firefox.settings.services.mozilla.com/v1/
54.230.111.65200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 54.230.111.65:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: MW_8D_oK6PPtnQiVCnqyCJYZF_LhvMK60f5_7dE0Z9lSEpxjQe2iwQ==
Age: 97482
146.190.228.148/gGsS7C?click_id=mturt1qvs33
146.190.228.148302 Found 0 B URL HTTP/1.1 146.190.228.148/gGsS7C?click_id=mturt1qvs33
IP 146.190.228.148:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gGsS7C?click_id=mturt1qvs33 HTTP/1.1
Host: 146.190.228.148
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx/1.20.1
Date: Thu, 06 Oct 2022 18:52:00 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0
Expires: 0
Last-Modified: Thu, 06 Oct 2022 18:52:00 GMT
Location: http://humadecure.gq?s1=mqmq&s3=el
Pragma: no-cache
Set-Cookie: _subid=376l60jqvs50;Expires=Sunday, 06-Nov-2022 18:52:00 GMT;Max-Age=2678400;Path=/
b15e4=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE0NFwiOjE2NjUwODIzMjB9LFwiY2FtcGFpZ25zXCI6e1wiNDJcIjoxNjY1MDgyMzIwfSxcInRpbWVcIjoxNjY1MDgyMzIwfSJ9.2JG6dKhAZp6yFaF1PmSeOA8X6MAWPXN0hU8j0vHURgY;Expires=Saturday, 13-Jul-2075 13:44:00 GMT;Max-Age=1665168720;Path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 282f6e1328452c1cb41f6a6272fff757
20b9ff1b5f4f81b645769bd4b4cf7bf7dfc16262
6a8070ebe51259cb11db68cca2c81f3c7408fad481d8c14cc1c38912442c63f4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A8070EBE51259CB11DB68CCA2C81F3C7408FAD481D8C14CC1C38912442C63F4"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5067
Expires: Thu, 06 Oct 2022 20:16:28 GMT
Date: Thu, 06 Oct 2022 18:52:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 94a09d62ab3057cda67a091c8d7478f5
b1c9d223a951d0bc9f17c9f3b84501266a552b58
582364f9f6014520c269f1f794e7c34027bd2697b53e5d02fad43e74a735e471
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "582364F9F6014520C269F1F794E7C34027BD2697B53E5D02FAD43E74A735E471"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16273
Expires: Thu, 06 Oct 2022 23:23:14 GMT
Date: Thu, 06 Oct 2022 18:52:01 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: s/tzFayVCiuvePXxHs1JbwH4721Rsw+QGvU3qPSMDEK2gtlOnTI99X2xR5SXsMcWPWK6jIe1wbM=
x-amz-request-id: 7GQ5ZBJ04J82VMY0
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 06 Oct 2022 17:58:50 GMT
age: 3191
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 18:52:01 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
humadecure.gq/?s1=mqmq&s3=el
160.20.147.80200 OK 7.6 kB URL HTTP/1.1 humadecure.gq/?s1=mqmq&s3=el
IP 160.20.147.80:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 1d342fff2268692ffe4eef768f2b873d
d5eb74af515967f46f75299927f9a04901ab5480
d561a845beb93596512feb556fb73cfa87062d78f0e306df41b36204c98cde04
Analyzer Verdict Alert quad9 Sinkholed
GET /?s1=mqmq&s3=el HTTP/1.1
Host: humadecure.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 18:52:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6ImpsMVcyV2NnUDR2a3FZOTJ5cDRrdnc9PSIsInZhbHVlIjoiZTltRzBScUF5ZVdaQ0lsazFSYUNNQXBqYVJUdlNmdjJ3aThpb2lWTXVLeWEwV2VIZjVuMUtwdDBVSndyWTJqQSIsIm1hYyI6ImY0YjBlNGMyZjU3NTNiOTI1MjQ2NmZhYzQ4ZTQzYTEwZTAzOGRkODk5ODA1ODhkZTdjNDc1MDg5OWI0ZTdjODUifQ%3D%3D; expires=Thu, 06-Oct-2022 20:52:01 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6ImhKMHl3QUZKVmxzd0ZOeXlaZnJHOEE9PSIsInZhbHVlIjoiY24vNllYanY2UnR1azJXdmMwelVkUFRRTnlPOWc5ajB2OFRvVlFMNk5TTGhVT09LdlZZVmhoQ0tXdFZ0bVRGaiIsIm1hYyI6ImQwNjE1ZjY3MGYyNjQ4MGI1YzM2M2ZhN2U0MjQ4ZDg2OTY2MzE5MmY3MzI3MGZmMWYwM2Y1MTBjNTkyZTc5NDgifQ%3D%3D; expires=Thu, 06-Oct-2022 20:52:01 GMT; Max-Age=7200; path=/; httponly; samesite=lax
SRVNAME=w1; path=/
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 12ff8a2d9584a766647e5fe4b1435dfc
d53c641e48959fda676813a4119631f7d71e8cef
ce7d814b7271ca0aab6d9bae78b395cab7884d1bcc1c76dcfe1293bfffb58e34
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "CE7D814B7271CA0AAB6D9BAE78B395CAB7884D1BCC1C76DCFE1293BFFFB58E34"
Last-Modified: Tue, 04 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14617
Expires: Thu, 06 Oct 2022 22:55:38 GMT
Date: Thu, 06 Oct 2022 18:52:01 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
54.230.111.65200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 54.230.111.65:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Thu, 06 Oct 2022 18:29:41 GMT
Expires: Thu, 06 Oct 2022 19:07:03 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: RXALR6BbxdlHHrBsFZ6A8XMD_bSUN05hEoAcTnNPMy_LDPkrjOIzfg==
Age: 1340
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8be5570b9a5ca76c580da007a824b029
38840f2ac6476bdd5608121c5653e338c7ad9715
0b94e05080ef85432b1815eb3c6c7594c9613cfde1b51eeabee46d0d9fde64b2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6144
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 18:52:01 GMT
Last-Modified: Thu, 06 Oct 2022 17:09:37 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
humadecure.gq/landings/17/fonts/vendor.css
160.20.147.80200 OK 121 kB URL HTTP/1.1 humadecure.gq/landings/17/fonts/vendor.css
IP 160.20.147.80:0
File type ASCII text, with very long lines (49493)
Size 121 kB (120609 bytes)
Hash 01f904df11cd10f6ff8f29731485f304
55e70949c60374242bf7ce93fc082a409d26b6fe
367102f73a4861c71158191208065583bdfc10e8b9554a9c3deeb5f40af30e51
Analyzer Verdict Alert quad9 Sinkholed
GET /landings/17/fonts/vendor.css HTTP/1.1
Host: humadecure.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImpsMVcyV2NnUDR2a3FZOTJ5cDRrdnc9PSIsInZhbHVlIjoiZTltRzBScUF5ZVdaQ0lsazFSYUNNQXBqYVJUdlNmdjJ3aThpb2lWTXVLeWEwV2VIZjVuMUtwdDBVSndyWTJqQSIsIm1hYyI6ImY0YjBlNGMyZjU3NTNiOTI1MjQ2NmZhYzQ4ZTQzYTEwZTAzOGRkODk5ODA1ODhkZTdjNDc1MDg5OWI0ZTdjODUifQ%3D%3D; laravel_session=eyJpdiI6ImhKMHl3QUZKVmxzd0ZOeXlaZnJHOEE9PSIsInZhbHVlIjoiY24vNllYanY2UnR1azJXdmMwelVkUFRRTnlPOWc5ajB2OFRvVlFMNk5TTGhVT09LdlZZVmhoQ0tXdFZ0bVRGaiIsIm1hYyI6ImQwNjE1ZjY3MGYyNjQ4MGI1YzM2M2ZhN2U0MjQ4ZDg2OTY2MzE5MmY3MzI3MGZmMWYwM2Y1MTBjNTkyZTc5NDgifQ%3D%3D; SRVNAME=w1
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 18:52:01 GMT
Content-Type: text/css
Content-Length: 120609
Connection: keep-alive
last-modified: Fri, 29 Jul 2022 11:39:49 GMT
etag: "62e3c705-1d721"
accept-ranges: bytes
humadecure.gq/landings/17/js/vendor.js
