141.136.35.50/
141.136.35.50200 OK 4.4 kB IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (549)
Hash 33fef2b675f873df26d70d9f989395d7
6b20d85889d1eb96623fa607089916232894c6b6
3126d8be76289301638bb400fe3934c7c0c265b34a498e0802a071f184fee8e7
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 13:27:09 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Content-Type: text/html; charset=utf-8
ETag: W/"4850-1YLAiQF7iWq9Bg+6FsEw/omiA8k-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4361
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 381442da2a14cb93770f4c8f6e19d35b
31c48467751e2450a63004c57eea0c7872023eaf
61b0985f47033bd7020ab3b8cdcbc6c17be6ab9b6feba69e006088b78e21c0f0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61B0985F47033BD7020AB3B8CDCBC6C17BE6AB9B6FEBA69E006088B78E21C0F0"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3829
Expires: Sat, 17 Dec 2022 14:30:58 GMT
Date: Sat, 17 Dec 2022 13:27:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ae86164fd9297dfdc05d67d69284d70e
5e5f27e3fd492f715baa6820f05c0fafde4040b3
be20f6ae6a51d20611cb4d350b52a5d0a339af6722fe9b2482ef58826c1e9de0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE20F6AE6A51D20611CB4D350B52A5D0A339AF6722FE9B2482EF58826C1E9DE0"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12357
Expires: Sat, 17 Dec 2022 16:53:06 GMT
Date: Sat, 17 Dec 2022 13:27:09 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 17 Dec 2022 12:45:21 GMT
content-type: application/json
age: 2508
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 555fc6e99ad3bf077d1c4b9b805e428d
4e800fc8e809a950288df0e94992084647762561
fac00cada519279717e2a13528cb202d292fc92ed5eb42782c41f8e7b9509eaf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAC00CADA519279717E2A13528CB202D292FC92ED5EB42782C41F8E7B9509EAF"
Last-Modified: Fri, 16 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8524
Expires: Sat, 17 Dec 2022 15:49:13 GMT
Date: Sat, 17 Dec 2022 13:27:09 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 01mGIn+8LXp58y3PH43hFqA9WvdUlyGuXgCmEKYaNGd7unXwMzveVLs8rNAFTUIwKI6/aHGzOt+v4N3p1DCHiA==
x-amz-request-id: 9RNTKSCDMZ3YBJA6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 17 Dec 2022 12:51:47 GMT
age: 2122
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 17 Dec 2022 13:27:09 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
141.136.35.50/css/style.css
141.136.35.50200 OK 3.5 kB URL HTTP/1.1 141.136.35.50/css/style.css
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type ASCII text, with CRLF line terminators
Hash 31f555a8d3fc0fcf9d6e846a94077b15
1c62d328c3c3db2ed91189a5a70f0201196128ab
59420e6d15657165442d6df434c489862d7f45aa6f7381ccd6343eed24b6e1a5
Analyzer Verdict Alert quad9 Sinkholed
GET /css/style.css HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 13:27:09 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Fri, 02 Dec 2022 13:20:24 GMT
ETag: W/"3d8c-184d2fec9c0-gzip"
Content-Type: text/css; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3503
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
cdnjs.cloudflare.com/ajax/libs/lightgallery-js/1.4.0/js/lightgallery.min.js
104.17.24.14200 OK 6.3 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/lightgallery-js/1.4.0/js/lightgallery.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (25258)
Hash b10e40052eef5465e7a0f5e9fb899deb
603d5fdfa11eab58b6e74694cd8571e73862cad9
eba2933a501a6a410694ef0a6981956dc3fd23ed3fbf0cd1e81d1a21922d36cf
GET /ajax/libs/lightgallery-js/1.4.0/js/lightgallery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://141.136.35.50/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 17 Dec 2022 13:27:09 GMT
content-type: application/javascript; charset=utf-8
content-length: 6325
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f85ee4b-6349"
last-modified: Tue, 13 Oct 2020 18:13:31 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 8088555
expires: Thu, 07 Dec 2023 13:27:09 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0a00dSEw8lazOOVZjxTPb1rC%2FyDwAW09BHLgc3ot0PTGjjSbcPLO2aXNrRdGkxkP9j%2BBHnrj85nXKgkAzwaWKvnNFz%2BW9%2BzH1%2FOAqg%2BtU7wrWix%2FNMOyih3ee34SoCf15lcEae6l"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77affe9dbecdfab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/lightgallery-js/1.4.0/css/lightgallery.min.css
104.17.24.14200 OK 3.3 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/lightgallery-js/1.4.0/css/lightgallery.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (20972), with no line terminators
Hash 8408478149d06b7243f8a5a8dbcfd023
89fef5084e5b015faccfe86004d1201ad00a7776
01eb0f2ca8937bec354d837f9190327842fb222582c80dc75c8141909aebf167
GET /ajax/libs/lightgallery-js/1.4.0/css/lightgallery.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://141.136.35.50/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 17 Dec 2022 13:27:09 GMT
content-type: text/css; charset=utf-8
content-length: 3327
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f85ee4b-51ec"
last-modified: Tue, 13 Oct 2020 18:13:31 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 9475826
expires: Thu, 07 Dec 2023 13:27:09 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ErCcDUJRDlgTxWXYEkG2z5VhEQ1yWSgEaM6vii9%2BWOcQEeP3DyEXdMNPNAs%2BcL83C3ej8f7OeJS6vIjcKuTrpuhu2Cvguw8G2NP2k%2F26bHBDznyrB13Tzzmf7sYQyHtnMaPrYKtz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77affe9daec8fab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/wow/1.1.2/wow.min.js
104.17.24.14200 OK 2.3 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/wow/1.1.2/wow.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (8152)
Hash 97c687af34ccd69fdfe48fbca70afec2
ab75720b2143215335378849e4f295a290d4d41f
748b1da138fb49f26c67ae1eaa8908da0b8c9625ad0ece81d704a7fb9a7d07b5
GET /ajax/libs/wow/1.1.2/wow.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://141.136.35.50/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 17 Dec 2022 13:27:09 GMT
content-type: application/javascript; charset=utf-8
content-length: 2346
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04033-1ff6"
last-modified: Mon, 04 May 2020 16:17:55 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2744497
expires: Thu, 07 Dec 2023 13:27:09 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3O2lNW%2Be3Ap20jz3XrTNpM0YNhfi9e1%2BMuC8vkn4KZdR3yMo80K%2BU7II43fum6Jz%2FKkcPHOj3fL81G%2FnB3lQv7beGlwq%2FLXKCDBXU9oxF4VnXDo%2Bc4dzqAXTVkLIy0NB9DdPBTyW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77affe9dbeccfab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.1/animate.min.css
104.17.24.14200 OK 3.3 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.1/animate.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (52592)
Hash fec640dfea7dae770fd7e20015cb37ab
79937c653d3041059615436a9ae10e20f7165aea
62c012c712bf137d0ccf51ae1772ff4946a28ba14d826b6fb8e9418ca15e8d88
GET /ajax/libs/animate.css/3.5.1/animate.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://141.136.35.50/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 17 Dec 2022 13:27:09 GMT
content-type: text/css; charset=utf-8
content-length: 3281
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d2a-ce35"
last-modified: Mon, 04 May 2020 16:04:58 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 415589
expires: Thu, 07 Dec 2023 13:27:09 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w6cErZTAxGwTfJA%2Ft6s7J42%2Fx2M%2FVANg9dNAypxRLDSOz7feT5W8drDdwp1otfXQ4RSN05rqSg%2FsmGSfxQFYsVlFIF1DhMfDEVELT0sUwg6WiUiE2l6y8bpk8sMPnrSumz6n3PvY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77affe9daec9fab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
104.17.24.14200 OK 10 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (59119)
Hash 14e1692fd4263ccfea0b84299bdbf1f5
7783020a9ced5f32c8d38205357c7d10798be1fd
8ff0cd2d1e7f0b6203a762fb9811256d4445a3ad0d97f07102e038ba0eb3db72
GET /ajax/libs/font-awesome/5.15.4/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://141.136.35.50/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 17 Dec 2022 13:27:09 GMT
content-type: text/css; charset=utf-8
content-length: 10462
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "613fa20b-28de"
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 6859295
