cc.chitubox.com/login?callback=https://sac.chitubox.com/software/download.do?softwareId=17839&softwareVersionId=v1.9.4&fileName=CHITUBOX64Install_V1.9.4.exe
47.246.44.209301 Moved Permanently 262 B URL HTTP/1.1 cc.chitubox.com/login?callback=https://sac.chitubox.com/software/download.do?softwareId=17839&softwareVersionId=v1.9.4&fileName=CHITUBOX64Install_V1.9.4.exe
IP 47.246.44.209:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 72fa0fca20c82853e6dbbc1f13c78100
4e9b01e3ad0b56c9409bb02e5700430792fecacd
4555de589ff9b307e20c708d6f112bc47bb377df29ff0a5914f8fb0932926887
Analyzer Verdict Alert quad9 Sinkholed
GET /login?callback=https://sac.chitubox.com/software/download.do?softwareId=17839&softwareVersionId=v1.9.4&fileName=CHITUBOX64Install_V1.9.4.exe HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Sun, 04 Dec 2022 03:00:15 GMT
Content-Type: text/html
Content-Length: 262
Connection: keep-alive
Location: https://cc.chitubox.com/login?callback=https://sac.chitubox.com/software/download.do?softwareId=17839&softwareVersionId=v1.9.4&fileName=CHITUBOX64Install_V1.9.4.exe
Via: cache8.se1[,0]
Timing-Allow-Origin: *
EagleId: 2ff62c9c16701228150968210e
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8099
Expires: Sun, 04 Dec 2022 05:15:14 GMT
Date: Sun, 04 Dec 2022 03:00:15 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 67e9370f1bf3e4946a01f346eeae8966
aaab391d1134302d718de7a0d5edbedf884633e6
27a8654fb14db88d4b2bb3b45c1b197fc498cd94143d4a68687742fa48a41358
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4091
Cache-Control: max-age=117548
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 03:00:15 GMT
Etag: "638b2570-1d7"
Expires: Mon, 05 Dec 2022 11:39:23 GMT
Last-Modified: Sat, 03 Dec 2022 10:31:12 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7693
Expires: Sun, 04 Dec 2022 05:08:28 GMT
Date: Sun, 04 Dec 2022 03:00:15 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 02:20:02 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2413
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: kumnunDAFQhf46uRxE8glvpG6yCcymhKsohgt98fHxgWyENuzlXTDyv0BYS2tA06ninwvznwk5c=
x-amz-request-id: YPR4FARR0RVYJP3Y
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 02:46:48 GMT
age: 807
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 142545664fea0a43ce1a1ba8ae855fad
734946e19b1007ced374861e7bbecc1cc4aa63b3
7a35aff0e6a7b4c3061b118f91dac5ccbcdb1cb40cb4d59790ef4c4f3f9c087a
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1692
Cache-Control: max-age=165513
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 03:00:15 GMT
Etag: "638bea2c-1d7"
Expires: Tue, 06 Dec 2022 00:58:48 GMT
Last-Modified: Sun, 04 Dec 2022 00:30:36 GMT
Server: ECS (amb/6B72)
X-Cache: HIT
Content-Length: 471
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 03:00:15 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 04 Dec 2022 02:11:19 GMT
cache-control: public,max-age=3600
age: 2936
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a151c326c67e1abb747847c1427db76f
80885d30ef8ba867bf33c40b861976958a27493a
de2b573ee1c8af980e593352e0c331b2595f62bd4499300ace30821d20814760
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4085
Cache-Control: max-age=112481
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 03:00:15 GMT
Etag: "638b11ab-1d7"
Expires: Mon, 05 Dec 2022 10:14:56 GMT
Last-Modified: Sat, 03 Dec 2022 09:06:51 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.186.209.73101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.186.209.73:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: gD8PHSur5KEQsT61EZc1XQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Jdd0vvS1QrajEVA3WjYbUZNEvlI=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2933
Expires: Sun, 04 Dec 2022 03:49:10 GMT
Date: Sun, 04 Dec 2022 03:00:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2933
Expires: Sun, 04 Dec 2022 03:49:10 GMT
Date: Sun, 04 Dec 2022 03:00:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2933
Expires: Sun, 04 Dec 2022 03:49:10 GMT