160.20.147.80200 OK 195 kB URL HTTP/1.1 humadecure.gq/landings/17/js/vendor.js
IP 160.20.147.80:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 195 kB (194855 bytes)
Hash ba198f9e43c92eec2887de87eccec2a6
b1fd7f56f8309c8e53a2f6a62c9a854faf007d40
8066213f466e5a0fcebc4e97811f43e1775a4c1781e391eb43c6554ed45ba9b5
Analyzer Verdict Alert quad9 Sinkholed
GET /landings/17/js/vendor.js HTTP/1.1
Host: humadecure.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImpsMVcyV2NnUDR2a3FZOTJ5cDRrdnc9PSIsInZhbHVlIjoiZTltRzBScUF5ZVdaQ0lsazFSYUNNQXBqYVJUdlNmdjJ3aThpb2lWTXVLeWEwV2VIZjVuMUtwdDBVSndyWTJqQSIsIm1hYyI6ImY0YjBlNGMyZjU3NTNiOTI1MjQ2NmZhYzQ4ZTQzYTEwZTAzOGRkODk5ODA1ODhkZTdjNDc1MDg5OWI0ZTdjODUifQ%3D%3D; laravel_session=eyJpdiI6ImhKMHl3QUZKVmxzd0ZOeXlaZnJHOEE9PSIsInZhbHVlIjoiY24vNllYanY2UnR1azJXdmMwelVkUFRRTnlPOWc5ajB2OFRvVlFMNk5TTGhVT09LdlZZVmhoQ0tXdFZ0bVRGaiIsIm1hYyI6ImQwNjE1ZjY3MGYyNjQ4MGI1YzM2M2ZhN2U0MjQ4ZDg2OTY2MzE5MmY3MzI3MGZmMWYwM2Y1MTBjNTkyZTc5NDgifQ%3D%3D; SRVNAME=w1
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 18:52:01 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 194855
Connection: keep-alive
last-modified: Fri, 29 Jul 2022 11:39:49 GMT
etag: "62e3c705-2f927"
accept-ranges: bytes
push.services.mozilla.com/
54.191.251.76101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.191.251.76:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: VIyVwm0KMK2n0Ija5eYehA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UFhnYnQ7KuBaV58f7aFkLOHbl+I=
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 12ff8a2d9584a766647e5fe4b1435dfc
d53c641e48959fda676813a4119631f7d71e8cef
ce7d814b7271ca0aab6d9bae78b395cab7884d1bcc1c76dcfe1293bfffb58e34
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "CE7D814B7271CA0AAB6D9BAE78B395CAB7884D1BCC1C76DCFE1293BFFFB58E34"
Last-Modified: Tue, 04 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14616
Expires: Thu, 06 Oct 2022 22:55:38 GMT
Date: Thu, 06 Oct 2022 18:52:02 GMT
Connection: keep-alive
humadecure.gq/landings/17/images/page1/p1-girl-img.jpg
160.20.147.80200 OK 78 kB URL HTTP/1.1 humadecure.gq/landings/17/images/page1/p1-girl-img.jpg
IP 160.20.147.80:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 867x950, components 3\012- data
Hash 156478bb64b12d13b172193e673919fa
de473bd453f83ab1a9ec74f93fb6853027925f4d
013138cc6ff023386964456c6f9297e7b890ead65ce473b4800f84e8de0b9186
Analyzer Verdict Alert quad9 Sinkholed
GET /landings/17/images/page1/p1-girl-img.jpg HTTP/1.1
Host: humadecure.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImpsMVcyV2NnUDR2a3FZOTJ5cDRrdnc9PSIsInZhbHVlIjoiZTltRzBScUF5ZVdaQ0lsazFSYUNNQXBqYVJUdlNmdjJ3aThpb2lWTXVLeWEwV2VIZjVuMUtwdDBVSndyWTJqQSIsIm1hYyI6ImY0YjBlNGMyZjU3NTNiOTI1MjQ2NmZhYzQ4ZTQzYTEwZTAzOGRkODk5ODA1ODhkZTdjNDc1MDg5OWI0ZTdjODUifQ%3D%3D; laravel_session=eyJpdiI6ImhKMHl3QUZKVmxzd0ZOeXlaZnJHOEE9PSIsInZhbHVlIjoiY24vNllYanY2UnR1azJXdmMwelVkUFRRTnlPOWc5ajB2OFRvVlFMNk5TTGhVT09LdlZZVmhoQ0tXdFZ0bVRGaiIsIm1hYyI6ImQwNjE1ZjY3MGYyNjQ4MGI1YzM2M2ZhN2U0MjQ4ZDg2OTY2MzE5MmY3MzI3MGZmMWYwM2Y1MTBjNTkyZTc5NDgifQ%3D%3D; SRVNAME=w1
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 18:52:02 GMT
Content-Type: image/jpeg
Content-Length: 77746
Connection: keep-alive
last-modified: Fri, 29 Jul 2022 11:39:49 GMT
etag: "62e3c705-12fb2"
accept-ranges: bytes
humadecure.gq/landings/17/images/page1/p1-girl-img3.jpg
160.20.147.80200 OK 67 kB URL HTTP/1.1 humadecure.gq/landings/17/images/page1/p1-girl-img3.jpg
IP 160.20.147.80:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 867x950, components 3\012- data
Hash f9056c6b92df3a56da3d805c0cbfef27
550d1524d79c0f1867f5e63f5cbfc62d0155ab08
23d8809e2b309ff9ed71dc5013dddb0a5e17ea8dd97f34dac2f72aaae0ab1fea
Analyzer Verdict Alert quad9 Sinkholed
GET /landings/17/images/page1/p1-girl-img3.jpg HTTP/1.1
Host: humadecure.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImpsMVcyV2NnUDR2a3FZOTJ5cDRrdnc9PSIsInZhbHVlIjoiZTltRzBScUF5ZVdaQ0lsazFSYUNNQXBqYVJUdlNmdjJ3aThpb2lWTXVLeWEwV2VIZjVuMUtwdDBVSndyWTJqQSIsIm1hYyI6ImY0YjBlNGMyZjU3NTNiOTI1MjQ2NmZhYzQ4ZTQzYTEwZTAzOGRkODk5ODA1ODhkZTdjNDc1MDg5OWI0ZTdjODUifQ%3D%3D; laravel_session=eyJpdiI6ImhKMHl3QUZKVmxzd0ZOeXlaZnJHOEE9PSIsInZhbHVlIjoiY24vNllYanY2UnR1azJXdmMwelVkUFRRTnlPOWc5ajB2OFRvVlFMNk5TTGhVT09LdlZZVmhoQ0tXdFZ0bVRGaiIsIm1hYyI6ImQwNjE1ZjY3MGYyNjQ4MGI1YzM2M2ZhN2U0MjQ4ZDg2OTY2MzE5MmY3MzI3MGZmMWYwM2Y1MTBjNTkyZTc5NDgifQ%3D%3D; SRVNAME=w1
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 18:52:02 GMT
Content-Type: image/jpeg
Content-Length: 67130
Connection: keep-alive
last-modified: Fri, 29 Jul 2022 11:39:49 GMT
etag: "62e3c705-1063a"
accept-ranges: bytes
humadecure.gq/landings/17/images/page1/p1-girl-img2.jpg
160.20.147.80200 OK 58 kB URL HTTP/1.1 humadecure.gq/landings/17/images/page1/p1-girl-img2.jpg
IP 160.20.147.80:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 867x950, components 3\012- data
Hash 41f5b0bd6d22c848fc4b725857e560b3
5dd3bc4678047af7e709f32e6e4799eeda9aba80
cf7856a52335793f741900775c8ff28c9e6fdb75e4c263d12506df51fb55ae65
Analyzer Verdict Alert quad9 Sinkholed
GET /landings/17/images/page1/p1-girl-img2.jpg HTTP/1.1
Host: humadecure.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImpsMVcyV2NnUDR2a3FZOTJ5cDRrdnc9PSIsInZhbHVlIjoiZTltRzBScUF5ZVdaQ0lsazFSYUNNQXBqYVJUdlNmdjJ3aThpb2lWTXVLeWEwV2VIZjVuMUtwdDBVSndyWTJqQSIsIm1hYyI6ImY0YjBlNGMyZjU3NTNiOTI1MjQ2NmZhYzQ4ZTQzYTEwZTAzOGRkODk5ODA1ODhkZTdjNDc1MDg5OWI0ZTdjODUifQ%3D%3D; laravel_session=eyJpdiI6ImhKMHl3QUZKVmxzd0ZOeXlaZnJHOEE9PSIsInZhbHVlIjoiY24vNllYanY2UnR1azJXdmMwelVkUFRRTnlPOWc5ajB2OFRvVlFMNk5TTGhVT09LdlZZVmhoQ0tXdFZ0bVRGaiIsIm1hYyI6ImQwNjE1ZjY3MGYyNjQ4MGI1YzM2M2ZhN2U0MjQ4ZDg2OTY2MzE5MmY3MzI3MGZmMWYwM2Y1MTBjNTkyZTc5NDgifQ%3D%3D; SRVNAME=w1
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 18:52:02 GMT
Content-Type: image/jpeg
Content-Length: 57868
Connection: keep-alive
last-modified: Fri, 29 Jul 2022 11:39:49 GMT
etag: "62e3c705-e20c"
accept-ranges: bytes
humadecure.gq/landings/17/images/page1/p1-girl-img5.jpg
160.20.147.80200 OK 103 kB URL HTTP/1.1 humadecure.gq/landings/17/images/page1/p1-girl-img5.jpg
IP 160.20.147.80:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 867x950, components 3\012- data
