| gwensimar.top/c2CLrEofSrArDT5XnUyYUzlgoN4LBq7BeEOECroZWOPLvZNMB8FebS5wlj1lpiq5jBBzi4GXTVfPcXZcpIdYP4oEWwVuIqEk47RbmVs8uRbimbiW9JXkwRwepkduSN_HovDPWjifprPCbWnDpWTxHgPtwDXP4LlQPmfUYyplpT9gtz2JWt2y5JEXPymUS*Ls2S8f3DERI*L*hA2GZLobpxwWBJwcKyWNWpCWJ*nGq_BBuWcJqG*xZe5xpTZ5YlK8xgZrlxeKXYSSMt5*0Xiy0Ts4RcHrEMxRYX182vMytkDPf7mmlv2lv3BJqTh18t8E6x8OsPjXTFR3Z1UDl*i3cGQktk7Ai94FNtl*MyQNMwrQ2ZQ*vFzPnDcE9vDsWlibnGcG*kPNdLw2zgkbJCAcs4Ia9wIRlu5vxYETi9aVnGlvgBzP4RWNTmWr2gRDrNTOkjbRY7UDCyoFHnqoMJTo26B4sKYyemmxp7wgV9gbo3c0*YURQfi2I9dv22iro7vuXSMCwuYdODmJ0*tuGarm8Aevg33PSO84p8CAHxTm_msee0xcHERKR5z0BV8eqmGYqN*Pi*hlFv47avZWRR29HRk986hOEoeY2iI80uSYJTZnXvjNMbGpNSy9pd27pyPclJ1xUs30HPMapCMIllvG2C4d5yi7ySyH9IfrVi_BEpmKydFJ6HUH95iNj4UQdgEPuOiAMtw_mFf7*MC6UX2CZRKz8F9vTBuu4sGnwiGtGvSogG9F9kliHzNavBivmbW0p_SIjtO9UxffzXVLPABB0bmykA0_iC71Ax*6Qjl_l_jh8HUPSNUTLmYr7buCegw062rBgiWJr*eXQFMG3X2wHwEsLFtMGuN | 173.0.146.169 | 200 OK | 18 kB |
URL User Request GET HTTP/1.1gwensimar.top/c2CLrEofSrArDT5XnUyYUzlgoN4LBq7BeEOECroZWOPLvZNMB8FebS5wlj1lpiq5jBBzi4GXTVfPcXZcpIdYP4oEWwVuIqEk47RbmVs8uRbimbiW9JXkwRwepkduSN_HovDPWjifprPCbWnDpWTxHgPtwDXP4LlQPmfUYyplpT9gtz2JWt2y5JEXPymUS*Ls2S8f3DERI*L*hA2GZLobpxwWBJwcKyWNWpCWJ*nGq_BBuWcJqG*xZe5xpTZ5YlK8xgZrlxeKXYSSMt5*0Xiy0Ts4RcHrEMxRYX182vMytkDPf7mmlv2lv3BJqTh18t8E6x8OsPjXTFR3Z1UDl*i3cGQktk7Ai94FNtl*MyQNMwrQ2ZQ*vFzPnDcE9vDsWlibnGcG*kPNdLw2zgkbJCAcs4Ia9wIRlu5vxYETi9aVnGlvgBzP4RWNTmWr2gRDrNTOkjbRY7UDCyoFHnqoMJTo26B4sKYyemmxp7wgV9gbo3c0*YURQfi2I9dv22iro7vuXSMCwuYdODmJ0*tuGarm8Aevg33PSO84p8CAHxTm_msee0xcHERKR5z0BV8eqmGYqN*Pi*hlFv47avZWRR29HRk986hOEoeY2iI80uSYJTZnXvjNMbGpNSy9pd27pyPclJ1xUs30HPMapCMIllvG2C4d5yi7ySyH9IfrVi_BEpmKydFJ6HUH95iNj4UQdgEPuOiAMtw_mFf7*MC6UX2CZRKz8F9vTBuu4sGnwiGtGvSogG9F9kliHzNavBivmbW0p_SIjtO9UxffzXVLPABB0bmykA0_iC71Ax*6Qjl_l_jh8HUPSNUTLmYr7buCegw062rBgiWJr*eXQFMG3X2wHwEsLFtMGuN IP173.0.146.169:443
CertificateIssuerLet's Encrypt Subjectgwensimar.top Fingerprint76:2C:D2:5E:4D:68:3A:13:B9:D7:43:55:8A:6B:1A:CC:60:5C:EE:D1 ValidityThu, 18 Apr 2024 23:01:38 GMT - Wed, 17 Jul 2024 23:01:37 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (37126) Hash239676e60f3a56cc9d6f48de2c857dc3 cd9160f5f27c7237a11fccb8802fb4f7fb95ed05 e5ab2c31b89f85d30e6eeb6801f61fcfc6cbbb884c2cad639c2044d4f91d17c2
GET /c2CLrEofSrArDT5XnUyYUzlgoN4LBq7BeEOECroZWOPLvZNMB8FebS5wlj1lpiq5jBBzi4GXTVfPcXZcpIdYP4oEWwVuIqEk47RbmVs8uRbimbiW9JXkwRwepkduSN_HovDPWjifprPCbWnDpWTxHgPtwDXP4LlQPmfUYyplpT9gtz2JWt2y5JEXPymUS*Ls2S8f3DERI*L*hA2GZLobpxwWBJwcKyWNWpCWJ*nGq_BBuWcJqG*xZe5xpTZ5YlK8xgZrlxeKXYSSMt5*0Xiy0Ts4RcHrEMxRYX182vMytkDPf7mmlv2lv3BJqTh18t8E6x8OsPjXTFR3Z1UDl*i3cGQktk7Ai94FNtl*MyQNMwrQ2ZQ*vFzPnDcE9vDsWlibnGcG*kPNdLw2zgkbJCAcs4Ia9wIRlu5vxYETi9aVnGlvgBzP4RWNTmWr2gRDrNTOkjbRY7UDCyoFHnqoMJTo26B4sKYyemmxp7wgV9gbo3c0*YURQfi2I9dv22iro7vuXSMCwuYdODmJ0*tuGarm8Aevg33PSO84p8CAHxTm_msee0xcHERKR5z0BV8eqmGYqN*Pi*hlFv47avZWRR29HRk986hOEoeY2iI80uSYJTZnXvjNMbGpNSy9pd27pyPclJ1xUs30HPMapCMIllvG2C4d5yi7ySyH9IfrVi_BEpmKydFJ6HUH95iNj4UQdgEPuOiAMtw_mFf7*MC6UX2CZRKz8F9vTBuu4sGnwiGtGvSogG9F9kliHzNavBivmbW0p_SIjtO9UxffzXVLPABB0bmykA0_iC71Ax*6Qjl_l_jh8HUPSNUTLmYr7buCegw062rBgiWJr*eXQFMG3X2wHwEsLFtMGuN HTTP/1.1