Date: Sun, 04 Dec 2022 03:00:17 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f00caab-057c-4cc2-a163-fd0bb4d0b5f7.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f00caab-057c-4cc2-a163-fd0bb4d0b5f7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1521243a6fc065bb631bfbde22886fa2
527220e4e8cd1065ce05fcd0694d0d703d817e2e
b83ebf768bbfb34f49d5467f3dfb43ceb3ca3d30d3454e6f37db9aef72d7689a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f00caab-057c-4cc2-a163-fd0bb4d0b5f7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11482
x-amzn-requestid: d1db05ab-bd5d-4ad4-96b4-8f439152e435
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clssNEeAoAMFh_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc181-0221c53842a2f5ef071e8071;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:37:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: UZ5kblxfN8fkp55YeSpUA55GzDxZgsLpFZrYTsdJBihf53HLCN0hTA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 22:17:35 GMT
age: 16962
etag: "527220e4e8cd1065ce05fcd0694d0d703d817e2e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vNP2rQwmWTntetjJyjonO8N_YOBqvQuZUm42BWX7c1GoX7jASOIpCg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:49:42 GMT
age: 18635
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb8cb98e4-6956-416c-82e2-269c1c3a9ea7.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb8cb98e4-6956-416c-82e2-269c1c3a9ea7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 95358bd2d700ee56273f5c03bb1b0ec9
3382013402b80585d811e8df916e32c055e559b7
9bdcf882b96fbbac533a799269480cc1af0e1dd891854939e1500adf2a5d1c10
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb8cb98e4-6956-416c-82e2-269c1c3a9ea7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9447
x-amzn-requestid: 7f33035c-70b3-4efd-9bbe-0975847cb21a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltmLExfoAMFwYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc2f4-20c26c902a341f7a00b62316;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:43:16 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: PpTFuHAWhFD1MhQGFZWYpenveUsGPtRE3GkL0Dy1mSFh-EeDcUKa_w==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 22:16:34 GMT
age: 17023
etag: "3382013402b80585d811e8df916e32c055e559b7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14dcca2a9c4792d835ee709bcd947402
1d702df3a64258628f4124eafd580695f2d350af
da01dcd8fef7c50bdb6f7a8a6a4955694092f479df3dba72f7fa69d7280d07b2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16143
x-amzn-requestid: dc86fad4-4e53-42c9-9b0a-5e4d2cfcd087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGyLGqmoAMFnaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a7-0ea324b31e8c6578098b8ab9;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KHd4ajJWl-8TDH5HGbkuJXI4NL6I83IwSUBKzfq85cxpyRH_LGl6OA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 07:43:43 GMT
age: 69394
etag: "1d702df3a64258628f4124eafd580695f2d350af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F826f887d-ca78-40db-9b7d-6c693667c155.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F826f887d-ca78-40db-9b7d-6c693667c155.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c1a6f4805f59db44f9d3520d88701a58
6a0258e8c97ce09f1723382c8a16d9682b7dc50c
ae120df5e96352c6998c24c69c709dfd2b01a7ff8a7b935d496757fd7661f2f5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F826f887d-ca78-40db-9b7d-6c693667c155.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7503
x-amzn-requestid: b096d14d-15bf-4d18-9930-5fffe561a40b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cgZwuFMcoAMFbTA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6389a337-1d3c4759652c0b314f458aa8;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 07:03:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3jrjQkv2nL9y5cmo5g30an3DJE0wiK2ifHwkukMztymsg6nDnXWOJw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 07:23:19 GMT
age: 70618
etag: "6a0258e8c97ce09f1723382c8a16d9682b7dc50c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2636f91bb8fa4d9bb7bef114c248a9ae
8637105f41058bc0d2b259d462b560881928adb6