expires: Thu, 07 Dec 2023 13:27:09 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CzX2DRI42E8A6z%2BwSJ6Q2IlsooVTNMuBJbbGexTBpw3VEz0GKDyblYjy%2FgjjgxJ7pYY7Bhofr3XXqLFdCy3p%2FewveFt%2FuQaxgEK4CDGq6ll%2BG%2BAMmtOe0SC78LnmVSJ6zxC4mXoD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77affe9dbed6fab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.2/css/font-awesome.min.css
104.17.24.14200 OK 5.3 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.2/css/font-awesome.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (28768)
Hash 0f243ae6d6da710c26886b9f56872964
3f8aaa2edfe4ceae8cbd975947d2b3cb728c38c5
4d7c9f54cfc8e1ebce198671a16b06da00570e0e66320220d059c23b333a72cb
GET /ajax/libs/font-awesome/4.6.2/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://141.136.35.50/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 17 Dec 2022 13:27:09 GMT
content-type: text/css; charset=utf-8
content-length: 5291
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7103"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 19572507
expires: Thu, 07 Dec 2023 13:27:09 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2FB7t0IaTLQuyABtTiLxtm8EaygGTNAg42PgxQtsVPhKYLDAJQl7LARoAyTUDna01UZR3hKaCW1Wbk5%2BXhUDiC0BOy5IypkvBTsMFC7TyoZWsCKTR1yD6Aw9slyG6OsnA%2F0BcJTc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77affe9daecbfab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/css/all.min.css
104.17.24.14200 OK 19 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/css/all.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (65317)
Hash 95d49e491b46f526854d624e40d8af76
5b145ab428cc484ecead4666e01cca7ce6b4dff4
f897fc168379623a0e92c3bb80ff02bc4742ccb555fb094e87dc9b60697a481c
GET /ajax/libs/font-awesome/6.2.0/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://141.136.35.50/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 17 Dec 2022 13:27:09 GMT
content-type: text/css; charset=utf-8
content-length: 18688
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "630e6e62-4900"
last-modified: Tue, 30 Aug 2022 20:09:06 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2667626
expires: Thu, 07 Dec 2023 13:27:09 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LxhTUEciBiE8QGpRTqkEIGkPrrgi19egoPuL1pROuZNqmZjmgW1gWUmRBbNI7A9kk%2FurU6hZjL7mWtUkpeE2Vm5FdOvs4IjLkoWCj8rmi%2BWhjESQouXkcxil4yJ8ebCO%2FTafsfss"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77affe9dbed8fab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/jquery.min.js
104.17.24.14200 OK 27 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/jquery.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (32014)
Hash b0a538eca8603c37c15e4ccd04500c57
f89f4099777ae63be4e09fee2b1227bc6874fd73
917decede324477626db7f615c8ee595556bafb7a875bdc9d3c3b1b94b345307
GET /ajax/libs/jquery/3.1.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://141.136.35.50/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 17 Dec 2022 13:27:09 GMT
content-type: application/javascript; charset=utf-8
content-length: 27198
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-1514f"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3871097
expires: Thu, 07 Dec 2023 13:27:09 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gLoFA44HIULKvlI4w2O2tKobxYEfmXy8eDHAjyNpRrSfHMfLCqHEMo1j2i1YmBqnScQs8ISFxCouCdEwZiny%2FjrY3x%2BEZW26e1%2BKzQqaiz%2Bjnz6ucwL9gOxrlyXHVUbY2ZpRXIm1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77affe9dbedafab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/vue/2.0.1/vue.min.js
104.17.24.14200 OK 21 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/vue/2.0.1/vue.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (32024)
Hash a47e057ccaa761adc39ca4653fd5ca03
fc9c55b7c8187b6fe9f14a1a54a784822c963083
c9aadb1ef728cc805151a580aabcc854f0fc80114f9f6b131ac15c617e544024
GET /ajax/libs/vue/2.0.1/vue.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://141.136.35.50/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 17 Dec 2022 13:27:09 GMT
content-type: application/javascript; charset=utf-8
content-length: 20907
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb0402c-f6e0"
last-modified: Mon, 04 May 2020 16:17:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 226342
expires: Thu, 07 Dec 2023 13:27:09 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0UbK3hUn3erZ4oHW0%2Bb0E66uNn9dip6l8ZS7cgUwRsnvsrTSio94e%2FjlogkZ9FmiJIj3PdSorHKTfY1VQMZ%2BrRjyabp2QUy%2BuY%2F1B28dxnSMzzz15Z2RZ4BD8rRbin23FT5WAkf1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77affe9dcedefab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
141.136.35.50/css/contactus.css
141.136.35.50200 OK 836 B URL HTTP/1.1 141.136.35.50/css/contactus.css
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type ASCII text, with CRLF line terminators
Hash fa7be4ccd470c85fcce415ddf908eb85
1bbc549f63a2bb4205e7f8334bbe0886683126ec
08ed7c452f4cdce6f328baeb50ed70601d3800412d76fb9fab77e2df58c2585f
Analyzer Verdict Alert quad9 Sinkholed
GET /css/contactus.css HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 13:27:09 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Fri, 28 Oct 2022 12:26:50 GMT
ETag: W/"8e3-1841e8f2b10-gzip"
Content-Type: text/css; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 836
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
141.136.35.50/css/buttons.css
141.136.35.50200 OK 704 B URL HTTP/1.1 141.136.35.50/css/buttons.css
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type ASCII text, with CRLF line terminators
Hash f9812d53cd8a0ebd8908dcdd93e01746
7571723b72dd2e922f321362d51b8d50d6e0cccc
751e3540c4f927930cd48c5e7c81363cfd8b9cc99d78c2cdb6daa37fea6aecaf
Analyzer Verdict Alert quad9 Sinkholed
GET /css/buttons.css HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 13:27:09 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 29 Nov 2022 11:34:28 GMT
ETag: W/"729-184c32ab9a0-gzip"
Content-Type: text/css; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 704
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
141.136.35.50/css/stylemip.css
141.136.35.50200 OK 635 B URL HTTP/1.1 141.136.35.50/css/stylemip.css
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type ASCII text, with CRLF line terminators
Hash 4411fa5a88f2f78b8fd44f2cdf152a1e
18fae990d7f396c03dc74ef743df036f61561c43
4da404770727041097f5f7efc38d7cc079cf7fa73c90d9d05a6439be1234afbf
Analyzer Verdict Alert quad9 Sinkholed
GET /css/stylemip.css HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 13:27:09 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 30 Nov 2022 13:17:38 GMT
ETag: W/"969-184c8af8950-gzip"
Content-Type: text/css; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 635
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
141.136.35.50/css/responsibility.css
141.136.35.50200 OK 791 B URL HTTP/1.1 141.136.35.50/css/responsibility.css
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
Hash e98b84cf6874eaf59e17d9bccfcfbddb
c6bb2e813a12bbdcef40093e21a8a3ebee7f858d
cb68f20c70728cd9a1be2aa7cc3e5332318c6a293824b3131473b2d169843ce1
Analyzer Verdict Alert quad9 Sinkholed
GET /css/responsibility.css HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 13:27:09 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 15 Nov 2022 17:07:12 GMT
ETag: W/"97e-1847c425200-gzip"
Content-Type: text/css; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 791
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
141.136.35.50/css/carousel_pc.css
141.136.35.50200 OK 1.3 kB URL HTTP/1.1 141.136.35.50/css/carousel_pc.css
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
Hash 6f41d43cacdfd7a5f0590c3f16201e6b
ae527e1ad4698f7a536506ef720f22897ae7ccd8
5696b479f6cec8c366e28d6f1a5d0f981f80ad6eaaa8b9a811bae8f5264b3376
Analyzer Verdict Alert quad9 Sinkholed
GET /css/carousel_pc.css HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 13:27:09 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 15 Nov 2022 17:06:28 GMT
ETag: W/"136d-1847c41a620-gzip"
Content-Type: text/css; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1317
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
141.136.35.50/css/incentives.css
141.136.35.50200 OK 946 B URL HTTP/1.1 141.136.35.50/css/incentives.css
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type ASCII text, with CRLF line terminators
Hash 905abeb9e4e70b3560d81a9cb6a5b76c
c18298e78ce16fc29ef1a08b2e2301dbd609f756
97d843f6ccb70d0a8bc0865eb2895609a5b7d425637ba073e32c75a950a871b7