Host: gwensimar.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 May 2024 20:39:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Sat, 04-May-2024 20:39:03 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Sat, 04-May-2024 20:39:03 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| poachfelonry.top/s/b5/35/b5358de0a5bd88caea2b7ad8e97d4a43.png | 51.89.192.129 | 200 OK | 12 kB |
URL GET HTTP/1.1poachfelonry.top/s/b5/35/b5358de0a5bd88caea2b7ad8e97d4a43.png IP51.89.192.129:443
Requested byhttps://gwensimar.top/c2CLrEofSrArDT5XnUyYUzlgoN4LBq7BeEOECroZWOPLvZNMB8FebS5wlj1lpiq5jBBzi4GXTVfPcXZcpIdYP4oEWwVuIqEk47RbmVs8uRbimbiW9JXkwRwepkduSN_HovDPWjifprPCbWnDpWTxHgPtwDXP4LlQPmfUYyplpT9gtz2JWt2y5JEXPymUS*Ls2S8f3DERI*L*hA2GZLobpxwWBJwcKyWNWpCWJ*nGq_BBuWcJqG*xZe5xpTZ5YlK8xgZrlxeKXYSSMt5*0Xiy0Ts4RcHrEMxRYX182vMytkDPf7mmlv2lv3BJqTh18t8E6x8OsPjXTFR3Z1UDl*i3cGQktk7Ai94FNtl*MyQNMwrQ2ZQ*vFzPnDcE9vDsWlibnGcG*kPNdLw2zgkbJCAcs4Ia9wIRlu5vxYETi9aVnGlvgBzP4RWNTmWr2gRDrNTOkjbRY7UDCyoFHnqoMJTo26B4sKYyemmxp7wgV9gbo3c0*YURQfi2I9dv22iro7vuXSMCwuYdODmJ0*tuGarm8Aevg33PSO84p8CAHxTm_msee0xcHERKR5z0BV8eqmGYqN*Pi*hlFv47avZWRR29HRk986hOEoeY2iI80uSYJTZnXvjNMbGpNSy9pd27pyPclJ1xUs30HPMapCMIllvG2C4d5yi7ySyH9IfrVi_BEpmKydFJ6HUH95iNj4UQdgEPuOiAMtw_mFf7*MC6UX2CZRKz8F9vTBuu4sGnwiGtGvSogG9F9kliHzNavBivmbW0p_SIjtO9UxffzXVLPABB0bmykA0_iC71Ax*6Qjl_l_jh8HUPSNUTLmYr7buCegw062rBgiWJr*eXQFMG3X2wHwEsLFtMGuN CertificateIssuerLet's Encrypt Subjectpoachfelonry.top Fingerprint73:8C:EC:50:E1:57:4A:90:86:49:32:43:E4:7B:AF:0D:68:BE:29:E6 ValidityThu, 11 Apr 2024 04:07:16 GMT - Wed, 10 Jul 2024 04:07:15 GMT
File typePNG image data, 267 x 138, 8-bit colormap, non-interlaced Hashb5358de0a5bd88caea2b7ad8e97d4a43 b9663e18ab0ea03d5e9b8d3a2dbcd6f300c2b995 15cee2b7b5dfa5e9b19dafcd3273a17d25d2c120a5acba055d1cc36f43253276
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /s/b5/35/b5358de0a5bd88caea2b7ad8e97d4a43.png HTTP/1.1
Host: poachfelonry.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwensimar.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 May 2024 20:39:04 GMT
Content-Type: image/png
Content-Length: 12063
Last-Modified: Thu, 22 Oct 2020 18:37:15 GMT
Connection: keep-alive
Keep-Alive: timeout=20
ETag: "5f91d15b-2f1f"
Expires: Mon, 13 May 2024 20:39:04 GMT
Cache-Control: max-age=864000
Accept-Ranges: bytes
|
|
| poachfelonry.top/s/58/ea/58eabfd425ab5128deb54f2b53bef9a3.jpg | 51.89.192.129 | 200 OK | 23 kB |
URL GET HTTP/1.1poachfelonry.top/s/58/ea/58eabfd425ab5128deb54f2b53bef9a3.jpg IP51.89.192.129:443
Requested byhttps://gwensimar.top/c2CLrEofSrArDT5XnUyYUzlgoN4LBq7BeEOECroZWOPLvZNMB8FebS5wlj1lpiq5jBBzi4GXTVfPcXZcpIdYP4oEWwVuIqEk47RbmVs8uRbimbiW9JXkwRwepkduSN_HovDPWjifprPCbWnDpWTxHgPtwDXP4LlQPmfUYyplpT9gtz2JWt2y5JEXPymUS*Ls2S8f3DERI*L*hA2GZLobpxwWBJwcKyWNWpCWJ*nGq_BBuWcJqG*xZe5xpTZ5YlK8xgZrlxeKXYSSMt5*0Xiy0Ts4RcHrEMxRYX182vMytkDPf7mmlv2lv3BJqTh18t8E6x8OsPjXTFR3Z1UDl*i3cGQktk7Ai94FNtl*MyQNMwrQ2ZQ*vFzPnDcE9vDsWlibnGcG*kPNdLw2zgkbJCAcs4Ia9wIRlu5vxYETi9aVnGlvgBzP4RWNTmWr2gRDrNTOkjbRY7UDCyoFHnqoMJTo26B4sKYyemmxp7wgV9gbo3c0*YURQfi2I9dv22iro7vuXSMCwuYdODmJ0*tuGarm8Aevg33PSO84p8CAHxTm_msee0xcHERKR5z0BV8eqmGYqN*Pi*hlFv47avZWRR29HRk986hOEoeY2iI80uSYJTZnXvjNMbGpNSy9pd27pyPclJ1xUs30HPMapCMIllvG2C4d5yi7ySyH9IfrVi_BEpmKydFJ6HUH95iNj4UQdgEPuOiAMtw_mFf7*MC6UX2CZRKz8F9vTBuu4sGnwiGtGvSogG9F9kliHzNavBivmbW0p_SIjtO9UxffzXVLPABB0bmykA0_iC71Ax*6Qjl_l_jh8HUPSNUTLmYr7buCegw062rBgiWJr*eXQFMG3X2wHwEsLFtMGuN