Size 103 kB (103390 bytes)
Hash 1b16a7fde51d4d9ad4b9db53e9267998
8c96c1e4cbb1651f1309d47f4fc8952dd8435006
399b02871ae94691303047faff4eecbb905b7fe790ce73d3f40085ce39721277
Analyzer Verdict Alert quad9 Sinkholed
GET /landings/17/images/page1/p1-girl-img5.jpg HTTP/1.1
Host: humadecure.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImpsMVcyV2NnUDR2a3FZOTJ5cDRrdnc9PSIsInZhbHVlIjoiZTltRzBScUF5ZVdaQ0lsazFSYUNNQXBqYVJUdlNmdjJ3aThpb2lWTXVLeWEwV2VIZjVuMUtwdDBVSndyWTJqQSIsIm1hYyI6ImY0YjBlNGMyZjU3NTNiOTI1MjQ2NmZhYzQ4ZTQzYTEwZTAzOGRkODk5ODA1ODhkZTdjNDc1MDg5OWI0ZTdjODUifQ%3D%3D; laravel_session=eyJpdiI6ImhKMHl3QUZKVmxzd0ZOeXlaZnJHOEE9PSIsInZhbHVlIjoiY24vNllYanY2UnR1azJXdmMwelVkUFRRTnlPOWc5ajB2OFRvVlFMNk5TTGhVT09LdlZZVmhoQ0tXdFZ0bVRGaiIsIm1hYyI6ImQwNjE1ZjY3MGYyNjQ4MGI1YzM2M2ZhN2U0MjQ4ZDg2OTY2MzE5MmY3MzI3MGZmMWYwM2Y1MTBjNTkyZTc5NDgifQ%3D%3D; SRVNAME=w1
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 18:52:02 GMT
Content-Type: image/jpeg
Content-Length: 103390
Connection: keep-alive
last-modified: Fri, 29 Jul 2022 11:39:49 GMT
etag: "62e3c705-193de"
accept-ranges: bytes
humadecure.gq/landings/17/fonts/ProximaNova-BoldIt.ttf
160.20.147.80200 OK 138 kB URL HTTP/1.1 humadecure.gq/landings/17/fonts/ProximaNova-BoldIt.ttf
IP 160.20.147.80:0
File type TrueType Font data, 15 tables, 1st "FFTM", 30 names, Macintosh\012- data
Size 138 kB (137676 bytes)
Hash 96366fa6f55986e948f5dab0b824194a
dea3789913cd447bfdf008f50e96b3445617bd7f
7780f5cc43fb80c90558704e77c483e00e9a151a33c87e776e7775bc69f0e459
Analyzer Verdict Alert quad9 Sinkholed
GET /landings/17/fonts/ProximaNova-BoldIt.ttf HTTP/1.1
Host: humadecure.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://humadecure.gq/landings/17/fonts/vendor.css
Cookie: XSRF-TOKEN=eyJpdiI6ImpsMVcyV2NnUDR2a3FZOTJ5cDRrdnc9PSIsInZhbHVlIjoiZTltRzBScUF5ZVdaQ0lsazFSYUNNQXBqYVJUdlNmdjJ3aThpb2lWTXVLeWEwV2VIZjVuMUtwdDBVSndyWTJqQSIsIm1hYyI6ImY0YjBlNGMyZjU3NTNiOTI1MjQ2NmZhYzQ4ZTQzYTEwZTAzOGRkODk5ODA1ODhkZTdjNDc1MDg5OWI0ZTdjODUifQ%3D%3D; laravel_session=eyJpdiI6ImhKMHl3QUZKVmxzd0ZOeXlaZnJHOEE9PSIsInZhbHVlIjoiY24vNllYanY2UnR1azJXdmMwelVkUFRRTnlPOWc5ajB2OFRvVlFMNk5TTGhVT09LdlZZVmhoQ0tXdFZ0bVRGaiIsIm1hYyI6ImQwNjE1ZjY3MGYyNjQ4MGI1YzM2M2ZhN2U0MjQ4ZDg2OTY2MzE5MmY3MzI3MGZmMWYwM2Y1MTBjNTkyZTc5NDgifQ%3D%3D; SRVNAME=w1
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 18:52:02 GMT
Content-Type: application/octet-stream
Content-Length: 137676
Connection: keep-alive
last-modified: Fri, 29 Jul 2022 11:39:49 GMT
etag: "62e3c705-219cc"
accept-ranges: bytes
humadecure.gq/landings/17/fonts/ProximaNova-Extrabld.ttf
160.20.147.80200 OK 129 kB URL HTTP/1.1 humadecure.gq/landings/17/fonts/ProximaNova-Extrabld.ttf
IP 160.20.147.80:0
File type TrueType Font data, 15 tables, 1st "FFTM", 30 names, Macintosh\012- data
Size 129 kB (129440 bytes)
Hash 4f71ba59d591d75981e9cbc4fef7526e
59fb259580b822f7977fc36cb1d375ec867f94f9
09a1a520bf50b7ca656ad9b4faf88426903c34abdcbbd56c4748050c8b69e488
Analyzer Verdict Alert quad9 Sinkholed
GET /landings/17/fonts/ProximaNova-Extrabld.ttf HTTP/1.1
Host: humadecure.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://humadecure.gq/landings/17/fonts/vendor.css
Cookie: XSRF-TOKEN=eyJpdiI6ImpsMVcyV2NnUDR2a3FZOTJ5cDRrdnc9PSIsInZhbHVlIjoiZTltRzBScUF5ZVdaQ0lsazFSYUNNQXBqYVJUdlNmdjJ3aThpb2lWTXVLeWEwV2VIZjVuMUtwdDBVSndyWTJqQSIsIm1hYyI6ImY0YjBlNGMyZjU3NTNiOTI1MjQ2NmZhYzQ4ZTQzYTEwZTAzOGRkODk5ODA1ODhkZTdjNDc1MDg5OWI0ZTdjODUifQ%3D%3D; laravel_session=eyJpdiI6ImhKMHl3QUZKVmxzd0ZOeXlaZnJHOEE9PSIsInZhbHVlIjoiY24vNllYanY2UnR1azJXdmMwelVkUFRRTnlPOWc5ajB2OFRvVlFMNk5TTGhVT09LdlZZVmhoQ0tXdFZ0bVRGaiIsIm1hYyI6ImQwNjE1ZjY3MGYyNjQ4MGI1YzM2M2ZhN2U0MjQ4ZDg2OTY2MzE5MmY3MzI3MGZmMWYwM2Y1MTBjNTkyZTc5NDgifQ%3D%3D; SRVNAME=w1
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 18:52:02 GMT
Content-Type: application/octet-stream
Content-Length: 129440
Connection: keep-alive
last-modified: Fri, 29 Jul 2022 11:39:49 GMT
etag: "62e3c705-1f9a0"
accept-ranges: bytes
humadecure.gq/landings/17/images/page1/pink-layer-title.png
160.20.147.80200 OK 10 kB URL HTTP/1.1 humadecure.gq/landings/17/images/page1/pink-layer-title.png
IP 160.20.147.80:0
File type PNG image data, 765 x 112, 8-bit colormap, non-interlaced\012- data
Hash 197e1d092a3a41471b180d677f8679c4
be9821f7e5bdd4c1e716a1eafe78859679a1e6c7
2824f275d69a030e3e874350dd8681c70f5b1025fd6a252b9ef685096616b9b6
Analyzer Verdict Alert quad9 Sinkholed
GET /landings/17/images/page1/pink-layer-title.png HTTP/1.1
Host: humadecure.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://humadecure.gq/landings/17/fonts/vendor.css
Cookie: XSRF-TOKEN=eyJpdiI6ImpsMVcyV2NnUDR2a3FZOTJ5cDRrdnc9PSIsInZhbHVlIjoiZTltRzBScUF5ZVdaQ0lsazFSYUNNQXBqYVJUdlNmdjJ3aThpb2lWTXVLeWEwV2VIZjVuMUtwdDBVSndyWTJqQSIsIm1hYyI6ImY0YjBlNGMyZjU3NTNiOTI1MjQ2NmZhYzQ4ZTQzYTEwZTAzOGRkODk5ODA1ODhkZTdjNDc1MDg5OWI0ZTdjODUifQ%3D%3D; laravel_session=eyJpdiI6ImhKMHl3QUZKVmxzd0ZOeXlaZnJHOEE9PSIsInZhbHVlIjoiY24vNllYanY2UnR1azJXdmMwelVkUFRRTnlPOWc5ajB2OFRvVlFMNk5TTGhVT09LdlZZVmhoQ0tXdFZ0bVRGaiIsIm1hYyI6ImQwNjE1ZjY3MGYyNjQ4MGI1YzM2M2ZhN2U0MjQ4ZDg2OTY2MzE5MmY3MzI3MGZmMWYwM2Y1MTBjNTkyZTc5NDgifQ%3D%3D; SRVNAME=w1
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 18:52:03 GMT
Content-Type: image/png
Content-Length: 10265
Connection: keep-alive
last-modified: Fri, 29 Jul 2022 11:39:49 GMT
etag: "62e3c705-2819"
accept-ranges: bytes
humadecure.gq/landings/17/images/page1/p1-heart-icon.png
160.20.147.80200 OK 578 B URL HTTP/1.1 humadecure.gq/landings/17/images/page1/p1-heart-icon.png
IP 160.20.147.80:0
File type PNG image data, 28 x 50, 8-bit colormap, non-interlaced\012- data
Hash a02a6a2963a0ff827a156a8c9cb49f14
9a31acc3945b331e19779b2eb6e0a312746cb0c0
024902301a07305573dbde2ea60352498e94d29a119ca9e3c1d50e4c24a74bd3
Analyzer Verdict Alert quad9 Sinkholed
GET /landings/17/images/page1/p1-heart-icon.png HTTP/1.1
Host: humadecure.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://humadecure.gq/landings/17/fonts/vendor.css