Analyzer Verdict Alert quad9 Sinkholed
GET /css/incentives.css HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 13:27:09 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Fri, 28 Oct 2022 12:26:50 GMT
ETag: W/"c1e-1841e8f2b10-gzip"
Content-Type: text/css; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 946
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
code.jquery.com/jquery-2.2.4.min.js
69.16.175.42200 OK 30 kB URL HTTP/2 code.jquery.com/jquery-2.2.4.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (32065)
Hash 82885772205f23cd59e25a221521b059
96ed36f45544295f28df1ab251e7e38faceeff0e
8e85465daae15b31a1837a4112cf920c1eeec7a5c189595651b3a53cb9b97215
GET /jquery-2.2.4.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://141.136.35.50/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 17 Dec 2022 13:27:09 GMT
content-encoding: gzip
content-length: 29811
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-14e4a"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-sp-metadata: HS256.CL2j95wGEocBCiRkZjMyNWM0NC02MjUyLTQyMjgtYjAwOC0yNmVkNWQxNzEzMDQQ+OiCoKvU+wIaBgith/ecBiIMOTEuOTAuNDIuMTU0KLDCAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGM3ZDJiNGM0ODRhNDEzZTE5MWRlNmFjZmYyZGIyMDA5GiwIARIkOTIwZjM2YWYtZTFkZS00ZjA0LWE2M2EtYjQ5NjliMDM1M2I3GPPoASIYCAISFGNkczIxNC5zazEuaHdjZG4ubmV0.CTEnBOBCsnSR62xlfY28EKlB/pe1085NvsK4Tq7tAcY=
x-hw: 1671283629.dop216.sk1.t,1671283629.cds249.sk1.hn,1671283629.cds214.sk1.c
X-Firefox-Spdy: h2
141.136.35.50/js/script.js
141.136.35.50200 OK 424 B URL HTTP/1.1 141.136.35.50/js/script.js
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type ASCII text, with CRLF line terminators
Hash 4ff1394a680ad383d00c226e7f78fc24
5f77e48a3d62f015f7fcb7117552c988d50b667f
751826cf4d1a5de2d17d69a68ede36d883e59b4ee9680307002d9bebc3d1f049
Analyzer Verdict Alert quad9 Sinkholed
GET /js/script.js HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 13:27:09 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Mon, 28 Nov 2022 21:12:10 GMT
ETag: W/"49b-184c0154410-gzip"
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 424
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
141.136.35.50/dist/carousel_mob.js
141.136.35.50200 OK 1.6 kB URL HTTP/1.1 141.136.35.50/dist/carousel_mob.js
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type Unicode text, UTF-8 text, with very long lines (359), with CRLF line terminators
Hash ac804209228128b556cfa78bec8524ff
dd9299cd84f695e14e0c0a89388767d8af001692
94e900b0fde43d35047eaed571bb10ab47d13922161ed3b0f57062d37b242e60
Analyzer Verdict Alert quad9 Sinkholed
GET /dist/carousel_mob.js HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 13:27:09 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Fri, 28 Oct 2022 12:26:50 GMT
ETag: W/"16d8-1841e8f2b10-gzip"
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1620
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
141.136.35.50/dist/carousel_pc.js
141.136.35.50200 OK 1.3 kB URL HTTP/1.1 141.136.35.50/dist/carousel_pc.js
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type HTML document, ASCII text, with CRLF line terminators
Hash 5126c8ae1f18f1508e73a1beb61ab402
90082c43374929aa0e1c3b04a9a999079c6bb0a8
5f3847b1cbc5d3e318bb9f82bdff89b286ce8dfdedb71eb4b292aa969c93a9e5
Analyzer Verdict Alert quad9 Sinkholed
GET /dist/carousel_pc.js HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 13:27:09 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Fri, 28 Oct 2022 12:26:50 GMT
ETag: W/"ecf-1841e8f2b10-gzip"
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1256
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
141.136.35.50/dist/incentive.js
141.136.35.50200 OK 688 B URL HTTP/1.1 141.136.35.50/dist/incentive.js
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type ASCII text, with CRLF line terminators
Hash 5555aa2c11ff1a26ee89e9d24f524acc
c8c7e714c814fc0f1701244d7bd7c517c8fa687e
3565f84cddc108269473c388b90a99afb2ec7f400d896e17edd26b893a693066
Analyzer Verdict Alert quad9 Sinkholed
GET /dist/incentive.js HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 13:27:09 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Fri, 28 Oct 2022 12:26:50 GMT
ETag: W/"754-1841e8f2b10-gzip"
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 688
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
141.136.35.50/css/footer.css
141.136.35.50200 OK 820 B URL HTTP/1.1 141.136.35.50/css/footer.css
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type ASCII text, with CRLF line terminators
Hash 45aabe18434a13d9bd857a55aadf16a6
7666a713dbdcca278947b5bdf9e4327982129b4c
1b6f1272877d7cad39ae246cad9497605d3bf32adb9ebd05ceaad76a83c3b2ca
Analyzer Verdict Alert quad9 Sinkholed
GET /css/footer.css HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 13:27:09 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Fri, 28 Oct 2022 12:26:50 GMT
ETag: W/"987-1841e8f2b10-gzip"
Content-Type: text/css; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 820
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
141.136.35.50/css/carousel_mobile.css
141.136.35.50200 OK 1.2 kB URL HTTP/1.1 141.136.35.50/css/carousel_mobile.css
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type ASCII text, with CRLF line terminators
Hash ed51dbb095605ca717b323dfc041aee8
af06f2a7f99f634a9414667e8ecfd2ac3ba0d3c0
e86cd7b7f72d4b0afe7b8e7d26c532d1146c6fcf0187f8cf2496d658e6b64026
Analyzer Verdict Alert quad9 Sinkholed
GET /css/carousel_mobile.css HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 13:27:09 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Fri, 28 Oct 2022 12:26:50 GMT
ETag: W/"17eb-1841e8f2b10-gzip"
Content-Type: text/css; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1242
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
unpkg.com/swiper@7.4.1/swiper-bundle.min.css
104.16.124.175200 OK 4.9 kB URL HTTP/2 unpkg.com/swiper@7.4.1/swiper-bundle.min.css
IP 104.16.124.175:0
File type ASCII text, with very long lines (15306)
Hash c07bfa7a6f4b71e763fb38591e685858
b240355bc2461527d4b9d116037965cbedef0497
3f5a4fd77b6f34f71d4c5f603cfe3dc0d4eaca6706ab9fe110648ed2f2846f69
GET /swiper@7.4.1/swiper-bundle.min.css HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://141.136.35.50/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 17 Dec 2022 13:27:09 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"3ccb-5Koe10fACH1gYqRziowpfORPwas"
via: 1.1 fly.io
fly-request-id: 01GM9C7V3WN61FG7TJ5H4FSRB1-fra
cf-cache-status: HIT
age: 226519
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77affe9ed92ab4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 385bad1390edf4dc694548a3f7b16281
57536fa694ef8306c436a37dbfc2f82af2344120
e6ad8e17f7b82dc9b46e5e99a73b59fa284fa72cf737dada269da9cf856b7736
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 13:27:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
unpkg.com/swiper@7/swiper-bundle.min.js
104.16.124.175302 Found 39 kB URL HTTP/2 unpkg.com/swiper@7/swiper-bundle.min.js
IP 104.16.124.175:0
Hash ccec738f8baf63b44c72d0f1f4461ba6
166d47fea83bcea7507ff784950f98130a7f4d38
5a89aeb87a8fb1b7752c23d62134c9d24df0ee35935fdf9b10fe7ca4f67462d7
GET /swiper@7/swiper-bundle.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://141.136.35.50/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sat, 17 Dec 2022 13:27:09 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /swiper@7.4.1/swiper-bundle.min.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GMG3QTPZRY0YPNTS9NZ3V85H-ams
cf-cache-status: HIT
age: 554
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77affe9dbff7b4eb-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b56a3548738502fa3cc2d975411a7900
e6584e903da8e7e6062fd14d0c927495f6819b83
8b4ed97669a9d9a093cb9b4c92f1676681ea9c279ac47105042fa922bb32057b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 13:27:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b56a3548738502fa3cc2d975411a7900
e6584e903da8e7e6062fd14d0c927495f6819b83
8b4ed97669a9d9a093cb9b4c92f1676681ea9c279ac47105042fa922bb32057b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 13:27:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 385bad1390edf4dc694548a3f7b16281
57536fa694ef8306c436a37dbfc2f82af2344120
e6ad8e17f7b82dc9b46e5e99a73b59fa284fa72cf737dada269da9cf856b7736