CertificateIssuerLet's Encrypt Subjectpoachfelonry.top Fingerprint73:8C:EC:50:E1:57:4A:90:86:49:32:43:E4:7B:AF:0D:68:BE:29:E6 ValidityThu, 11 Apr 2024 04:07:16 GMT - Wed, 10 Jul 2024 04:07:15 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=154, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=644], progressive, precision 8, 514x154, components 3 Hash58eabfd425ab5128deb54f2b53bef9a3 a512e930211ec13af9e0e5695a172c1823ff7ca9 9f8ff2540e48ff8ba0aea68adc7a212b578c2ebe669c01c9084e0bc44e79812f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /s/58/ea/58eabfd425ab5128deb54f2b53bef9a3.jpg HTTP/1.1
Host: poachfelonry.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwensimar.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 May 2024 20:39:04 GMT
Content-Type: image/jpeg
Content-Length: 23128
Last-Modified: Thu, 22 Oct 2020 14:27:42 GMT
Connection: keep-alive
Keep-Alive: timeout=20
ETag: "5f9196de-5a58"
Expires: Mon, 13 May 2024 20:39:04 GMT
Cache-Control: max-age=864000
Accept-Ranges: bytes
|
|
| poachfelonry.top/s/46/a6/46a6c2c9ce4f1abe0a9aa2a4a944d7fe.jpg | 51.89.192.129 | 200 OK | 18 kB |
URL GET HTTP/1.1poachfelonry.top/s/46/a6/46a6c2c9ce4f1abe0a9aa2a4a944d7fe.jpg IP51.89.192.129:443
Requested byhttps://gwensimar.top/c2CLrEofSrArDT5XnUyYUzlgoN4LBq7BeEOECroZWOPLvZNMB8FebS5wlj1lpiq5jBBzi4GXTVfPcXZcpIdYP4oEWwVuIqEk47RbmVs8uRbimbiW9JXkwRwepkduSN_HovDPWjifprPCbWnDpWTxHgPtwDXP4LlQPmfUYyplpT9gtz2JWt2y5JEXPymUS*Ls2S8f3DERI*L*hA2GZLobpxwWBJwcKyWNWpCWJ*nGq_BBuWcJqG*xZe5xpTZ5YlK8xgZrlxeKXYSSMt5*0Xiy0Ts4RcHrEMxRYX182vMytkDPf7mmlv2lv3BJqTh18t8E6x8OsPjXTFR3Z1UDl*i3cGQktk7Ai94FNtl*MyQNMwrQ2ZQ*vFzPnDcE9vDsWlibnGcG*kPNdLw2zgkbJCAcs4Ia9wIRlu5vxYETi9aVnGlvgBzP4RWNTmWr2gRDrNTOkjbRY7UDCyoFHnqoMJTo26B4sKYyemmxp7wgV9gbo3c0*YURQfi2I9dv22iro7vuXSMCwuYdODmJ0*tuGarm8Aevg33PSO84p8CAHxTm_msee0xcHERKR5z0BV8eqmGYqN*Pi*hlFv47avZWRR29HRk986hOEoeY2iI80uSYJTZnXvjNMbGpNSy9pd27pyPclJ1xUs30HPMapCMIllvG2C4d5yi7ySyH9IfrVi_BEpmKydFJ6HUH95iNj4UQdgEPuOiAMtw_mFf7*MC6UX2CZRKz8F9vTBuu4sGnwiGtGvSogG9F9kliHzNavBivmbW0p_SIjtO9UxffzXVLPABB0bmykA0_iC71Ax*6Qjl_l_jh8HUPSNUTLmYr7buCegw062rBgiWJr*eXQFMG3X2wHwEsLFtMGuN CertificateIssuerLet's Encrypt Subjectpoachfelonry.top Fingerprint73:8C:EC:50:E1:57:4A:90:86:49:32:43:E4:7B:AF:0D:68:BE:29:E6 ValidityThu, 11 Apr 2024 04:07:16 GMT - Wed, 10 Jul 2024 04:07:15 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=112, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=543], progressive, precision 8, 340x112, components 3 Hash46a6c2c9ce4f1abe0a9aa2a4a944d7fe 1b14f0acc64ce15c45e2352f97e366a4896dd820 6f4aa8601356bb1ec79345bb218c99b43351920dcc1c323ad3b844a96cd56b9c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /s/46/a6/46a6c2c9ce4f1abe0a9aa2a4a944d7fe.jpg HTTP/1.1