Cookie: XSRF-TOKEN=eyJpdiI6ImpsMVcyV2NnUDR2a3FZOTJ5cDRrdnc9PSIsInZhbHVlIjoiZTltRzBScUF5ZVdaQ0lsazFSYUNNQXBqYVJUdlNmdjJ3aThpb2lWTXVLeWEwV2VIZjVuMUtwdDBVSndyWTJqQSIsIm1hYyI6ImY0YjBlNGMyZjU3NTNiOTI1MjQ2NmZhYzQ4ZTQzYTEwZTAzOGRkODk5ODA1ODhkZTdjNDc1MDg5OWI0ZTdjODUifQ%3D%3D; laravel_session=eyJpdiI6ImhKMHl3QUZKVmxzd0ZOeXlaZnJHOEE9PSIsInZhbHVlIjoiY24vNllYanY2UnR1azJXdmMwelVkUFRRTnlPOWc5ajB2OFRvVlFMNk5TTGhVT09LdlZZVmhoQ0tXdFZ0bVRGaiIsIm1hYyI6ImQwNjE1ZjY3MGYyNjQ4MGI1YzM2M2ZhN2U0MjQ4ZDg2OTY2MzE5MmY3MzI3MGZmMWYwM2Y1MTBjNTkyZTc5NDgifQ%3D%3D; SRVNAME=w1
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 18:52:03 GMT
Content-Type: image/png
Content-Length: 578
Connection: keep-alive
last-modified: Fri, 29 Jul 2022 11:39:49 GMT
etag: "62e3c705-242"
accept-ranges: bytes
humadecure.gq/landings/17/images/page1/pink-layer-title2.png
160.20.147.80200 OK 15 kB URL HTTP/1.1 humadecure.gq/landings/17/images/page1/pink-layer-title2.png
IP 160.20.147.80:0
File type PNG image data, 928 x 155, 8-bit colormap, non-interlaced\012- data
Hash d33db1896ec5c224b549fde933d4790a
a3c4217a680b54addd3b7e603dd42bcd728afee1
cc5fdcc8134a0866449bc62b152eb6902234f285fe0140c96f5b973ed93083e2
Analyzer Verdict Alert quad9 Sinkholed
GET /landings/17/images/page1/pink-layer-title2.png HTTP/1.1
Host: humadecure.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://humadecure.gq/landings/17/fonts/vendor.css
Cookie: XSRF-TOKEN=eyJpdiI6ImpsMVcyV2NnUDR2a3FZOTJ5cDRrdnc9PSIsInZhbHVlIjoiZTltRzBScUF5ZVdaQ0lsazFSYUNNQXBqYVJUdlNmdjJ3aThpb2lWTXVLeWEwV2VIZjVuMUtwdDBVSndyWTJqQSIsIm1hYyI6ImY0YjBlNGMyZjU3NTNiOTI1MjQ2NmZhYzQ4ZTQzYTEwZTAzOGRkODk5ODA1ODhkZTdjNDc1MDg5OWI0ZTdjODUifQ%3D%3D; laravel_session=eyJpdiI6ImhKMHl3QUZKVmxzd0ZOeXlaZnJHOEE9PSIsInZhbHVlIjoiY24vNllYanY2UnR1azJXdmMwelVkUFRRTnlPOWc5ajB2OFRvVlFMNk5TTGhVT09LdlZZVmhoQ0tXdFZ0bVRGaiIsIm1hYyI6ImQwNjE1ZjY3MGYyNjQ4MGI1YzM2M2ZhN2U0MjQ4ZDg2OTY2MzE5MmY3MzI3MGZmMWYwM2Y1MTBjNTkyZTc5NDgifQ%3D%3D; SRVNAME=w1
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 18:52:03 GMT
Content-Type: image/png
Content-Length: 15089
Connection: keep-alive
last-modified: Fri, 29 Jul 2022 11:39:49 GMT
etag: "62e3c705-3af1"
accept-ranges: bytes
humadecure.gq/landings/17/images/page1/p1-circle-arrow.png
160.20.147.80200 OK 1.2 kB URL HTTP/1.1 humadecure.gq/landings/17/images/page1/p1-circle-arrow.png
IP 160.20.147.80:0
File type PNG image data, 131 x 140, 4-bit colormap, non-interlaced\012- data
Hash 73ffbeae8feb54651e74a08cb898757a
c46c9bd7cfda7d5e34b26fdfea951b129eab5dae
ee830c16ec23d702a9f7fa3cc71430b33e91e29dbcc39daee7268f7dde05fb8e
Analyzer Verdict Alert quad9 Sinkholed
GET /landings/17/images/page1/p1-circle-arrow.png HTTP/1.1
Host: humadecure.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://humadecure.gq/landings/17/fonts/vendor.css
Cookie: XSRF-TOKEN=eyJpdiI6ImpsMVcyV2NnUDR2a3FZOTJ5cDRrdnc9PSIsInZhbHVlIjoiZTltRzBScUF5ZVdaQ0lsazFSYUNNQXBqYVJUdlNmdjJ3aThpb2lWTXVLeWEwV2VIZjVuMUtwdDBVSndyWTJqQSIsIm1hYyI6ImY0YjBlNGMyZjU3NTNiOTI1MjQ2NmZhYzQ4ZTQzYTEwZTAzOGRkODk5ODA1ODhkZTdjNDc1MDg5OWI0ZTdjODUifQ%3D%3D; laravel_session=eyJpdiI6ImhKMHl3QUZKVmxzd0ZOeXlaZnJHOEE9PSIsInZhbHVlIjoiY24vNllYanY2UnR1azJXdmMwelVkUFRRTnlPOWc5ajB2OFRvVlFMNk5TTGhVT09LdlZZVmhoQ0tXdFZ0bVRGaiIsIm1hYyI6ImQwNjE1ZjY3MGYyNjQ4MGI1YzM2M2ZhN2U0MjQ4ZDg2OTY2MzE5MmY3MzI3MGZmMWYwM2Y1MTBjNTkyZTc5NDgifQ%3D%3D; SRVNAME=w1
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 18:52:03 GMT
Content-Type: image/png
Content-Length: 1158
Connection: keep-alive
last-modified: Fri, 29 Jul 2022 11:39:49 GMT
etag: "62e3c705-486"
accept-ranges: bytes
humadecure.gq/landings/17/images/page1/pink-arrow-ico.png
160.20.147.80200 OK 375 B URL HTTP/1.1 humadecure.gq/landings/17/images/page1/pink-arrow-ico.png
IP 160.20.147.80:0
File type PNG image data, 21 x 66, 8-bit colormap, non-interlaced\012- data
Hash b2d576ebfcbaea51c463e47f0b7c7971
2e6675d327d43065e4fe129b165ffd0fd989117b
fa36c74be59a43b217e97b99562f2e2b774f6ac1d35ec6b495c33ab965f78f0f
Analyzer Verdict Alert quad9 Sinkholed
GET /landings/17/images/page1/pink-arrow-ico.png HTTP/1.1
Host: humadecure.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://humadecure.gq/landings/17/fonts/vendor.css
Cookie: XSRF-TOKEN=eyJpdiI6ImpsMVcyV2NnUDR2a3FZOTJ5cDRrdnc9PSIsInZhbHVlIjoiZTltRzBScUF5ZVdaQ0lsazFSYUNNQXBqYVJUdlNmdjJ3aThpb2lWTXVLeWEwV2VIZjVuMUtwdDBVSndyWTJqQSIsIm1hYyI6ImY0YjBlNGMyZjU3NTNiOTI1MjQ2NmZhYzQ4ZTQzYTEwZTAzOGRkODk5ODA1ODhkZTdjNDc1MDg5OWI0ZTdjODUifQ%3D%3D; laravel_session=eyJpdiI6ImhKMHl3QUZKVmxzd0ZOeXlaZnJHOEE9PSIsInZhbHVlIjoiY24vNllYanY2UnR1azJXdmMwelVkUFRRTnlPOWc5ajB2OFRvVlFMNk5TTGhVT09LdlZZVmhoQ0tXdFZ0bVRGaiIsIm1hYyI6ImQwNjE1ZjY3MGYyNjQ4MGI1YzM2M2ZhN2U0MjQ4ZDg2OTY2MzE5MmY3MzI3MGZmMWYwM2Y1MTBjNTkyZTc5NDgifQ%3D%3D; SRVNAME=w1
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 18:52:03 GMT
Content-Type: image/png
Content-Length: 375
Connection: keep-alive
last-modified: Fri, 29 Jul 2022 11:39:49 GMT
etag: "62e3c705-177"
accept-ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4159
Expires: Thu, 06 Oct 2022 20:01:22 GMT
Date: Thu, 06 Oct 2022 18:52:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4159
Expires: Thu, 06 Oct 2022 20:01:22 GMT
Date: Thu, 06 Oct 2022 18:52:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4159
Expires: Thu, 06 Oct 2022 20:01:22 GMT
Date: Thu, 06 Oct 2022 18:52:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4159
Expires: Thu, 06 Oct 2022 20:01:22 GMT
Date: Thu, 06 Oct 2022 18:52:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4159
Expires: Thu, 06 Oct 2022 20:01:22 GMT
Date: Thu, 06 Oct 2022 18:52:03 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ce3d070-3bf1-47cd-bdd7-2bda7b826976.jpeg
34.120.237.76200 OK 4.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ce3d070-3bf1-47cd-bdd7-2bda7b826976.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dbba56f647bf5989ca51863632bbebfc
26694f34166345ee5693653e0101db6b910e68ba
ec5cc38f2a77e8e655aeeb7a376cf882ccb7163e4ef9d1ce4633ab4754e48765
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ce3d070-3bf1-47cd-bdd7-2bda7b826976.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4140
x-amzn-requestid: 13fcd792-1fcc-44b5-aa9e-d2773a60fe77