3d93fd8fcf1af31d00ccbd453142dbea5f2b91d7f58373095943ed40a31ed1f7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10431
x-amzn-requestid: f79ab5e7-8c1b-4827-a531-aaa19c1d80aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsCGEwxIAMF34g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc073-6358d2950955884c470c0a89;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PQ7xh995cd1UVi3z42EVZGjQjHLLvtAP5BBC-xLEEGr4mEiXS6fC-w==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:47:06 GMT
age: 18791
etag: "8637105f41058bc0d2b259d462b560881928adb6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 7563cd42e3c5ccc65e7249e1edc2beba
d2e1b5ed97b7a6d19185364397e424cee105cd22
7dd66ae25d6ae1b33e639ee37e82f69f51d5ab7df4f99b7953f54580100d743c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3148
Cache-Control: max-age=152238
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 03:00:19 GMT
Etag: "638bb0a5-118"
Expires: Mon, 05 Dec 2022 21:17:37 GMT
Last-Modified: Sat, 03 Dec 2022 20:25:09 GMT
Server: ECS (amb/6B90)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3c4319f54a5675ee9acda96c58f97ac6
210ea86db1836d430b321d59b4bd1b016c914f22
cb20ad3ec895ed3a2ae9b1a90dda6b7cc174d8851f3a15ba054a435746cbdc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 03:00:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=AW-10973682359
142.250.74.168200 OK 71 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-10973682359
IP 142.250.74.168:0
File type ASCII text, with very long lines (9889)
Hash b39b7bd3edea061ffea7a09d21c144c0
f34a554317c1a2ea21f1fddd1357aa1ef18c0c76
f834020533c88f4338bc38c848fc619cb6a3594a682daa3210950daae4b9858a
GET /gtag/js?id=AW-10973682359 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 04 Dec 2022 03:00:19 GMT
expires: Sun, 04 Dec 2022 03:00:19 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 70773
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-P3GPWJM
142.250.74.168200 OK 51 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-P3GPWJM
IP 142.250.74.168:0
File type Unicode text, UTF-8 text, with very long lines (10798)
Hash 0454c07da6b19801acf9da99d7db53a3
96972e43012f9757c1ae03ad58a6de117f3e0d30
73690f1ac3d7c7c76bcb2d27796d785edb6e19a5aa2368ef24e47f208a353fe3
GET /gtm.js?id=GTM-P3GPWJM HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 04 Dec 2022 03:00:19 GMT
expires: Sun, 04 Dec 2022 03:00:19 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 51212
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mccdn.me/assets/js/widget.js
172.67.72.108200 OK 105 kB URL HTTP/2 mccdn.me/assets/js/widget.js
IP 172.67.72.108:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 105 kB (104731 bytes)
Hash e9072227a0d070266164081852ae1433
ff8c5ef57a2fdf56786e9420f2896adee5cd7352
41ed4866ec0433c08d598dd9431907218f0e9ebf6e73d2625f2d3e9d3d57a543
GET /assets/js/widget.js HTTP/1.1
Host: mccdn.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 03:00:19 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 03 Dec 2022 07:16:36 GMT
etag: W/"638af7d4-592a1"
access-control-allow-origin: https://manychat.com
timing-allow-origin: *
cache-control: public, max-age=7200
cf-cache-status: HIT
age: 5829
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FmZdJeFAckUQ80lPeWEZ2sv2w8ycwrXog3nJHZFgMm1Y2e2Bfbp%2FQos%2BI%2FkI%2FGHHqHybK%2BzHaZQ8%2F51CKmtmoCNXuS%2Bqtg2MXDug8l4gCgyZ4bcjJkrg1J%2Fo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77414a887a32b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 281 B IP 172.64.155.188:0
Hash 83c1cfde6a334befd4fc063745c6281f
83d2051d351c417ae9a0388f87029e81a8da2ce7
7d6719b3dd1480146ce86ed878c68fff1ff0813051aa88b037f80602cf7034e0
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 03:00:20 GMT
Content-Type: application/ocsp-response
Content-Length: 281
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 10:12:24 GMT
Expires: Fri, 09 Dec 2022 10:12:23 GMT
Etag: "83d2051d351c417ae9a0388f87029e81a8da2ce7"
Cache-Control: max-age=457322,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77414a88ac7fb4ff-OSL
aeis.alicdn.com/sd/ncpc/nc.js?t=20200808