Host: poachfelonry.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwensimar.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 May 2024 20:39:04 GMT
Content-Type: image/jpeg
Content-Length: 17935
Last-Modified: Thu, 22 Oct 2020 14:18:48 GMT
Connection: keep-alive
Keep-Alive: timeout=20
ETag: "5f9194c8-460f"
Expires: Mon, 13 May 2024 20:39:04 GMT
Cache-Control: max-age=864000
Accept-Ranges: bytes
|
|
| amineswees.top/ | 188.42.247.220 | 404 Not Found | 20 B |
IP188.42.247.220:443
Requested byhttps://gwensimar.top/c2CLrEofSrArDT5XnUyYUzlgoN4LBq7BeEOECroZWOPLvZNMB8FebS5wlj1lpiq5jBBzi4GXTVfPcXZcpIdYP4oEWwVuIqEk47RbmVs8uRbimbiW9JXkwRwepkduSN_HovDPWjifprPCbWnDpWTxHgPtwDXP4LlQPmfUYyplpT9gtz2JWt2y5JEXPymUS*Ls2S8f3DERI*L*hA2GZLobpxwWBJwcKyWNWpCWJ*nGq_BBuWcJqG*xZe5xpTZ5YlK8xgZrlxeKXYSSMt5*0Xiy0Ts4RcHrEMxRYX182vMytkDPf7mmlv2lv3BJqTh18t8E6x8OsPjXTFR3Z1UDl*i3cGQktk7Ai94FNtl*MyQNMwrQ2ZQ*vFzPnDcE9vDsWlibnGcG*kPNdLw2zgkbJCAcs4Ia9wIRlu5vxYETi9aVnGlvgBzP4RWNTmWr2gRDrNTOkjbRY7UDCyoFHnqoMJTo26B4sKYyemmxp7wgV9gbo3c0*YURQfi2I9dv22iro7vuXSMCwuYdODmJ0*tuGarm8Aevg33PSO84p8CAHxTm_msee0xcHERKR5z0BV8eqmGYqN*Pi*hlFv47avZWRR29HRk986hOEoeY2iI80uSYJTZnXvjNMbGpNSy9pd27pyPclJ1xUs30HPMapCMIllvG2C4d5yi7ySyH9IfrVi_BEpmKydFJ6HUH95iNj4UQdgEPuOiAMtw_mFf7*MC6UX2CZRKz8F9vTBuu4sGnwiGtGvSogG9F9kliHzNavBivmbW0p_SIjtO9UxffzXVLPABB0bmykA0_iC71Ax*6Qjl_l_jh8HUPSNUTLmYr7buCegw062rBgiWJr*eXQFMG3X2wHwEsLFtMGuN CertificateIssuerLet's Encrypt Subjectamineswees.top Fingerprint49:74:0B:1D:35:81:E3:08:67:E3:03:10:C0:01:12:18:E8:33:61:8B ValidityMon, 25 Mar 2024 23:43:57 GMT - Sun, 23 Jun 2024 23:43:56 GMT
File typegzip compressed data, from Unix Hash7029066c27ac6f5ef18d660d5741979a 46c6643f07aa7f6bfe7118de926b86defc5087c4 59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET / HTTP/1.1
Host: amineswees.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gwensimar.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 03 May 2024 20:39:04 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Content-Encoding: gzip
Vary: Accept-Encoding
|
|
| swapsprediet.top/cuid/?f=https%3A%2F%2Fgwensimar.top | 23.109.170.167 | 200 OK | 0 B |
URL POST HTTP/1.1swapsprediet.top/cuid/?f=https%3A%2F%2Fgwensimar.top IP23.109.170.167:443
Requested byhttps://gwensimar.top/c2CLrEofSrArDT5XnUyYUzlgoN4LBq7BeEOECroZWOPLvZNMB8FebS5wlj1lpiq5jBBzi4GXTVfPcXZcpIdYP4oEWwVuIqEk47RbmVs8uRbimbiW9JXkwRwepkduSN_HovDPWjifprPCbWnDpWTxHgPtwDXP4LlQPmfUYyplpT9gtz2JWt2y5JEXPymUS*Ls2S8f3DERI*L*hA2GZLobpxwWBJwcKyWNWpCWJ*nGq_BBuWcJqG*xZe5xpTZ5YlK8xgZrlxeKXYSSMt5*0Xiy0Ts4RcHrEMxRYX182vMytkDPf7mmlv2lv3BJqTh18t8E6x8OsPjXTFR3Z1UDl*i3cGQktk7Ai94FNtl*MyQNMwrQ2ZQ*vFzPnDcE9vDsWlibnGcG*kPNdLw2zgkbJCAcs4Ia9wIRlu5vxYETi9aVnGlvgBzP4RWNTmWr2gRDrNTOkjbRY7UDCyoFHnqoMJTo26B4sKYyemmxp7wgV9gbo3c0*YURQfi2I9dv22iro7vuXSMCwuYdODmJ0*tuGarm8Aevg33PSO84p8CAHxTm_msee0xcHERKR5z0BV8eqmGYqN*Pi*hlFv47avZWRR29HRk986hOEoeY2iI80uSYJTZnXvjNMbGpNSy9pd27pyPclJ1xUs30HPMapCMIllvG2C4d5yi7ySyH9IfrVi_BEpmKydFJ6HUH95iNj4UQdgEPuOiAMtw_mFf7*MC6UX2CZRKz8F9vTBuu4sGnwiGtGvSogG9F9kliHzNavBivmbW0p_SIjtO9UxffzXVLPABB0bmykA0_iC71Ax*6Qjl_l_jh8HUPSNUTLmYr7buCegw062rBgiWJr*eXQFMG3X2wHwEsLFtMGuN CertificateIssuerLet's Encrypt Subjectswapsprediet.top Fingerprint8F:9C:DC:F5:73:1D:A7:22:85:1E:BB:04:8E:8F:71:2C:C4:CF:85:41 ValidityTue, 30 Apr 2024 02:44:45 GMT - Mon, 29 Jul 2024 02:44:44 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /cuid/?f=https%3A%2F%2Fgwensimar.top HTTP/1.1