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO6uHrbIAMFbqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df844-5b5f5d781b9d651b68c04f2e;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:33:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: wfnbRpTKni8hbAmJXO9vdisV6ZPoRP-eBb3wP4RzPS7MlXvp7282dw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 6a63e853422f3197776fb098fab5a416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:36:41 GMT
age: 76522
etag: "26694f34166345ee5693653e0101db6b910e68ba"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e238ccaa3b9fa88476a8514855e8232f
447cbf348ef10d0136a1811e843c46937defbba1
43dce3c1eb388dfaddca4176acb6eb32f76fc4c03fca18e7a315c9ddb43d2b02
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7270
x-amzn-requestid: f2f15f43-6054-40f5-943a-530671e772dd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjOZjF3aIAMFW9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df770-5e2253791a927c8c40a0ff0d;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:30:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: xRuMce_9OkP3R2DqHjZI34GwkDezdfGKsgntCMTZG2c6SJUcyv0Ckg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 583992e175976bd59a21b4416890271e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:56:40 GMT
etag: "447cbf348ef10d0136a1811e843c46937defbba1"
content-type: image/jpeg
age: 75323
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4fc2ddd86450d64d3fb659ab4e78be58
bbe71936b78a8c34d03ab87948dc840b35c6948f
84a760397a5912bd05f61bc8a953c13a88a677e2d17fbbf74bdf7d7ff4d3942f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10158
x-amzn-requestid: def1fc7e-8008-466f-9271-20fa1ab0fa5a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaqZCH7doAMFcPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a8aa0-7fd2fb1249366f2277d719d6;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 07:09:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: szhtD9f4RuQaDKXe7LElSR0yOKo9cYa1i2YMeG3eSpBXP8ePcdzQig==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 03:56:07 GMT
age: 53756
etag: "bbe71936b78a8c34d03ab87948dc840b35c6948f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F913c841b-40a5-4fa4-bc55-0e9d1369640e.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F913c841b-40a5-4fa4-bc55-0e9d1369640e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a508ac9cd743bec987b2a24454418265
8c7ecefe6908387e2128dc849a6ba857991ba0ab
afb2c2b51f2ce445ada599068901551beee594b15c152ed7551ab7a8835dde6d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F913c841b-40a5-4fa4-bc55-0e9d1369640e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10809
x-amzn-requestid: db4d1d2a-05b8-403e-a7ca-8b8a6a0a4087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjQb-HrTIAMFtNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633dfab2-74f184406a48e42c0ecc4ec9;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:44:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: tv80OXQUu13gDuuFESnEnXMuFdNBmGc1y592euL7QnfZW5PwJym9-g==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:53:39 GMT
age: 75504
etag: "8c7ecefe6908387e2128dc849a6ba857991ba0ab"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9e520f87cae411cfc2ed1c8a14184385
69ad212cb7ae309d4f02019552887135bfae67da
723b10bfbcde201b5811e3bd0560f02f90775e4d18b28d19e6c814899f2da71a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7511
x-amzn-requestid: 995b51dd-5484-4b4c-ad40-550f7fd85930
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO6uG70IAMFjBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df844-70f17f6f24dce0003d03902a;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:33:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: 3lKuGlFCBN2wEsp9-Oa3ysQg62py090H30jy6_bR02Ufs0KGPrVC4w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 d8d9c12d1a621129f4bc739038e7c72e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:36:41 GMT
age: 76522
etag: "69ad212cb7ae309d4f02019552887135bfae67da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fac259b-7a22-4aa2-ba3f-682cb749091c.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fac259b-7a22-4aa2-ba3f-682cb749091c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2277f8f2d93b4bc3b05d348343177892
531d9e4ec9078cd2d7376a19fcb287084af36c82
62907648de4a2ed390232a71ab7dce49f1e9c3363cde6a2f30ecae10ab67f93a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fac259b-7a22-4aa2-ba3f-682cb749091c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11080
x-amzn-requestid: 8fa4d19d-87a5-46c5-96c5-4aec793daad9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO7xE5eoAMFQLw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df84b-5c422c7a168c014f57559037;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:34:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: TlEKsCdhNhlKmA2Yhz8FarEUG18gQZMKGRD6SnzCnUMiKyGS9-UeOQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 73b60e9a9fd08eae9e034cedba707280.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:38:04 GMT
etag: "531d9e4ec9078cd2d7376a19fcb287084af36c82"
content-type: image/jpeg
age: 76439
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
humadecure.gq/landings/17/images/page1/range-icon.png
160.20.147.80200 OK 935 B URL HTTP/1.1 humadecure.gq/landings/17/images/page1/range-icon.png
IP 160.20.147.80:0
File type PNG image data, 67 x 67, 8-bit colormap, non-interlaced\012- data
Hash 0558b960da94d555e71938b4f645118c
0d7072b30edda4f5e6a87b973255a56eb927f7b6
572c99f8161acc1077485be400a2f8c28ad11c1b3353a4c7a91976010da46298
Analyzer Verdict Alert quad9 Sinkholed
GET /landings/17/images/page1/range-icon.png HTTP/1.1
Host: humadecure.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://humadecure.gq/landings/17/fonts/vendor.css
Cookie: XSRF-TOKEN=eyJpdiI6ImpsMVcyV2NnUDR2a3FZOTJ5cDRrdnc9PSIsInZhbHVlIjoiZTltRzBScUF5ZVdaQ0lsazFSYUNNQXBqYVJUdlNmdjJ3aThpb2lWTXVLeWEwV2VIZjVuMUtwdDBVSndyWTJqQSIsIm1hYyI6ImY0YjBlNGMyZjU3NTNiOTI1MjQ2NmZhYzQ4ZTQzYTEwZTAzOGRkODk5ODA1ODhkZTdjNDc1MDg5OWI0ZTdjODUifQ%3D%3D; laravel_session=eyJpdiI6ImhKMHl3QUZKVmxzd0ZOeXlaZnJHOEE9PSIsInZhbHVlIjoiY24vNllYanY2UnR1azJXdmMwelVkUFRRTnlPOWc5ajB2OFRvVlFMNk5TTGhVT09LdlZZVmhoQ0tXdFZ0bVRGaiIsIm1hYyI6ImQwNjE1ZjY3MGYyNjQ4MGI1YzM2M2ZhN2U0MjQ4ZDg2OTY2MzE5MmY3MzI3MGZmMWYwM2Y1MTBjNTkyZTc5NDgifQ%3D%3D; SRVNAME=w1
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 18:52:03 GMT