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 13:27:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
141.136.35.50/images/megalogotheme.png
141.136.35.50200 OK 26 kB URL HTTP/1.1 141.136.35.50/images/megalogotheme.png
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 9fa699ac0e71fc78e45a3ca389f93912
1a0f162fc437e8c7d51d534bcdb9e2139045ec0f
b4093d76f5e1e71c09642eef8cdf8bdf3a8b24344633fff93f0b4f25d25d3a9d
Analyzer Verdict Alert quad9 Sinkholed
GET /images/megalogotheme.png HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 13:27:10 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Fri, 28 Oct 2022 12:26:50 GMT
ETag: W/"6720-1841e8f2b10"
Content-Type: image/png
Content-Length: 26400
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
141.136.35.50/images/monum-4.jpeg
141.136.35.50200 OK 39 kB URL HTTP/1.1 141.136.35.50/images/monum-4.jpeg
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 711x400, components 3\012- data
Hash e131d8e1b41d885516bbcf120023658c
197aa921b796d54fc0bb284f4341898d290f8418
4387234844bd8d517b3150736d489d8cc0857b5e095c4fcaeaa22293c14ef8e0
Analyzer Verdict Alert quad9 Sinkholed
GET /images/monum-4.jpeg HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 13:27:10 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 15 Nov 2022 18:09:38 GMT
ETag: W/"96b3-1847c7b7ad0"
Content-Type: image/jpeg
Content-Length: 38579
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
141.136.35.50/images/monum2.png
141.136.35.50200 OK 88 kB URL HTTP/1.1 141.136.35.50/images/monum2.png
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type PNG image data, 258 x 196, 8-bit/color RGBA, non-interlaced\012- data
Hash 8ef3772748d0bdef72bf81b5dccfd905
da291760f4d7da69cd48e11988c492e3b779c4f6
5a57707ea9dbd1e3ce536edf162d0928200d61722f45c6607b127452d77803d6
Analyzer Verdict Alert quad9 Sinkholed
GET /images/monum2.png HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 13:27:10 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 29 Nov 2022 23:13:20 GMT
ETag: W/"1561b-184c5aa8e80"
Content-Type: image/png
Content-Length: 87579
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
141.136.35.50/images/monum%201.png
141.136.35.50200 OK 79 kB URL HTTP/1.1 141.136.35.50/images/monum%201.png
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type PNG image data, 254 x 171, 8-bit/color RGBA, non-interlaced\012- data
Hash 49d6f66cb1a1142c5f34e969dd506259
c9031ab0992d4de023d62ec99a30590f48b6c635
5adb17570340c8c29e16b63c8f21d1b012ab1867d798074f9570929d66bd4a9e
Analyzer Verdict Alert quad9 Sinkholed
GET /images/monum%201.png HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 13:27:10 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 29 Nov 2022 23:13:24 GMT
ETag: W/"1359c-184c5aa9e20"
Content-Type: image/png
Content-Length: 79260
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
141.136.35.50/images/monum-2.jpeg
141.136.35.50200 OK 70 kB URL HTTP/1.1 141.136.35.50/images/monum-2.jpeg
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 552x368, components 3\012- data
Hash 7348ee5fde2f1c459714e429b7e2ce2f
c7b202ae9dd9703aeedcdb81203c9693527c28cd
d237182f198eb94468829e2f22f55333533c3aa7f8f0d2c5792e7af88959da1c
Analyzer Verdict Alert quad9 Sinkholed
GET /images/monum-2.jpeg HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 13:27:10 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 15 Nov 2022 18:06:30 GMT
ETag: W/"111fb-1847c789c70"
Content-Type: image/jpeg
Content-Length: 70139
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
141.136.35.50/images/monum-1.jpeg
141.136.35.50200 OK 98 kB URL HTTP/1.1 141.136.35.50/images/monum-1.jpeg
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 683x512, components 3\012- data
Hash 0ff7048a52bdbc7b380fb2190ff298ca
10abe61b5791d34c78da6cc381efea1e3ff8e467
32572cf49f9dbe40c9c2bf0dce4446602e4f5f9ee2b1f939c968c334c82a6565
Analyzer Verdict Alert quad9 Sinkholed
GET /images/monum-1.jpeg HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 13:27:10 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 15 Nov 2022 17:48:06 GMT
ETag: W/"17ee6-1847c67c3f0"
Content-Type: image/jpeg
Content-Length: 98022
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
141.136.35.50/images/img1.jpg
141.136.35.50200 OK 24 kB URL HTTP/1.1 141.136.35.50/images/img1.jpg
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type JPEG image data, baseline, precision 8, 248x186, components 3\012- data
Hash 1559da58863788808b24882234ac42d1
3bb67bcabc9a1364a6944e5aed05f759145ff609
2a191e644b0cf7622647a4f20bf51c7ac04c573591acacdbd89b62f0c2403bdb
Analyzer Verdict Alert quad9 Sinkholed
GET /images/img1.jpg HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 13:27:10 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Fri, 28 Oct 2022 12:26:50 GMT
ETag: W/"5f50-1841e8f2b10"
Content-Type: image/jpeg
Content-Length: 24400
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
141.136.35.50/images/monum-14.jpg
141.136.35.50200 OK 29 kB URL HTTP/1.1 141.136.35.50/images/monum-14.jpg
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 280x180, components 3\012- data
Hash 8b1d60c2b621d7d9b975e32274ffb13e
143c7e00bc56d8da00b09a69c0fa8f6e7d6afb6e
e79aa56b27fc59856ee4dcb05d27f4b3e61337f8c9c06e5fecea262088e034e9
Analyzer Verdict Alert quad9 Sinkholed
GET /images/monum-14.jpg HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 13:27:10 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Fri, 28 Oct 2022 12:26:50 GMT
ETag: W/"7183-1841e8f2b10"
Content-Type: image/jpeg
Content-Length: 29059
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
141.136.35.50/css/images/home-slide-2.jpeg
141.136.35.50404 Not Found 167 B URL HTTP/1.1 141.136.35.50/css/images/home-slide-2.jpeg
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 48bf203198ffd6fd9347e860d0cd1f3d
dfb7e331120fbbae7b54f5f67ec81d900c44033a
edf2c5653f31759a4c40511d692bd76ce8246181b7ea620bfe0980edca0f06b3
Analyzer Verdict Alert quad9 Sinkholed
GET /css/images/home-slide-2.jpeg HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/css/style.css
HTTP/1.1 404 Not Found
Date: Sat, 17 Dec 2022 13:27:10 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Content-Security-Policy: default-src 'none'
X-Content-Type-Options: nosniff
Content-Type: text/html; charset=utf-8
Content-Length: 167
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
141.136.35.50/images/monum-3.jpeg
141.136.35.50200 OK 102 kB URL HTTP/1.1 141.136.35.50/images/monum-3.jpeg
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1200x900, components 3\012- data
Size 102 kB (101632 bytes)
Hash 0e845db0a1158ee5c7e09894039ce933
7df98b1fe7c02164b5f2b17acff947064fce4f50
2ea3e47cdd7ed668c5b36027f00c1b096730acb72e029612bc6701d0cbec7c2e
Analyzer Verdict Alert quad9 Sinkholed
GET /images/monum-3.jpeg HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 13:27:10 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 15 Nov 2022 18:10:12 GMT
ETag: W/"18d00-1847c7bffa0"
Content-Type: image/jpeg
Content-Length: 101632
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
fonts.googleapis.com/css2?family=Cookie&family=Oleo+Script+Swash+Caps&display=swap
142.250.74.106200 OK 100 kB URL HTTP/2 fonts.googleapis.com/css2?family=Cookie&family=Oleo+Script+Swash+Caps&display=swap
IP 142.250.74.106:0
Hash 394ec3e82705725e824d896a662f338c
7c4054e7fe9396a0688384d558cca3e1e8d991d9
96aa10765278f2e60392f2bb073d97683aec44d4007fe1f7eedd0cf7ab06f617
GET /css2?family=Cookie&family=Oleo+Script+Swash+Caps&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://141.136.35.50/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 17 Dec 2022 13:27:09 GMT
date: Sat, 17 Dec 2022 13:27:09 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/34f9b71c/www-player.css
142.250.74.174200 OK 50 kB URL HTTP/2 www.youtube.com/s/player/34f9b71c/www-player.css
IP 142.250.74.174:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 12c224a05a50ec216eb026a7ddd40dfa
5e7c6908c414efae1db8803dc3e0e768f4583b67
e9a2f274c08edbcc81e33d35dc28013c9c17672b6af0249b3dd3d21048963777
GET /s/player/34f9b71c/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/7NoZcnkLOMc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49901
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Dec 2022 20:47:21 GMT
expires: Fri, 15 Dec 2023 20:47:21 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 15 Dec 2022 01:14:57 GMT