Host: swapsprediet.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://gwensimar.top/
Origin: https://gwensimar.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 May 2024 20:39:04 GMT
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://gwensimar.top
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| swapsprediet.top/cuid/?f=https%3A%2F%2Fgwensimar.top | 23.109.170.167 | 200 OK | 32 B |
URL POST HTTP/1.1swapsprediet.top/cuid/?f=https%3A%2F%2Fgwensimar.top IP23.109.170.167:443
Requested byhttps://gwensimar.top/c2CLrEofSrArDT5XnUyYUzlgoN4LBq7BeEOECroZWOPLvZNMB8FebS5wlj1lpiq5jBBzi4GXTVfPcXZcpIdYP4oEWwVuIqEk47RbmVs8uRbimbiW9JXkwRwepkduSN_HovDPWjifprPCbWnDpWTxHgPtwDXP4LlQPmfUYyplpT9gtz2JWt2y5JEXPymUS*Ls2S8f3DERI*L*hA2GZLobpxwWBJwcKyWNWpCWJ*nGq_BBuWcJqG*xZe5xpTZ5YlK8xgZrlxeKXYSSMt5*0Xiy0Ts4RcHrEMxRYX182vMytkDPf7mmlv2lv3BJqTh18t8E6x8OsPjXTFR3Z1UDl*i3cGQktk7Ai94FNtl*MyQNMwrQ2ZQ*vFzPnDcE9vDsWlibnGcG*kPNdLw2zgkbJCAcs4Ia9wIRlu5vxYETi9aVnGlvgBzP4RWNTmWr2gRDrNTOkjbRY7UDCyoFHnqoMJTo26B4sKYyemmxp7wgV9gbo3c0*YURQfi2I9dv22iro7vuXSMCwuYdODmJ0*tuGarm8Aevg33PSO84p8CAHxTm_msee0xcHERKR5z0BV8eqmGYqN*Pi*hlFv47avZWRR29HRk986hOEoeY2iI80uSYJTZnXvjNMbGpNSy9pd27pyPclJ1xUs30HPMapCMIllvG2C4d5yi7ySyH9IfrVi_BEpmKydFJ6HUH95iNj4UQdgEPuOiAMtw_mFf7*MC6UX2CZRKz8F9vTBuu4sGnwiGtGvSogG9F9kliHzNavBivmbW0p_SIjtO9UxffzXVLPABB0bmykA0_iC71Ax*6Qjl_l_jh8HUPSNUTLmYr7buCegw062rBgiWJr*eXQFMG3X2wHwEsLFtMGuN CertificateIssuerLet's Encrypt Subjectswapsprediet.top Fingerprint8F:9C:DC:F5:73:1D:A7:22:85:1E:BB:04:8E:8F:71:2C:C4:CF:85:41 ValidityTue, 30 Apr 2024 02:44:45 GMT - Mon, 29 Jul 2024 02:44:44 GMT
Hash831a19f78a070d24d83662b815a0005a 6aa350447b7bdacea2a041e60a6d68e754ff9d0c 25849379f8405f738aa005d4bba1c392e292fd18b43a6a6f5866ef5016fde5f3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /cuid/?f=https%3A%2F%2Fgwensimar.top HTTP/1.1
Host: swapsprediet.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gwensimar.top/
Content-Type: application/json
Content-Length: 10
Origin: https://gwensimar.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 May 2024 20:39:04 GMT
Content-Type: application/json
Content-Length: 32
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://gwensimar.top
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: a97fa794a0f9=67cb92d4a322b957a5b0ff; expires=Mon, 18 Sep 2051 21:07:44 GMT; domain=swapsprediet.top; path=/; secure; SameSite=None
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.227 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.227:443