Content-Type: image/png
Content-Length: 935
Connection: keep-alive
last-modified: Fri, 29 Jul 2022 11:39:49 GMT
etag: "62e3c705-3a7"
accept-ranges: bytes
humadecure.gq/landings/17/fonts/ProximaNova-Semibold.ttf
160.20.147.80200 OK 131 kB URL HTTP/1.1 humadecure.gq/landings/17/fonts/ProximaNova-Semibold.ttf
IP 160.20.147.80:0
File type TrueType Font data, 15 tables, 1st "FFTM", 28 names, Macintosh\012- data
Size 131 kB (130760 bytes)
Hash 3625e925425cb102cadb2f5db79c9aa0
106088d385e32a3b0379b78ec9f56fc684472d74
de23a78916216fb473a903735966a35f4044aa47d804c7ab7628e5f5ab906c9f
Analyzer Verdict Alert quad9 Sinkholed
GET /landings/17/fonts/ProximaNova-Semibold.ttf HTTP/1.1
Host: humadecure.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://humadecure.gq/landings/17/fonts/vendor.css
Cookie: XSRF-TOKEN=eyJpdiI6ImpsMVcyV2NnUDR2a3FZOTJ5cDRrdnc9PSIsInZhbHVlIjoiZTltRzBScUF5ZVdaQ0lsazFSYUNNQXBqYVJUdlNmdjJ3aThpb2lWTXVLeWEwV2VIZjVuMUtwdDBVSndyWTJqQSIsIm1hYyI6ImY0YjBlNGMyZjU3NTNiOTI1MjQ2NmZhYzQ4ZTQzYTEwZTAzOGRkODk5ODA1ODhkZTdjNDc1MDg5OWI0ZTdjODUifQ%3D%3D; laravel_session=eyJpdiI6ImhKMHl3QUZKVmxzd0ZOeXlaZnJHOEE9PSIsInZhbHVlIjoiY24vNllYanY2UnR1azJXdmMwelVkUFRRTnlPOWc5ajB2OFRvVlFMNk5TTGhVT09LdlZZVmhoQ0tXdFZ0bVRGaiIsIm1hYyI6ImQwNjE1ZjY3MGYyNjQ4MGI1YzM2M2ZhN2U0MjQ4ZDg2OTY2MzE5MmY3MzI3MGZmMWYwM2Y1MTBjNTkyZTc5NDgifQ%3D%3D; SRVNAME=w1
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 18:52:03 GMT
Content-Type: application/octet-stream
Content-Length: 130760
Connection: keep-alive
last-modified: Fri, 29 Jul 2022 11:39:49 GMT
etag: "62e3c705-1fec8"
accept-ranges: bytes
humadecure.gq/landings/17/images/page1/p1-girl-img4.jpg
160.20.147.80200 OK 81 kB URL HTTP/1.1 humadecure.gq/landings/17/images/page1/p1-girl-img4.jpg
IP 160.20.147.80:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 867x950, components 3\012- data
Hash 51ca602b5e1ea0debce2c8f7a6791f99
35466659ad65940727fbb51144f41bd27c58e308
90fc6bf5198106945255e22bde57a1ed313178e4e4e06d06e6a39d3d835abbe8
Analyzer Verdict Alert quad9 Sinkholed
GET /landings/17/images/page1/p1-girl-img4.jpg HTTP/1.1
Host: humadecure.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImpsMVcyV2NnUDR2a3FZOTJ5cDRrdnc9PSIsInZhbHVlIjoiZTltRzBScUF5ZVdaQ0lsazFSYUNNQXBqYVJUdlNmdjJ3aThpb2lWTXVLeWEwV2VIZjVuMUtwdDBVSndyWTJqQSIsIm1hYyI6ImY0YjBlNGMyZjU3NTNiOTI1MjQ2NmZhYzQ4ZTQzYTEwZTAzOGRkODk5ODA1ODhkZTdjNDc1MDg5OWI0ZTdjODUifQ%3D%3D; laravel_session=eyJpdiI6ImhKMHl3QUZKVmxzd0ZOeXlaZnJHOEE9PSIsInZhbHVlIjoiY24vNllYanY2UnR1azJXdmMwelVkUFRRTnlPOWc5ajB2OFRvVlFMNk5TTGhVT09LdlZZVmhoQ0tXdFZ0bVRGaiIsIm1hYyI6ImQwNjE1ZjY3MGYyNjQ4MGI1YzM2M2ZhN2U0MjQ4ZDg2OTY2MzE5MmY3MzI3MGZmMWYwM2Y1MTBjNTkyZTc5NDgifQ%3D%3D; SRVNAME=w1
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 18:52:03 GMT
Content-Type: image/jpeg
Content-Length: 81300
Connection: keep-alive
last-modified: Fri, 29 Jul 2022 11:39:49 GMT
etag: "62e3c705-13d94"
accept-ranges: bytes
humadecure.gq/landings/17/images/page1/p1-girl-img6.jpg
160.20.147.80200 OK 60 kB URL HTTP/1.1 humadecure.gq/landings/17/images/page1/p1-girl-img6.jpg
IP 160.20.147.80:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 867x950, components 3\012- data
Hash ea7a88dbcb50240afff530338c51b7e8
dd3836d8eac8fec13a78cf84773a4024c33e2c81
a51c35273d2004c37717c9a9d6f36185249ca902813a22b943c2046f89d10bd7
Analyzer Verdict Alert quad9 Sinkholed
GET /landings/17/images/page1/p1-girl-img6.jpg HTTP/1.1
Host: humadecure.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImpsMVcyV2NnUDR2a3FZOTJ5cDRrdnc9PSIsInZhbHVlIjoiZTltRzBScUF5ZVdaQ0lsazFSYUNNQXBqYVJUdlNmdjJ3aThpb2lWTXVLeWEwV2VIZjVuMUtwdDBVSndyWTJqQSIsIm1hYyI6ImY0YjBlNGMyZjU3NTNiOTI1MjQ2NmZhYzQ4ZTQzYTEwZTAzOGRkODk5ODA1ODhkZTdjNDc1MDg5OWI0ZTdjODUifQ%3D%3D; laravel_session=eyJpdiI6ImhKMHl3QUZKVmxzd0ZOeXlaZnJHOEE9PSIsInZhbHVlIjoiY24vNllYanY2UnR1azJXdmMwelVkUFRRTnlPOWc5ajB2OFRvVlFMNk5TTGhVT09LdlZZVmhoQ0tXdFZ0bVRGaiIsIm1hYyI6ImQwNjE1ZjY3MGYyNjQ4MGI1YzM2M2ZhN2U0MjQ4ZDg2OTY2MzE5MmY3MzI3MGZmMWYwM2Y1MTBjNTkyZTc5NDgifQ%3D%3D; SRVNAME=w1
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 18:52:03 GMT
Content-Type: image/jpeg
Content-Length: 59927
Connection: keep-alive
last-modified: Fri, 29 Jul 2022 11:39:49 GMT
etag: "62e3c705-ea17"
accept-ranges: bytes
humadecure.gq/landings/17/images/page1/p1-girl-img7.jpg
160.20.147.80200 OK 57 kB URL HTTP/1.1 humadecure.gq/landings/17/images/page1/p1-girl-img7.jpg
IP 160.20.147.80:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 867x950, components 3\012- data
Hash 47997afd9d7b3f328c05034fae40d163
d81551d91954090cb6f474c6a21a4dd3c9c99a15
7a60a0492749d0741ed7b280c09affb8a6fcefa483c6b1c63adc08a6c7fe2634
Analyzer Verdict Alert quad9 Sinkholed
GET /landings/17/images/page1/p1-girl-img7.jpg HTTP/1.1
Host: humadecure.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImpsMVcyV2NnUDR2a3FZOTJ5cDRrdnc9PSIsInZhbHVlIjoiZTltRzBScUF5ZVdaQ0lsazFSYUNNQXBqYVJUdlNmdjJ3aThpb2lWTXVLeWEwV2VIZjVuMUtwdDBVSndyWTJqQSIsIm1hYyI6ImY0YjBlNGMyZjU3NTNiOTI1MjQ2NmZhYzQ4ZTQzYTEwZTAzOGRkODk5ODA1ODhkZTdjNDc1MDg5OWI0ZTdjODUifQ%3D%3D; laravel_session=eyJpdiI6ImhKMHl3QUZKVmxzd0ZOeXlaZnJHOEE9PSIsInZhbHVlIjoiY24vNllYanY2UnR1azJXdmMwelVkUFRRTnlPOWc5ajB2OFRvVlFMNk5TTGhVT09LdlZZVmhoQ0tXdFZ0bVRGaiIsIm1hYyI6ImQwNjE1ZjY3MGYyNjQ4MGI1YzM2M2ZhN2U0MjQ4ZDg2OTY2MzE5MmY3MzI3MGZmMWYwM2Y1MTBjNTkyZTc5NDgifQ%3D%3D; SRVNAME=w1
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 18:52:03 GMT
Content-Type: image/jpeg
Content-Length: 56650
Connection: keep-alive
last-modified: Fri, 29 Jul 2022 11:39:49 GMT
etag: "62e3c705-dd4a"
accept-ranges: bytes
humadecure.gq/landings/17/images/page1/p1-girl-img8.jpg
160.20.147.80200 OK 61 kB URL HTTP/1.1 humadecure.gq/landings/17/images/page1/p1-girl-img8.jpg
IP 160.20.147.80:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 867x950, components 3\012- data
Hash b60c92f7532b2286e834d8afa2aad4ec
24f75a134251d1999cf8b9241463e7a009d7929d
1f66028d9e54363d3e891c190b0cb99bb759e984962990992f7f2798784f73b8
Analyzer Verdict Alert quad9 Sinkholed
GET /landings/17/images/page1/p1-girl-img8.jpg HTTP/1.1