content-type: text/css
age: 146389
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
141.136.35.50/images/main_building.jpeg
141.136.35.50200 OK 94 kB URL HTTP/1.1 141.136.35.50/images/main_building.jpeg
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 880x960, components 3\012- data
Hash 733e959ec5da2ff68b4a54a6580618d5
b650fcc4d578a8c9ddecc3869e1a919e5e54ba81
52952e5aac31371a6783fef5c986358be3d893490aa62a82af88a19b9d682fc4
Analyzer Verdict Alert quad9 Sinkholed
GET /images/main_building.jpeg HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/css/carousel_pc.css
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 13:27:10 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 15 Nov 2022 18:03:36 GMT
ETag: W/"16fc6-1847c75f4c0"
Content-Type: image/jpeg
Content-Length: 94150
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
www.youtube.com/s/player/34f9b71c/www-embed-player.vflset/www-embed-player.js
142.250.74.174200 OK 100 kB URL HTTP/2 www.youtube.com/s/player/34f9b71c/www-embed-player.vflset/www-embed-player.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (679)
Size 100 kB (100066 bytes)
Hash 71f27629899b17a15867576a3470929c
253f8b1c178d24bc0933d36a2451b520acc1f05f
bde45b222aa960dc72ccd7055d48de7fb1b5892a0e6ef3d4305458acc53be954
GET /s/player/34f9b71c/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/7NoZcnkLOMc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 100066
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Dec 2022 19:34:35 GMT
expires: Fri, 15 Dec 2023 19:34:35 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 15 Dec 2022 01:14:57 GMT
content-type: text/javascript
age: 150755
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
141.136.35.50/images/monum-9.jpeg
141.136.35.50200 OK 87 kB URL HTTP/1.1 141.136.35.50/images/monum-9.jpeg
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 683x512, components 3\012- data
Hash 9952e9824d4215cf3cb1c61fdf76c049
28a4fd60c1965f77d54d15fbe043fada102cf5d1
2d5fe6c73b03d8ae1ca8fa39b569ae242f06b81b4e6ce96756ff60057f95a254
Analyzer Verdict Alert quad9 Sinkholed
GET /images/monum-9.jpeg HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 13:27:10 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 26 Oct 2022 18:37:26 GMT
ETag: W/"15334-1841595be70"
Content-Type: image/jpeg
Content-Length: 86836
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
www.youtube.com/s/player/34f9b71c/fetch-polyfill.vflset/fetch-polyfill.js
142.250.74.174200 OK 2.8 kB URL HTTP/2 www.youtube.com/s/player/34f9b71c/fetch-polyfill.vflset/fetch-polyfill.js
IP 142.250.74.174:0
File type Algol 68 source text\012- Pascal source, ASCII text, with very long lines (555)
Hash 80fe2d229007996c8397073b00755dc7
121f82c77bcf2a297a1085e3b092415c463fcafe
033dfa8941482c82d4f1aaa4a9172fb379b9e46a02d5b36297c5476bbbfdea2c
GET /s/player/34f9b71c/fetch-polyfill.vflset/fetch-polyfill.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/7NoZcnkLOMc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 2786
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Dec 2022 19:34:37 GMT
expires: Fri, 15 Dec 2023 19:34:37 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 15 Dec 2022 01:14:57 GMT
content-type: text/javascript
age: 150753
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash adcdbcc032f763fb6df3452d06cec25f
92a7bf8209930989013619971c6abf39b5c639d4
25ac98be2316dd7238a2ef038b27642270be777b7425bbfcdb1ca09f8bedcb5f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 13:27:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash adcdbcc032f763fb6df3452d06cec25f
92a7bf8209930989013619971c6abf39b5c639d4
25ac98be2316dd7238a2ef038b27642270be777b7425bbfcdb1ca09f8bedcb5f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 13:27:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
141.136.35.50/images/monum-11.jpg
141.136.35.50200 OK 496 kB URL HTTP/1.1 141.136.35.50/images/monum-11.jpg
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 4470x7130, components 3\012- data
Size 496 kB (496350 bytes)
Hash 2bf90604551a2f4744e48674452144b7
c2aef1a740807ac1ad0bb3d4b29741a3d70a7ad9
52924eb15211730909edc2e1606411159b5be36567f6548a4e69f79113aa1838
Analyzer Verdict Alert quad9 Sinkholed
GET /images/monum-11.jpg HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 13:27:10 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 15 Nov 2022 17:50:52 GMT
ETag: W/"792de-1847c6a4c60"
Content-Type: image/jpeg
Content-Length: 496350
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash adcdbcc032f763fb6df3452d06cec25f
92a7bf8209930989013619971c6abf39b5c639d4
25ac98be2316dd7238a2ef038b27642270be777b7425bbfcdb1ca09f8bedcb5f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 13:27:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash adcdbcc032f763fb6df3452d06cec25f
92a7bf8209930989013619971c6abf39b5c639d4
25ac98be2316dd7238a2ef038b27642270be777b7425bbfcdb1ca09f8bedcb5f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 13:27:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash adcdbcc032f763fb6df3452d06cec25f
92a7bf8209930989013619971c6abf39b5c639d4
25ac98be2316dd7238a2ef038b27642270be777b7425bbfcdb1ca09f8bedcb5f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 13:27:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
216.58.207.227200 OK 7.7 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Hash a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://141.136.35.50
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Dec 2022 19:28:50 GMT
expires: Thu, 14 Dec 2023 19:28:50 GMT
cache-control: public, max-age=31536000
age: 237500
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/webfonts/fa-solid-900.woff2
104.17.24.14200 OK 150 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/webfonts/fa-solid-900.woff2
IP 104.17.24.14:0
File type Web Open Font Format (Version 2), TrueType, length 150472, version 770.256\012- data
Size 150 kB (150472 bytes)
Hash 3e50e269ee627bb2279f91d18c085167
a7fca574d24e9ffa5ee0e0589ffe17277ae4ec27
d27bc752105c079f8a516e9142406a9fc12cbb409f9bf8681f2ddfe0360b52a6
GET /ajax/libs/font-awesome/6.2.0/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://141.136.35.50
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 17 Dec 2022 13:27:10 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 150472
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "630e6e62-24bc8"
last-modified: Tue, 30 Aug 2022 20:09:06 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1367962
expires: Thu, 07 Dec 2023 13:27:10 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Fg9HWc7abfk0nvWn5tfT4fnJjkVS83bDBr7rmp%2BxGS%2BRQo8RRNqrEvNKLaqwhrxLgvjDxpr8x61Hqq%2BSNHk5tSXKP7B5DZnVr46CvPbxu%2BIdpPlS4NFRYO%2FNjHhC%2BShlU%2B7AwLi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77affea1ad541c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/oleoscriptswashcaps/v13/Noaj6Vb-w5SFbTTAsZP_7JkCS08K-jCzDn_HAX2kSA.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/oleoscriptswashcaps/v13/Noaj6Vb-w5SFbTTAsZP_7JkCS08K-jCzDn_HAX2kSA.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 14884, version 1.0\012- data
Hash 9dfaf68c0bfb63244091fe04ae924004
93080052cfa56b03dcfd2fcbe1ea4a741fc53c92
6b018583b0a540d476829c40b703ff77df0d215a6420791a4909fcdc053f75b3
GET /s/oleoscriptswashcaps/v13/Noaj6Vb-w5SFbTTAsZP_7JkCS08K-jCzDn_HAX2kSA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://141.136.35.50
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Dec 2022 16:38:56 GMT
expires: Wed, 13 Dec 2023 16:38:56 GMT
cache-control: public, max-age=31536000
age: 334094
last-modified: Mon, 09 May 2022 18:45:10 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
216.58.207.227200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7840, version 1.0\012- data
Hash 8d91ec1ca2d8b56640a47117e313a3e9
a9e9bafe64666f4595051a0e895b47a5fa39e67e
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
GET /s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://141.136.35.50
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Dec 2022 20:09:28 GMT
expires: Thu, 14 Dec 2023 20:09:28 GMT
cache-control: public, max-age=31536000
age: 235062
last-modified: Wed, 27 Apr 2022 16:51:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/cookie/v17/syky-y18lb0tSbf9kgqS.woff2