Requested byhttps://gwensimar.top/c2CLrEofSrArDT5XnUyYUzlgoN4LBq7BeEOECroZWOPLvZNMB8FebS5wlj1lpiq5jBBzi4GXTVfPcXZcpIdYP4oEWwVuIqEk47RbmVs8uRbimbiW9JXkwRwepkduSN_HovDPWjifprPCbWnDpWTxHgPtwDXP4LlQPmfUYyplpT9gtz2JWt2y5JEXPymUS*Ls2S8f3DERI*L*hA2GZLobpxwWBJwcKyWNWpCWJ*nGq_BBuWcJqG*xZe5xpTZ5YlK8xgZrlxeKXYSSMt5*0Xiy0Ts4RcHrEMxRYX182vMytkDPf7mmlv2lv3BJqTh18t8E6x8OsPjXTFR3Z1UDl*i3cGQktk7Ai94FNtl*MyQNMwrQ2ZQ*vFzPnDcE9vDsWlibnGcG*kPNdLw2zgkbJCAcs4Ia9wIRlu5vxYETi9aVnGlvgBzP4RWNTmWr2gRDrNTOkjbRY7UDCyoFHnqoMJTo26B4sKYyemmxp7wgV9gbo3c0*YURQfi2I9dv22iro7vuXSMCwuYdODmJ0*tuGarm8Aevg33PSO84p8CAHxTm_msee0xcHERKR5z0BV8eqmGYqN*Pi*hlFv47avZWRR29HRk986hOEoeY2iI80uSYJTZnXvjNMbGpNSy9pd27pyPclJ1xUs30HPMapCMIllvG2C4d5yi7ySyH9IfrVi_BEpmKydFJ6HUH95iNj4UQdgEPuOiAMtw_mFf7*MC6UX2CZRKz8F9vTBuu4sGnwiGtGvSogG9F9kliHzNavBivmbW0p_SIjtO9UxffzXVLPABB0bmykA0_iC71Ax*6Qjl_l_jh8HUPSNUTLmYr7buCegw062rBgiWJr*eXQFMG3X2wHwEsLFtMGuN CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gwensimar.top
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:35:00 GMT
expires: Fri, 02 May 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 151444
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.227 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.227:443
Requested byhttps://gwensimar.top/c2CLrEofSrArDT5XnUyYUzlgoN4LBq7BeEOECroZWOPLvZNMB8FebS5wlj1lpiq5jBBzi4GXTVfPcXZcpIdYP4oEWwVuIqEk47RbmVs8uRbimbiW9JXkwRwepkduSN_HovDPWjifprPCbWnDpWTxHgPtwDXP4LlQPmfUYyplpT9gtz2JWt2y5JEXPymUS*Ls2S8f3DERI*L*hA2GZLobpxwWBJwcKyWNWpCWJ*nGq_BBuWcJqG*xZe5xpTZ5YlK8xgZrlxeKXYSSMt5*0Xiy0Ts4RcHrEMxRYX182vMytkDPf7mmlv2lv3BJqTh18t8E6x8OsPjXTFR3Z1UDl*i3cGQktk7Ai94FNtl*MyQNMwrQ2ZQ*vFzPnDcE9vDsWlibnGcG*kPNdLw2zgkbJCAcs4Ia9wIRlu5vxYETi9aVnGlvgBzP4RWNTmWr2gRDrNTOkjbRY7UDCyoFHnqoMJTo26B4sKYyemmxp7wgV9gbo3c0*YURQfi2I9dv22iro7vuXSMCwuYdODmJ0*tuGarm8Aevg33PSO84p8CAHxTm_msee0xcHERKR5z0BV8eqmGYqN*Pi*hlFv47avZWRR29HRk986hOEoeY2iI80uSYJTZnXvjNMbGpNSy9pd27pyPclJ1xUs30HPMapCMIllvG2C4d5yi7ySyH9IfrVi_BEpmKydFJ6HUH95iNj4UQdgEPuOiAMtw_mFf7*MC6UX2CZRKz8F9vTBuu4sGnwiGtGvSogG9F9kliHzNavBivmbW0p_SIjtO9UxffzXVLPABB0bmykA0_iC71Ax*6Qjl_l_jh8HUPSNUTLmYr7buCegw062rBgiWJr*eXQFMG3X2wHwEsLFtMGuN CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gwensimar.top
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:35:00 GMT
expires: Fri, 02 May 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 151444
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| gwensimar.top/favicon.ico | 173.0.146.169 | 200 OK | 1.4 kB |
URL GET HTTP/1.1gwensimar.top/favicon.ico IP173.0.146.169:443
Requested byhttps://gwensimar.top/c2CLrEofSrArDT5XnUyYUzlgoN4LBq7BeEOECroZWOPLvZNMB8FebS5wlj1lpiq5jBBzi4GXTVfPcXZcpIdYP4oEWwVuIqEk47RbmVs8uRbimbiW9JXkwRwepkduSN_HovDPWjifprPCbWnDpWTxHgPtwDXP4LlQPmfUYyplpT9gtz2JWt2y5JEXPymUS*Ls2S8f3DERI*L*hA2GZLobpxwWBJwcKyWNWpCWJ*nGq_BBuWcJqG*xZe5xpTZ5YlK8xgZrlxeKXYSSMt5*0Xiy0Ts4RcHrEMxRYX182vMytkDPf7mmlv2lv3BJqTh18t8E6x8OsPjXTFR3Z1UDl*i3cGQktk7Ai94FNtl*MyQNMwrQ2ZQ*vFzPnDcE9vDsWlibnGcG*kPNdLw2zgkbJCAcs4Ia9wIRlu5vxYETi9aVnGlvgBzP4RWNTmWr2gRDrNTOkjbRY7UDCyoFHnqoMJTo26B4sKYyemmxp7wgV9gbo3c0*YURQfi2I9dv22iro7vuXSMCwuYdODmJ0*tuGarm8Aevg33PSO84p8CAHxTm_msee0xcHERKR5z0BV8eqmGYqN*Pi*hlFv47avZWRR29HRk986hOEoeY2iI80uSYJTZnXvjNMbGpNSy9pd27pyPclJ1xUs30HPMapCMIllvG2C4d5yi7ySyH9IfrVi_BEpmKydFJ6HUH95iNj4UQdgEPuOiAMtw_mFf7*MC6UX2CZRKz8F9vTBuu4sGnwiGtGvSogG9F9kliHzNavBivmbW0p_SIjtO9UxffzXVLPABB0bmykA0_iC71Ax*6Qjl_l_jh8HUPSNUTLmYr7buCegw062rBgiWJr*eXQFMG3X2wHwEsLFtMGuN CertificateIssuerLet's Encrypt Subjectgwensimar.top Fingerprint76:2C:D2:5E:4D:68:3A:13:B9:D7:43:55:8A:6B:1A:CC:60:5C:EE:D1 ValidityThu, 18 Apr 2024 23:01:38 GMT - Wed, 17 Jul 2024 23:01:37 GMT
