrRkcx%2FfB4Z9ns18GsaauEL3xWeSvfXM16PuNXfww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797d8058b6156a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.rosequake.com/static/lib/imagesloaded/imagesloaded.pkgd.min.js?v=cac22025232-20240425 | 188.114.97.1 | 200 OK | 5.5 kB |
URL GET HTTP/3www.rosequake.com/static/lib/imagesloaded/imagesloaded.pkgd.min.js?v=cac22025232-20240425 IP188.114.97.1:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectrosequake.com Fingerprint9B:A1:8B:EE:FC:3F:46:BB:88:E2:9F:D6:E9:5B:D7:4D:69:0B:D0:2B ValidityThu, 28 Mar 2024 14:43:46 GMT - Wed, 26 Jun 2024 14:43:45 GMT
File typeJavaScript source, ASCII text, with very long lines (5584), with no line terminators Hashfc637ca4d985f346ff994151a22fe36d 563c972a25d1b3333b8773356df193a70322ee3c f2609521a0ca9b5559d7574376bf1083e8259d20313b86f81548d888021fa382
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/lib/imagesloaded/imagesloaded.pkgd.min.js?v=cac22025232-20240425 HTTP/1.1
Host: www.rosequake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:34:23 GMT
content-type: application/javascript
last-modified: Thu, 19 Oct 2023 22:52:02 GMT
etag: W/"095b4dfde2da1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: HIT
age: 5635
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d1nbSnN4cMNJ2Tlf%2B%2FBJQW2paVhis2XQNSDF5K0cb2PVuFpz2R6ddFEt863B4Y96WEQVSHWXUg2A6e9wG%2F4BpqdEY%2BQP4MZhyk5vaM0%2FclENe3B4DABJDATNcpEVVC4DWsiygw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797d8060c1956a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| img.fantaskycdn.com/f20d99174929d59cbc89e47591902b55.png | 104.18.21.211 | 200 OK | 36 kB |
URL GET HTTP/2img.fantaskycdn.com/f20d99174929d59cbc89e47591902b55.png IP104.18.21.211:443
Requested byhttps://www.rosequake.com/ CertificateIssuerGoogle Trust Services LLC Subjectfantaskycdn.com Fingerprint28:2C:B4:60:08:32:85:B2:44:72:D4:B2:9F:55:62:DD:46:3C:5B:0F ValidityMon, 26 Feb 2024 11:44:05 GMT - Sun, 26 May 2024 11:44:04 GMT
File typeRIFF (little-endian) data, Web/P image Hash607ffd7b5013c25d42ae88442a285ec5 bd682fa1ef03f611bf846baecf1851acfb9fbbd8 adcbd1fbce6030fca678f1ffa9a9e04f2a687cc463bd7387b86421e82d53420c
GET /f20d99174929d59cbc89e47591902b55.png HTTP/1.1
Host: img.fantaskycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rosequake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:34:26 GMT
content-type: image/webp
content-length: 35982
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=84309
content-disposition: inline; filename="f20d99174929d59cbc89e47591902b55.webp"
request-id: 3af69a90-131b-4225-af87-6082240606b3
strict-transport-security: max-age=315360000; includeSubdomains
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Wed, 21 Feb 2024 08:49:22 GMT
cf-cache-status: HIT
age: 4773980
expires: Thu, 24 Apr 2025 23:34:26 GMT
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 8797d818b9987131-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|