216.58.207.227200 OK 14 kB URL HTTP/2 fonts.gstatic.com/s/cookie/v17/syky-y18lb0tSbf9kgqS.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 14456, version 1.0\012- data
Hash 7a93cfe157bf03fdac08d381c241b458
6c502bd8dd6045e41c80b6de80341760a83130a3
4e8b3c170321fd6a38ad24b7df1aebf59b19d9f07fada7beef10f7e5664b13f9
GET /s/cookie/v17/syky-y18lb0tSbf9kgqS.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://141.136.35.50
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14456
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Dec 2022 13:33:31 GMT
expires: Sat, 16 Dec 2023 13:33:31 GMT
cache-control: public, max-age=31536000
age: 86019
last-modified: Thu, 21 Apr 2022 16:46:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b56a3548738502fa3cc2d975411a7900
e6584e903da8e7e6062fd14d0c927495f6819b83
8b4ed97669a9d9a093cb9b4c92f1676681ea9c279ac47105042fa922bb32057b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 13:27:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
216.58.207.227200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://141.136.35.50
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Dec 2022 13:33:11 GMT
expires: Sat, 16 Dec 2023 13:33:11 GMT
cache-control: public, max-age=31536000
age: 86039
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
141.136.35.50/images/incentives-6.png
141.136.35.50200 OK 55 kB URL HTTP/1.1 141.136.35.50/images/incentives-6.png
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type PNG image data, 240 x 380, 8-bit colormap, non-interlaced\012- data
Hash 82564d35d8d87fb22a765861b5ed0b5b
7ebc97abffda94d210d2b7722232132e6253fb45
7bbbacd850f5c349cfa81c8f1b9876632300714666378bfa344de0fb6552bffe
Analyzer Verdict Alert quad9 Sinkholed
GET /images/incentives-6.png HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 13:27:10 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 15 Nov 2022 18:03:08 GMT
ETag: W/"d6ae-1847c758760"
Content-Type: image/png
Content-Length: 54958
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
141.136.35.50/images/incentives-4.png
141.136.35.50200 OK 44 kB URL HTTP/1.1 141.136.35.50/images/incentives-4.png
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type PNG image data, 240 x 355, 8-bit colormap, non-interlaced\012- data
Hash c131f3874ec69ea91997639b10e46790
941ea5d110f1828b61aab1c866428b6993d573b2
600e9a995a6a67b653141f38e9414814b900a2c212534d83d78ce1aeea84ede4
Analyzer Verdict Alert quad9 Sinkholed
GET /images/incentives-4.png HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 13:27:10 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 15 Nov 2022 18:01:38 GMT
ETag: W/"ab38-1847c7427d0"
Content-Type: image/png
Content-Length: 43832
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
216.58.207.227200 OK 8.0 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Hash 72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://141.136.35.50
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Dec 2022 13:33:11 GMT
expires: Sat, 16 Dec 2023 13:33:11 GMT
cache-control: public, max-age=31536000
age: 86039
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
141.136.35.50/images/incentives-2.png
141.136.35.50200 OK 35 kB URL HTTP/1.1 141.136.35.50/images/incentives-2.png
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type PNG image data, 240 x 320, 8-bit colormap, non-interlaced\012- data
Hash 9f5d573de8c57314827ca3fbb7564374
3e4407e36ed76f799683aca1a6b7f2155568af2f
6feef422af34e5ea932193af055f10a0ab6f81637e32e6f4d3e01ec78fdcbc5e
Analyzer Verdict Alert quad9 Sinkholed
GET /images/incentives-2.png HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 13:27:10 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 15 Nov 2022 17:59:20 GMT
ETag: W/"874a-1847c720cc0"
Content-Type: image/png
Content-Length: 34634
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
141.136.35.50/images/incentives-1.png
141.136.35.50200 OK 32 kB URL HTTP/1.1 141.136.35.50/images/incentives-1.png
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type PNG image data, 240 x 320, 8-bit colormap, non-interlaced\012- data
Hash a47842845ef2f17814c4536819953052
b18a5be8a0721c684c947e89d2b3ee563eddfc24
43b5a7e806f5fa6e780a0f34c9d6a7cc96b32ddd17bcd6427c6a8f963716af82
Analyzer Verdict Alert quad9 Sinkholed
GET /images/incentives-1.png HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 13:27:10 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 15 Nov 2022 17:58:30 GMT
ETag: W/"7eba-1847c714970"
Content-Type: image/png
Content-Length: 32442
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
141.136.35.50/images/incentives-3.png
141.136.35.50200 OK 44 kB URL HTTP/1.1 141.136.35.50/images/incentives-3.png
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type PNG image data, 242 x 320, 8-bit colormap, non-interlaced\012- data
Hash 54d43dc9cd616601ab0517eaebc17a33
dcc8a4bf16768fa3f7d9d3c01ee41011446c012b
b57dcddefde471d8509b36ec813990fe36d226b7e838d190abb27c7904f0119f
Analyzer Verdict Alert quad9 Sinkholed
GET /images/incentives-3.png HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 13:27:10 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 15 Nov 2022 17:59:46 GMT
ETag: W/"aaaf-1847c727250"
Content-Type: image/png
Content-Length: 43695
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 17 Dec 2022 13:08:00 GMT
age: 1150
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash adcdbcc032f763fb6df3452d06cec25f
92a7bf8209930989013619971c6abf39b5c639d4
25ac98be2316dd7238a2ef038b27642270be777b7425bbfcdb1ca09f8bedcb5f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 13:27:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
141.136.35.50/images/incentives-5.png
141.136.35.50200 OK 32 kB URL HTTP/1.1 141.136.35.50/images/incentives-5.png
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type PNG image data, 262 x 320, 8-bit colormap, non-interlaced\012- data
Hash 7e296e4bc7916074178f6789607c7a79
98e44b718123677dd18eb4397233fcdba6fa67db
2a38bf5880569c63e02d5b03f520f6dee662c2808e593e284446e66a6a75e2d6
Analyzer Verdict Alert quad9 Sinkholed
GET /images/incentives-5.png HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 13:27:10 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 15 Nov 2022 18:02:44 GMT
ETag: W/"7c00-1847c7529a0"
Content-Type: image/png
Content-Length: 31744
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2d1752cd6eb7f48e7494373911a5b996
43d9c23c4d03cccce0fc478f0e12c0874dc762fd
aded7fd1d638c001b0b462fdfeee0549d2ed61b51ced88eb83690e2e20ed36d8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3266
Cache-Control: max-age=160447
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 13:27:10 GMT
Etag: "639d86ab-1d7"
Expires: Mon, 19 Dec 2022 10:01:17 GMT
Last-Modified: Sat, 17 Dec 2022 09:06:51 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.82.246.186101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.82.246.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: riP1Q4/RKMMsbF4PiyfPdQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ruTqvT9iLq9OrCc3f++NDpfHO/w=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a9d455468a5e3f8b30c654fb21626252
b5b65eb57411f9bf660e455ee317abd6350d9aa2
c05be3db932af572f5b89e2da586008fd98f18f58b4c0977e5d2ad5c40f1dd79
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 13:27:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c7752844f399cd1f7dfb1ca6131bd407
d63b2b783ce290d2e032da1f60999584ab171579
2079c3ea0b15311a93e9bb07c107f209637e040327fd80a15cd17989acb83b81
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 13:27:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.134200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.134:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 17 Dec 2022 13:21:04 GMT
expires: Sat, 17 Dec 2022 13:36:04 GMT
cache-control: public, max-age=900
age: 366
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
216.58.207.194302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 216.58.207.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Sat, 17 Dec 2022 13:27:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
216.58.207.194302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 216.58.207.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Sat, 17 Dec 2022 13:27:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a9d455468a5e3f8b30c654fb21626252
b5b65eb57411f9bf660e455ee317abd6350d9aa2