File typeMS Windows icon resource - 1 icon, 16x16 Hash011201ab56695ce86ea2f190bce2670b bb8fad6accf293e619360935047c23f00da3c769 a9bc1ab7f7c0c6bc5d097050968993474e32346cffa537be1e0335a19645f12e
GET /favicon.ico HTTP/1.1
Host: gwensimar.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwensimar.top/c2CLrEofSrArDT5XnUyYUzlgoN4LBq7BeEOECroZWOPLvZNMB8FebS5wlj1lpiq5jBBzi4GXTVfPcXZcpIdYP4oEWwVuIqEk47RbmVs8uRbimbiW9JXkwRwepkduSN_HovDPWjifprPCbWnDpWTxHgPtwDXP4LlQPmfUYyplpT9gtz2JWt2y5JEXPymUS*Ls2S8f3DERI*L*hA2GZLobpxwWBJwcKyWNWpCWJ*nGq_BBuWcJqG*xZe5xpTZ5YlK8xgZrlxeKXYSSMt5*0Xiy0Ts4RcHrEMxRYX182vMytkDPf7mmlv2lv3BJqTh18t8E6x8OsPjXTFR3Z1UDl*i3cGQktk7Ai94FNtl*MyQNMwrQ2ZQ*vFzPnDcE9vDsWlibnGcG*kPNdLw2zgkbJCAcs4Ia9wIRlu5vxYETi9aVnGlvgBzP4RWNTmWr2gRDrNTOkjbRY7UDCyoFHnqoMJTo26B4sKYyemmxp7wgV9gbo3c0*YURQfi2I9dv22iro7vuXSMCwuYdODmJ0*tuGarm8Aevg33PSO84p8CAHxTm_msee0xcHERKR5z0BV8eqmGYqN*Pi*hlFv47avZWRR29HRk986hOEoeY2iI80uSYJTZnXvjNMbGpNSy9pd27pyPclJ1xUs30HPMapCMIllvG2C4d5yi7ySyH9IfrVi_BEpmKydFJ6HUH95iNj4UQdgEPuOiAMtw_mFf7*MC6UX2CZRKz8F9vTBuu4sGnwiGtGvSogG9F9kliHzNavBivmbW0p_SIjtO9UxffzXVLPABB0bmykA0_iC71Ax*6Qjl_l_jh8HUPSNUTLmYr7buCegw062rBgiWJr*eXQFMG3X2wHwEsLFtMGuN
Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 May 2024 20:39:04 GMT
Content-Type: application/octet-stream
Content-Length: 1406
Last-Modified: Fri, 03 May 2024 15:30:55 GMT
Connection: keep-alive
Keep-Alive: timeout=20
ETag: "6635032f-57e"
Expires: Sat, 04 May 2024 20:39:04 GMT
Cache-Control: max-age=86400
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
|
|
| fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700;800&display=swap | 142.250.74.106 | 200 OK | 8.1 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700;800&display=swap IP142.250.74.106:443
Requested byhttps://gwensimar.top/c2CLrEofSrArDT5XnUyYUzlgoN4LBq7BeEOECroZWOPLvZNMB8FebS5wlj1lpiq5jBBzi4GXTVfPcXZcpIdYP4oEWwVuIqEk47RbmVs8uRbimbiW9JXkwRwepkduSN_HovDPWjifprPCbWnDpWTxHgPtwDXP4LlQPmfUYyplpT9gtz2JWt2y5JEXPymUS*Ls2S8f3DERI*L*hA2GZLobpxwWBJwcKyWNWpCWJ*nGq_BBuWcJqG*xZe5xpTZ5YlK8xgZrlxeKXYSSMt5*0Xiy0Ts4RcHrEMxRYX182vMytkDPf7mmlv2lv3BJqTh18t8E6x8OsPjXTFR3Z1UDl*i3cGQktk7Ai94FNtl*MyQNMwrQ2ZQ*vFzPnDcE9vDsWlibnGcG*kPNdLw2zgkbJCAcs4Ia9wIRlu5vxYETi9aVnGlvgBzP4RWNTmWr2gRDrNTOkjbRY7UDCyoFHnqoMJTo26B4sKYyemmxp7wgV9gbo3c0*YURQfi2I9dv22iro7vuXSMCwuYdODmJ0*tuGarm8Aevg33PSO84p8CAHxTm_msee0xcHERKR5z0BV8eqmGYqN*Pi*hlFv47avZWRR29HRk986hOEoeY2iI80uSYJTZnXvjNMbGpNSy9pd27pyPclJ1xUs30HPMapCMIllvG2C4d5yi7ySyH9IfrVi_BEpmKydFJ6HUH95iNj4UQdgEPuOiAMtw_mFf7*MC6UX2CZRKz8F9vTBuu4sGnwiGtGvSogG9F9kliHzNavBivmbW0p_SIjtO9UxffzXVLPABB0bmykA0_iC71Ax*6Qjl_l_jh8HUPSNUTLmYr7buCegw062rBgiWJr*eXQFMG3X2wHwEsLFtMGuN CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Hashf3a8b2112076000f6c2e425f54103820 6676989bdb782ce4d5c5cfe5e94860313ea6b580 7c7e06e1077503b5af6d5549a8fc1fd4c2e2b1f829c41f9833879c4ea7ca8dec