Host: humadecure.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImpsMVcyV2NnUDR2a3FZOTJ5cDRrdnc9PSIsInZhbHVlIjoiZTltRzBScUF5ZVdaQ0lsazFSYUNNQXBqYVJUdlNmdjJ3aThpb2lWTXVLeWEwV2VIZjVuMUtwdDBVSndyWTJqQSIsIm1hYyI6ImY0YjBlNGMyZjU3NTNiOTI1MjQ2NmZhYzQ4ZTQzYTEwZTAzOGRkODk5ODA1ODhkZTdjNDc1MDg5OWI0ZTdjODUifQ%3D%3D; laravel_session=eyJpdiI6ImhKMHl3QUZKVmxzd0ZOeXlaZnJHOEE9PSIsInZhbHVlIjoiY24vNllYanY2UnR1azJXdmMwelVkUFRRTnlPOWc5ajB2OFRvVlFMNk5TTGhVT09LdlZZVmhoQ0tXdFZ0bVRGaiIsIm1hYyI6ImQwNjE1ZjY3MGYyNjQ4MGI1YzM2M2ZhN2U0MjQ4ZDg2OTY2MzE5MmY3MzI3MGZmMWYwM2Y1MTBjNTkyZTc5NDgifQ%3D%3D; SRVNAME=w1
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 18:52:03 GMT
Content-Type: image/jpeg
Content-Length: 60676
Connection: keep-alive
last-modified: Fri, 29 Jul 2022 11:39:49 GMT
etag: "62e3c705-ed04"
accept-ranges: bytes
humadecure.gq/landings/17/images/page1/p1-girl-img9.jpg
160.20.147.80200 OK 57 kB URL HTTP/1.1 humadecure.gq/landings/17/images/page1/p1-girl-img9.jpg
IP 160.20.147.80:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 867x950, components 3\012- data
Hash 82487c231ad3024c4f3486c674720d69
7886832154c0f7a21889540e93eb535319e1bd10
c4aae3f566ef8054a6598777824a7241bc881b166d0e378265580ed0ca6902c0
Analyzer Verdict Alert quad9 Sinkholed
GET /landings/17/images/page1/p1-girl-img9.jpg HTTP/1.1
Host: humadecure.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImpsMVcyV2NnUDR2a3FZOTJ5cDRrdnc9PSIsInZhbHVlIjoiZTltRzBScUF5ZVdaQ0lsazFSYUNNQXBqYVJUdlNmdjJ3aThpb2lWTXVLeWEwV2VIZjVuMUtwdDBVSndyWTJqQSIsIm1hYyI6ImY0YjBlNGMyZjU3NTNiOTI1MjQ2NmZhYzQ4ZTQzYTEwZTAzOGRkODk5ODA1ODhkZTdjNDc1MDg5OWI0ZTdjODUifQ%3D%3D; laravel_session=eyJpdiI6ImhKMHl3QUZKVmxzd0ZOeXlaZnJHOEE9PSIsInZhbHVlIjoiY24vNllYanY2UnR1azJXdmMwelVkUFRRTnlPOWc5ajB2OFRvVlFMNk5TTGhVT09LdlZZVmhoQ0tXdFZ0bVRGaiIsIm1hYyI6ImQwNjE1ZjY3MGYyNjQ4MGI1YzM2M2ZhN2U0MjQ4ZDg2OTY2MzE5MmY3MzI3MGZmMWYwM2Y1MTBjNTkyZTc5NDgifQ%3D%3D; SRVNAME=w1
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 18:52:03 GMT
Content-Type: image/jpeg
Content-Length: 56670
Connection: keep-alive
last-modified: Fri, 29 Jul 2022 11:39:49 GMT
etag: "62e3c705-dd5e"
accept-ranges: bytes
humadecure.gq/landings/17/images/page1/p1-girl-img10.jpg
160.20.147.80200 OK 71 kB URL HTTP/1.1 humadecure.gq/landings/17/images/page1/p1-girl-img10.jpg
IP 160.20.147.80:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 867x950, components 3\012- data
Hash 82cdad946592abf69fbc1be9e4a9d906
ab38b78445a5ccd16c164c4a6d6f3491061718ea
b150a0c266ff657534401afde5c8f7532d34550efd7542c1b11af05c69d6f0a2
Analyzer Verdict Alert quad9 Sinkholed
GET /landings/17/images/page1/p1-girl-img10.jpg HTTP/1.1
Host: humadecure.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImpsMVcyV2NnUDR2a3FZOTJ5cDRrdnc9PSIsInZhbHVlIjoiZTltRzBScUF5ZVdaQ0lsazFSYUNNQXBqYVJUdlNmdjJ3aThpb2lWTXVLeWEwV2VIZjVuMUtwdDBVSndyWTJqQSIsIm1hYyI6ImY0YjBlNGMyZjU3NTNiOTI1MjQ2NmZhYzQ4ZTQzYTEwZTAzOGRkODk5ODA1ODhkZTdjNDc1MDg5OWI0ZTdjODUifQ%3D%3D; laravel_session=eyJpdiI6ImhKMHl3QUZKVmxzd0ZOeXlaZnJHOEE9PSIsInZhbHVlIjoiY24vNllYanY2UnR1azJXdmMwelVkUFRRTnlPOWc5ajB2OFRvVlFMNk5TTGhVT09LdlZZVmhoQ0tXdFZ0bVRGaiIsIm1hYyI6ImQwNjE1ZjY3MGYyNjQ4MGI1YzM2M2ZhN2U0MjQ4ZDg2OTY2MzE5MmY3MzI3MGZmMWYwM2Y1MTBjNTkyZTc5NDgifQ%3D%3D; SRVNAME=w1
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 18:52:03 GMT
Content-Type: image/jpeg
Content-Length: 71085
Connection: keep-alive
last-modified: Fri, 29 Jul 2022 11:39:49 GMT
etag: "62e3c705-115ad"
accept-ranges: bytes
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash c929c5f875b5f949ba974520f2066e66
5866722a5d628e2e3f7a642da1ce8938a474f1c1
e42e8d8fd0d590e119157037d88efb4025a2b1dc6c5aadaf63b556695d76acdc
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 18:52:03 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Mon, 10 Oct 2022 16:31:22 GMT
ETag: "5866722a5d628e2e3f7a642da1ce8938a474f1c1"
Last-Modified: Thu, 06 Oct 2022 16:31:23 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3194
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7560978c5a1db4fa-OSL
humadecure.gq/favicon.ico
160.20.147.80200 OK 0 B URL HTTP/1.1 humadecure.gq/favicon.ico
IP 160.20.147.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: humadecure.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImpsMVcyV2NnUDR2a3FZOTJ5cDRrdnc9PSIsInZhbHVlIjoiZTltRzBScUF5ZVdaQ0lsazFSYUNNQXBqYVJUdlNmdjJ3aThpb2lWTXVLeWEwV2VIZjVuMUtwdDBVSndyWTJqQSIsIm1hYyI6ImY0YjBlNGMyZjU3NTNiOTI1MjQ2NmZhYzQ4ZTQzYTEwZTAzOGRkODk5ODA1ODhkZTdjNDc1MDg5OWI0ZTdjODUifQ%3D%3D; laravel_session=eyJpdiI6ImhKMHl3QUZKVmxzd0ZOeXlaZnJHOEE9PSIsInZhbHVlIjoiY24vNllYanY2UnR1azJXdmMwelVkUFRRTnlPOWc5ajB2OFRvVlFMNk5TTGhVT09LdlZZVmhoQ0tXdFZ0bVRGaiIsIm1hYyI6ImQwNjE1ZjY3MGYyNjQ4MGI1YzM2M2ZhN2U0MjQ4ZDg2OTY2MzE5MmY3MzI3MGZmMWYwM2Y1MTBjNTkyZTc5NDgifQ%3D%3D; SRVNAME=w1
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 18:52:03 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
last-modified: Fri, 29 Jul 2022 11:39:49 GMT
etag: "62e3c705-0"
accept-ranges: bytes
mc.yandex.ru/metrika/tag.js
87.250.251.119200 OK 72 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 87.250.251.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (593)
Hash 7a68c8644032413981e4ba5bc0d66c4a
2d46ca8055e8577ae7138140e34a6e633434973c
e0573e9a9cbfc3f00a921fa64c50270f5941a1ebb253ab70af2cc0dac45cb0d5
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 72341
date: Thu, 06 Oct 2022 18:52:03 GMT
access-control-allow-origin: *
etag: "633be002-11a95"
expires: Thu, 06 Oct 2022 19:52:03 GMT
last-modified: Tue, 04 Oct 2022 10:25:54 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 06 Oct 2022 18:52:04 GMT
access-control-allow-origin: *
etag: "633be002-2b"
expires: Thu, 06 Oct 2022 19:52:04 GMT
accept-ranges: bytes
last-modified: Tue, 04 Oct 2022 10:25:54 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/54239065?wmode=7&page-url=http%3A%2F%2Fhumadecure.gq%2F%3Fs1%3Dmqmq%26s3%3Del&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A1878%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A919202221095%3Ahid%3A285924160%3Az%3A0%3Ai%3A20221006185204%3Aet%3A1665082324%3Ac%3A1%3Arn%3A890628679%3Arqn%3A1%3Au%3A166508232469975870%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A26%2C24%2C214%2C3%2C379%2C0%2C%2C1176%2C99%2C%2C%2C%2C1909%3Ans%3A1665082320770%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665082324%3At%3AGirl&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