c05be3db932af572f5b89e2da586008fd98f18f58b4c0977e5d2ad5c40f1dd79
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 13:27:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c7752844f399cd1f7dfb1ca6131bd407
d63b2b783ce290d2e032da1f60999584ab171579
2079c3ea0b15311a93e9bb07c107f209637e040327fd80a15cd17989acb83b81
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 13:27:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.106200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sat, 17 Dec 2022 13:27:11 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.106200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.106:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 9b1385402aa5235c31f12bc4d78c0d1a
fcc658317bfb8f13fd4ff1a5b30bf24ecd5f10dd
f9dcccbb42b3569e05682e499d86f3221d8e2ecd54d9fbc54174bb621507831b
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 17 Dec 2022 13:27:11 GMT
server: ESF
cache-control: private
content-length: 30963
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.106200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.106:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 193d4cc97158955d61712f1fabeb333d
d334b15afd924e3f3d7d9a4498ad40a6c785608e
dad3e08ec6f940cc852da0d207a394225b47e2d0b641e8916f96735e989aa3c9
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 17 Dec 2022 13:27:11 GMT
server: ESF
cache-control: private
content-length: 30975
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.106200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sat, 17 Dec 2022 13:27:11 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.106200 OK 109 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.106:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ae3333be3dcc269779b951d1795a8d79
dbb3bc549cf497dda5317663fe4ba37283a5b85b
be85751918decb529fa859ea321027bb4974d2f1b04df20cfa616c83c310b0ca
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1343
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 17 Dec 2022 13:27:11 GMT
server: ESF
cache-control: private
content-length: 109
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.106200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.106:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 94e41b46f316ff95e26f594cdd18f2cf
5371b9e08987dbf95181404579c7e5964bd40c44
7c854f294afea5b6b50921224f6a7796221a253b9cde9ef4abb7fab3e5c2d1fd
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1351
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 17 Dec 2022 13:27:11 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.106200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.106:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 33606022f0dfd655c47f94907d61a23c
a340f4af605f0ee7192e2aa1f708087a0faa0df0
3f804c796ab019900600900a263953dcbec8775437d1fbb056ce8d500057cea6
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 17 Dec 2022 13:27:11 GMT
server: ESF
cache-control: private
content-length: 30889
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.106200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.106:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f37f67d806b00cbf23b1230c9124b1a6
76241039614bd4446ffe75fe66b254a2fc764923
fbb1ac766a24ef1fa000c1daf1b4161430bf7b7db513ccbd00949977ce0688b3
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1343
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 17 Dec 2022 13:27:11 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0e5a8cf5962c05bf28a3b45f5c8745e2
9c5d7e8aeab26f9fd2e753ab4dc65d6fa8ea955f
f614642045fcd0ee373ed6cabe67514f4bb54c7fb4f1181b52eaec12d7e0479e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F614642045FCD0EE373ED6CABE67514F4BB54C7FB4F1181B52EAEC12D7E0479E"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9637
Expires: Sat, 17 Dec 2022 16:07:48 GMT
Date: Sat, 17 Dec 2022 13:27:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0e5a8cf5962c05bf28a3b45f5c8745e2
9c5d7e8aeab26f9fd2e753ab4dc65d6fa8ea955f
f614642045fcd0ee373ed6cabe67514f4bb54c7fb4f1181b52eaec12d7e0479e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F614642045FCD0EE373ED6CABE67514F4BB54C7FB4F1181B52EAEC12D7E0479E"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9637
Expires: Sat, 17 Dec 2022 16:07:48 GMT
Date: Sat, 17 Dec 2022 13:27:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0e5a8cf5962c05bf28a3b45f5c8745e2
9c5d7e8aeab26f9fd2e753ab4dc65d6fa8ea955f
f614642045fcd0ee373ed6cabe67514f4bb54c7fb4f1181b52eaec12d7e0479e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F614642045FCD0EE373ED6CABE67514F4BB54C7FB4F1181B52EAEC12D7E0479E"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9637
Expires: Sat, 17 Dec 2022 16:07:48 GMT
Date: Sat, 17 Dec 2022 13:27:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0e5a8cf5962c05bf28a3b45f5c8745e2
9c5d7e8aeab26f9fd2e753ab4dc65d6fa8ea955f
f614642045fcd0ee373ed6cabe67514f4bb54c7fb4f1181b52eaec12d7e0479e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F614642045FCD0EE373ED6CABE67514F4BB54C7FB4F1181B52EAEC12D7E0479E"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9637
Expires: Sat, 17 Dec 2022 16:07:48 GMT
Date: Sat, 17 Dec 2022 13:27:11 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F65c9cdbb-21b2-465b-8f75-329260ada5cc.webp
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F65c9cdbb-21b2-465b-8f75-329260ada5cc.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 86be9c16e4a62785e7f3a0cc8a956143
6cac191c918ff47d3e66e327e8c8a9c0fec9a88b
81dfec15eb1dc19acae5071663b9deaa9fa11f00378e36871c5b31a548a0626b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F65c9cdbb-21b2-465b-8f75-329260ada5cc.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8002
x-amzn-requestid: bcaeff23-947f-441a-8aea-1e0d54f2cc3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dQjD7GjdoAMFVIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ce54c-5fb0d9d76945c4f63d210806;Sampled=0
x-amzn-remapped-date: Fri, 16 Dec 2022 21:38:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lTaL4VGiiP30sAgykA1UmFV6qxCbS_3Aa5mXbKTwkG6deggokEkZFw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 22:01:03 GMT
age: 55568
etag: "6cac191c918ff47d3e66e327e8c8a9c0fec9a88b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff51ac90a-c2c5-496b-b25c-c63f50725d46.jpeg
34.120.237.76200 OK 3.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff51ac90a-c2c5-496b-b25c-c63f50725d46.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f07a84becb488cb02572fe128497847b
980c7c7808e8df6ba78b8f2567640b7d8f8e05a1
586d4afd9c889128c22ba61144df743d70a65b7b75b07a96f2cda821db1503af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff51ac90a-c2c5-496b-b25c-c63f50725d46.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3694
x-amzn-requestid: 49e877d8-c2cd-4497-8658-385caa25a6ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dQjEbHJNIAMF8Mw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ce54f-0c9c4b5d18502bdd5b3c9be9;Sampled=0
x-amzn-remapped-date: Fri, 16 Dec 2022 21:38:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: P_b17hLfntWIkfYHVfgiAvNgG0iZKOqFGLn8Tm56gD8E4NY9ftPYiQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 21:40:19 GMT
age: 56812
etag: "980c7c7808e8df6ba78b8f2567640b7d8f8e05a1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ae934ee-7c6e-4784-90fd-ef6c864097ef.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ae934ee-7c6e-4784-90fd-ef6c864097ef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1c3454ef9b4c0d31eecf53e44471cecb
f1182e860380b637388fa7f90c36e0a8c9edd657
c474493452d48121f0050efdd197231909d3c9de0fccbe07bf5706162b848624
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ae934ee-7c6e-4784-90fd-ef6c864097ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7048
x-amzn-requestid: d2665a61-0c5f-429e-bd9c-f4c6aec4fe14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dQjEvH6VIAMFd2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ce551-65d1775b5f07d8bf10beae48;Sampled=0
x-amzn-remapped-date: Fri, 16 Dec 2022 21:38:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OJNyzGWhcttjEcjKD669XnGbW8WYV_WzKlei6kkoRjgFR2jAhMRBwQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 21:49:11 GMT
age: 56280
etag: "f1182e860380b637388fa7f90c36e0a8c9edd657"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F716d5374-26a4-47e3-9c6a-62120a177040.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F716d5374-26a4-47e3-9c6a-62120a177040.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2fae5a52ce167de2a060dc814a744e98