GET /css2?family=Open+Sans:wght@300;400;600;700;800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwensimar.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 03 May 2024 20:39:04 GMT
date: Fri, 03 May 2024 20:39:04 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| amineswees.top/MszDdpfE7*3f_io884M0vMwlFOBTWM*FDbCD3P*kfHbbvaBfEoZe3uiPaYG0Gur2IFIwcpzrDH1McSatVjMz3eNf_zZS3LAZf3OTBhtxXDrOzFuXILeMaJxZ9MxLb*NrhoHNSxdgWEcjdE7Dm6mbqxvBJypvXU*TL4UD8L8Dmu2jv8ZPKO7dsUZhDs7HHVxylTp1B7K9mq3fzb7zg8bBLFdozUTd2uE78rcct*PiOQwgR2hS3iT4 | 188.42.247.220 | 200 OK | 20 B |
URL GET HTTP/1.1amineswees.top/MszDdpfE7*3f_io884M0vMwlFOBTWM*FDbCD3P*kfHbbvaBfEoZe3uiPaYG0Gur2IFIwcpzrDH1McSatVjMz3eNf_zZS3LAZf3OTBhtxXDrOzFuXILeMaJxZ9MxLb*NrhoHNSxdgWEcjdE7Dm6mbqxvBJypvXU*TL4UD8L8Dmu2jv8ZPKO7dsUZhDs7HHVxylTp1B7K9mq3fzb7zg8bBLFdozUTd2uE78rcct*PiOQwgR2hS3iT4 IP188.42.247.220:443
Requested byhttps://gwensimar.top/c2CLrEofSrArDT5XnUyYUzlgoN4LBq7BeEOECroZWOPLvZNMB8FebS5wlj1lpiq5jBBzi4GXTVfPcXZcpIdYP4oEWwVuIqEk47RbmVs8uRbimbiW9JXkwRwepkduSN_HovDPWjifprPCbWnDpWTxHgPtwDXP4LlQPmfUYyplpT9gtz2JWt2y5JEXPymUS*Ls2S8f3DERI*L*hA2GZLobpxwWBJwcKyWNWpCWJ*nGq_BBuWcJqG*xZe5xpTZ5YlK8xgZrlxeKXYSSMt5*0Xiy0Ts4RcHrEMxRYX182vMytkDPf7mmlv2lv3BJqTh18t8E6x8OsPjXTFR3Z1UDl*i3cGQktk7Ai94FNtl*MyQNMwrQ2ZQ*vFzPnDcE9vDsWlibnGcG*kPNdLw2zgkbJCAcs4Ia9wIRlu5vxYETi9aVnGlvgBzP4RWNTmWr2gRDrNTOkjbRY7UDCyoFHnqoMJTo26B4sKYyemmxp7wgV9gbo3c0*YURQfi2I9dv22iro7vuXSMCwuYdODmJ0*tuGarm8Aevg33PSO84p8CAHxTm_msee0xcHERKR5z0BV8eqmGYqN*Pi*hlFv47avZWRR29HRk986hOEoeY2iI80uSYJTZnXvjNMbGpNSy9pd27pyPclJ1xUs30HPMapCMIllvG2C4d5yi7ySyH9IfrVi_BEpmKydFJ6HUH95iNj4UQdgEPuOiAMtw_mFf7*MC6UX2CZRKz8F9vTBuu4sGnwiGtGvSogG9F9kliHzNavBivmbW0p_SIjtO9UxffzXVLPABB0bmykA0_iC71Ax*6Qjl_l_jh8HUPSNUTLmYr7buCegw062rBgiWJr*eXQFMG3X2wHwEsLFtMGuN CertificateIssuerLet's Encrypt Subjectamineswees.top Fingerprint49:74:0B:1D:35:81:E3:08:67:E3:03:10:C0:01:12:18:E8:33:61:8B ValidityMon, 25 Mar 2024 23:43:57 GMT - Sun, 23 Jun 2024 23:43:56 GMT
File typegzip compressed data, from Unix Hash7029066c27ac6f5ef18d660d5741979a 46c6643f07aa7f6bfe7118de926b86defc5087c4 59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /MszDdpfE7*3f_io884M0vMwlFOBTWM*FDbCD3P*kfHbbvaBfEoZe3uiPaYG0Gur2IFIwcpzrDH1McSatVjMz3eNf_zZS3LAZf3OTBhtxXDrOzFuXILeMaJxZ9MxLb*NrhoHNSxdgWEcjdE7Dm6mbqxvBJypvXU*TL4UD8L8Dmu2jv8ZPKO7dsUZhDs7HHVxylTp1B7K9mq3fzb7zg8bBLFdozUTd2uE78rcct*PiOQwgR2hS3iT4 HTTP/1.1
Host: amineswees.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gwensimar.top/
Origin: https://gwensimar.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 May 2024 20:39:07 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://gwensimar.top
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Sat, 04-May-2024 20:39:07 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Sat, 04-May-2024 20:39:07 GMT; Max-Age=86400; path=/; secure; SameSite=None
vpgd2c213b48e=1714768743.5841; expires=Sat, 04-May-2024 20:39:07 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|