87.250.251.119302 Found 419 B URL HTTP/2 mc.yandex.ru/watch/54239065?wmode=7&page-url=http%3A%2F%2Fhumadecure.gq%2F%3Fs1%3Dmqmq%26s3%3Del&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A1878%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A919202221095%3Ahid%3A285924160%3Az%3A0%3Ai%3A20221006185204%3Aet%3A1665082324%3Ac%3A1%3Arn%3A890628679%3Arqn%3A1%3Au%3A166508232469975870%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A26%2C24%2C214%2C3%2C379%2C0%2C%2C1176%2C99%2C%2C%2C%2C1909%3Ans%3A1665082320770%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665082324%3At%3AGirl&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
IP 87.250.251.119:0
File type JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Hash d917bd551b0b0f74444278bfb0c89a2f
4773a5dc1584f95a4c08c57a7f73bd350a52ecc0
5dd0d22355ee6a76be4c70e74200d05ecc4a6bfded51702392f4ed354b94730f
GET /watch/54239065?wmode=7&page-url=http%3A%2F%2Fhumadecure.gq%2F%3Fs1%3Dmqmq%26s3%3Del&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A1878%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A919202221095%3Ahid%3A285924160%3Az%3A0%3Ai%3A20221006185204%3Aet%3A1665082324%3Ac%3A1%3Arn%3A890628679%3Arqn%3A1%3Au%3A166508232469975870%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A26%2C24%2C214%2C3%2C379%2C0%2C%2C1176%2C99%2C%2C%2C%2C1909%3Ans%3A1665082320770%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665082324%3At%3AGirl&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://humadecure.gq
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/54239065/1?wmode=7&page-url=http%3A%2F%2Fhumadecure.gq%2F%3Fs1%3Dmqmq%26s3%3Del&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A1878%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A919202221095%3Ahid%3A285924160%3Az%3A0%3Ai%3A20221006185204%3Aet%3A1665082324%3Ac%3A1%3Arn%3A890628679%3Arqn%3A1%3Au%3A166508232469975870%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A26%2C24%2C214%2C3%2C379%2C0%2C%2C1176%2C99%2C%2C%2C%2C1909%3Ans%3A1665082320770%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665082324%3At%3AGirl&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Thu, 06 Oct 2022 18:52:04 GMT
access-control-allow-origin: http://humadecure.gq
set-cookie: yandexuid=283798461665082324; Expires=Fri, 06-Oct-2023 18:52:04 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=283798461665082324; Expires=Fri, 06-Oct-2023 18:52:04 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=1608074491665082324; Path=/; SameSite=None; Secure
i=B5QtJFn+X9KrC/9Y82mbSv/mNHt2vdN67JoOmfNNRrVhyo0OEun9xG0IqIqAjd7uxNCPpsx7g86RVSu8WFo5v5Row6Y=; Expires=Sun, 03-Oct-2032 18:52:01 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1696618324.yrts.1665082324#1696618324.yrtsi.1665082324; Expires=Fri, 06-Oct-2023 18:52:04 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 06-Oct-2022 18:52:04 GMT
last-modified: Thu, 06-Oct-2022 18:52:04 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/54239065/1?page-url=http%3A%2F%2Fhumadecure.gq%2F%3Fs1%3Dmqmq%26s3%3Del&charset=utf-8&hittoken=1665082324_e23371988d668845d1b36d5de64639a6a2a9246c3b07b3f8294377d6105f093d&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A919202221095%3Ahid%3A285924160%3Az%3A0%3Ai%3A20221006185204%3Aet%3A1665082324%3Ac%3A1%3Arn%3A533495771%3Arqn%3A2%3Au%3A166508232469975870%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Apri%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C3405%2C3405%2C2%2C%3Ans%3A1665082320770%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1665082324&t=gdpr(14)mc(p-1)clc(0-0-0)aw(1)rqnt(2)rqnl(1)ti(2)
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/54239065/1?page-url=http%3A%2F%2Fhumadecure.gq%2F%3Fs1%3Dmqmq%26s3%3Del&charset=utf-8&hittoken=1665082324_e23371988d668845d1b36d5de64639a6a2a9246c3b07b3f8294377d6105f093d&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A919202221095%3Ahid%3A285924160%3Az%3A0%3Ai%3A20221006185204%3Aet%3A1665082324%3Ac%3A1%3Arn%3A533495771%3Arqn%3A2%3Au%3A166508232469975870%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Apri%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C3405%2C3405%2C2%2C%3Ans%3A1665082320770%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1665082324&t=gdpr(14)mc(p-1)clc(0-0-0)aw(1)rqnt(2)rqnl(1)ti(2)
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/54239065/1?page-url=http%3A%2F%2Fhumadecure.gq%2F%3Fs1%3Dmqmq%26s3%3Del&charset=utf-8&hittoken=1665082324_e23371988d668845d1b36d5de64639a6a2a9246c3b07b3f8294377d6105f093d&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A919202221095%3Ahid%3A285924160%3Az%3A0%3Ai%3A20221006185204%3Aet%3A1665082324%3Ac%3A1%3Arn%3A533495771%3Arqn%3A2%3Au%3A166508232469975870%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Apri%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C3405%2C3405%2C2%2C%3Ans%3A1665082320770%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1665082324&t=gdpr(14)mc(p-1)clc(0-0-0)aw(1)rqnt(2)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 142
Origin: http://humadecure.gq
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 06 Oct 2022 18:52:04 GMT
access-control-allow-origin: http://humadecure.gq
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 06-Oct-2022 18:52:04 GMT
last-modified: Thu, 06-Oct-2022 18:52:04 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
svntrk.com/assets/mqmq_633f23d162516.js
104.21.82.62200 OK 0 B URL HTTP/2 svntrk.com/assets/mqmq_633f23d162516.js
IP 104.21.82.62:0
GET /assets/mqmq_633f23d162516.js HTTP/1.1
Host: svntrk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 18:52:02 GMT
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, private
cf-cache-status: BYPASS
set-cookie: svnimp=633f23d26bf17; path=/; secure; httponly; samesite=none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bCBSkPOitk3JTZgHkKD48KPDbYa%2BiG%2FrbEYI16sSBFARGl%2B1Gkp6bYaeu9uiyvph8H6xXF6AUL5tVmMtwKjE%2FCftxWMj3UYi4TdbUbBuMP8JW16WeOUNaAR2HF%2Bf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7560977dda210b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2