4b108a79a4ad796a34f4b2b8950df907137680e3
61e1fe4a8c074a031e0628ca393449e42d70dcf3411481936c26c1fad7a5451b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F716d5374-26a4-47e3-9c6a-62120a177040.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9837
x-amzn-requestid: 7c104466-a4d8-4e03-94e6-79a18bd3bf54
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dQjWiEMlIAMFaaQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ce5c3-4b0e776f4f0edd533795a6ee;Sampled=0
x-amzn-remapped-date: Fri, 16 Dec 2022 21:40:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XlYdfi_9fWjFtw83t9kvwNEzkpJSpsCtlZS3RLmUkk6FZqzVDvaIOg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 22:00:56 GMT
age: 55575
etag: "4b108a79a4ad796a34f4b2b8950df907137680e3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a0c4858-28d1-47b1-bfba-b4500f28eeae.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a0c4858-28d1-47b1-bfba-b4500f28eeae.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4fdbd1e175352e7ec7dc2a25f04a5a9d
954bdd8d6b2f3d0ec086631ecf1bbd76c6507fe2
bdba0c3d4509764e87db688c1b8086c309f4a2cbe95d1f2130ce01d184f2fa17
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a0c4858-28d1-47b1-bfba-b4500f28eeae.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9741
x-amzn-requestid: 5d9871d6-1512-4ffa-8b85-3c4c7595b723
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dEj3XGsxoAMFxIQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639819c8-7a65df352cc4e71e5aa518f8;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 06:20:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _2xwG3Jz7sG9b8-JqXhu2knuIO_AyHIjOQ2luKB9Tk9NZnFNv8b8iQ==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 22:01:03 GMT
age: 55568
etag: "954bdd8d6b2f3d0ec086631ecf1bbd76c6507fe2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F340d7003-71e4-4f8e-a457-d067d05e0525.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F340d7003-71e4-4f8e-a457-d067d05e0525.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dce7a87ac0852f838007018af2e83cb5
379f7844a18284958ec0250cc45f2c91ac1ddfcf
31a5191700b9d5c2e471c0e6db15d43f1804b61c6a0867340e8001c32a0dabb5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F340d7003-71e4-4f8e-a457-d067d05e0525.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11667
x-amzn-requestid: f8f1832c-4269-4c4b-83c0-4c2d8c2fdd8f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dQjC7GLSIAMFd4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ce545-4c54f9704a32da245a90ab0d;Sampled=0
x-amzn-remapped-date: Fri, 16 Dec 2022 21:38:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: CrmrekFQeOTjAkIBgbGSNGN66ysdrtGK1uuzJV-b6nB1WFrOrtf1OA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 21:40:19 GMT
age: 56812
etag: "379f7844a18284958ec0250cc45f2c91ac1ddfcf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.youtube.com/embed/7NoZcnkLOMc
142.250.74.174200 OK 0 B URL HTTP/2 www.youtube.com/embed/7NoZcnkLOMc
IP 142.250.74.174:0
GET /embed/7NoZcnkLOMc HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://141.136.35.50/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 17 Dec 2022 13:27:10 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=wUDvlZYSDlQ; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=bswFG_s6-E0; Domain=.youtube.com; Expires=Thu, 15-Jun-2023 13:27:10 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+789; expires=Mon, 16-Dec-2024 13:27:10 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
unpkg.com/swiper@7/swiper-bundle.min.css
104.16.124.175302 Found 0 B URL HTTP/2 unpkg.com/swiper@7/swiper-bundle.min.css
IP 104.16.124.175:0
GET /swiper@7/swiper-bundle.min.css HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://141.136.35.50/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 17 Dec 2022 13:27:09 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /swiper@7.4.1/swiper-bundle.min.css
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GMG41DW19DYZDB0ZPA37VWB3-ams
cf-cache-status: HIT
age: 239
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77affe9dbff5b4eb-OSL
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Poppins:wght@100;200;300;400;500;600&display=swap
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Poppins:wght@100;200;300;400;500;600&display=swap
IP 142.250.74.106:0
GET /css2?family=Poppins:wght@100;200;300;400;500;600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://141.136.35.50/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 17 Dec 2022 13:27:09 GMT
date: Sat, 17 Dec 2022 13:27:09 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Audiowide&display=swap
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Audiowide&display=swap
IP 142.250.74.106:0
GET /css2?family=Audiowide&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://141.136.35.50/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 17 Dec 2022 13:27:09 GMT
date: Sat, 17 Dec 2022 13:27:09 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
141.136.35.50/images/headerbg.gif
141.136.35.50200 OK 0 B URL HTTP/1.1 141.136.35.50/images/headerbg.gif
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
Analyzer Verdict Alert quad9 Sinkholed
GET /images/headerbg.gif HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 13:27:10 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Mon, 28 Nov 2022 20:10:44 GMT
ETag: W/"227dc9-184bfdd05a0"
Content-Type: image/gif
Content-Length: 2260425
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/webfonts/fa-brands-400.woff2
104.17.24.14200 OK 0 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/webfonts/fa-brands-400.woff2
IP 104.17.24.14:0
GET /ajax/libs/font-awesome/6.2.0/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://141.136.35.50
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 17 Dec 2022 13:27:10 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 107460
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "630e6e62-1a3c4"
last-modified: Tue, 30 Aug 2022 20:09:06 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2660950
expires: Thu, 07 Dec 2023 13:27:10 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i2sIixDIg9%2FN4evDWljRa%2BKmiPDDGfkh3OHZg1gZm54KVLpYclimkWa4zWiyl9d%2FQdAk57dLwc35c7ZeushPyac%2B2P38aoBUgZwVhYYDHhmXn5HKP39IMMtTpi%2FThK3xhEPlqZTO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77affea1ad571c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
unpkg.com/swiper@7/swiper-bundle.min.js
104.16.124.175302 Found 0 B URL HTTP/2 unpkg.com/swiper@7/swiper-bundle.min.js
IP 104.16.124.175:0
GET /swiper@7/swiper-bundle.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://141.136.35.50/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sat, 17 Dec 2022 13:27:10 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /swiper@7.4.1/swiper-bundle.min.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GMG3QTPZRY0YPNTS9NZ3V85H-ams
cf-cache-status: HIT
age: 555
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77affea04a88b4eb-OSL
X-Firefox-Spdy: h2
www.youtube.com/embed/7NoZcnkLOMc
142.250.74.174200 OK 0 B URL HTTP/2 www.youtube.com/embed/7NoZcnkLOMc
IP 142.250.74.174:0
GET /embed/7NoZcnkLOMc HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://141.136.35.50/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 17 Dec 2022 13:27:10 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=kD8GbFSJwOA; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=KSgh6M0ymvM; Domain=.youtube.com; Expires=Thu, 15-Jun-2023 13:27:10 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+134; expires=Mon, 16-Dec-2024 13:27:10 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/34f9b71c/player_ias.vflset/en_US/base.js
142.250.74.174200 OK 0 B URL HTTP/2 www.youtube.com/s/player/34f9b71c/player_ias.vflset/en_US/base.js
IP 142.250.74.174:0
GET /s/player/34f9b71c/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/7NoZcnkLOMc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 599622
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Dec 2022 19:35:13 GMT
expires: Fri, 15 Dec 2023 19:35:13 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 15 Dec 2022 01:14:57 GMT
content-type: text/javascript
age: 150717
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2