184.30.29.156200 OK 68 kB URL HTTP/2 aeis.alicdn.com/sd/ncpc/nc.js?t=20200808
IP 184.30.29.156:0
File type ASCII text, with very long lines (32041)
Hash 526dfb228e3dd7fa5e6f710dd8311df9
7a34728c235ef775827f7aef6c5402b7a049d2fe
1379a29e0395ed1376910e050e8fb112a4ea0d5948d6e0cb1d4855909fb0e0c7
GET /sd/ncpc/nc.js?t=20200808 HTTP/1.1
Host: aeis.alicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 68528
x-oss-request-id: 638BFFB008AC1934390A026E
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 1896631701240726225
x-oss-storage-class: Standard
content-md5: 0UnMBXaEFIrORv8/CaTsog==
x-oss-server-time: 4
x-source-scheme: https
content-encoding: gzip
ali-swift-global-savetime: 1670119345
x-swift-savetime: Sun, 04 Dec 2022 02:02:51 GMT
x-swift-cachetime: 3574
eagleid: 2ff62c9616701193716633256e
served-from: 104.123.68.223
cache-control: max-age=134, s-maxage=3600
expires: Sun, 04 Dec 2022 03:02:34 GMT
date: Sun, 04 Dec 2022 03:00:20 GMT
vary: Accept-Encoding
network_info: NO_OSLO_50304
timing-allow-origin: *, *
access-control-allow-origin: *
access-control-expose-headers: FW_IP
fw_ip: 184.30.29.156
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 280 B IP 172.64.155.188:0
Hash 2735c6eeb6a265bbd4ba01062f0247c0
d73861e18da9967b4f915a241d941d5fe8945bc6
bb2ce78e617c40df6f216571e45d42a174084fdc12e606dba5b751b62852c98c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 03:00:20 GMT
Content-Type: application/ocsp-response
Content-Length: 280
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 06:19:30 GMT
Expires: Sat, 10 Dec 2022 06:19:29 GMT
Etag: "d73861e18da9967b4f915a241d941d5fe8945bc6"
Cache-Control: max-age=529748,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77414a8c0cceb50c-OSL
manychat.com/pixel/logEvent
18.185.191.84204 No Content 0 B URL HTTP/2 manychat.com/pixel/logEvent
IP 18.185.191.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /pixel/logEvent HTTP/1.1
Host: manychat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://cc.chitubox.com/
Origin: https://cc.chitubox.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: openresty/1.21.4.1
date: Sun, 04 Dec 2022 03:00:20 GMT
access-control-allow-origin: https://cc.chitubox.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 1728000
content-type: text/plain charset=UTF-8
content-length: 0
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 280 B IP 172.64.155.188:0
Hash 2735c6eeb6a265bbd4ba01062f0247c0
d73861e18da9967b4f915a241d941d5fe8945bc6
bb2ce78e617c40df6f216571e45d42a174084fdc12e606dba5b751b62852c98c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 03:00:20 GMT
Content-Type: application/ocsp-response
Content-Length: 280
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 06:19:30 GMT
Expires: Sat, 10 Dec 2022 06:19:29 GMT
Etag: "d73861e18da9967b4f915a241d941d5fe8945bc6"
Cache-Control: max-age=529748,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77414a8c0df7b4ff-OSL
cc.chitubox.com/favicon.ico
47.246.44.209200 OK 2.8 kB URL HTTP/2 cc.chitubox.com/favicon.ico
IP 47.246.44.209:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash d456ba3d8107e26f379069e0d1466512
ddd7dffcb856bfd36f0ee4ba5001078c98504a8b
16d5046af4553cf81a8386e2696adffcc1e9b23945dc15fc000047fef5981ff2
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/login?callback=https://sac.chitubox.com/software/download.do?softwareId=17839&softwareVersionId=v1.9.4&fileName=CHITUBOX64Install_V1.9.4.exe
Cookie: _gcl_au=1.1.1294913482.1670122818; _uab_collina=167012281812717218599485; CBDCustomerLang=en; _ga_VT08P6LCX3=GS1.1.1670122818.1.0.1670122818.60.0.0; _ga=GA1.1.432596966.1670122819
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/x-icon
content-length: 2840
date: Sun, 04 Dec 2022 02:06:42 GMT
last-modified: Fri, 02 Dec 2022 06:21:14 GMT
etag: "6389995a-b18"
accept-ranges: bytes
ali-swift-global-savetime: 1670119602
via: cache5.l2de2[0,0,304-0,H], cache4.l2de2[2,0], cache1.se1[24,24,200-0,H], cache5.se1[26,0]
age: 3219
x-cache: HIT TCP_REFRESH_HIT dirn:4:171967290
x-swift-savetime: Sun, 04 Dec 2022 03:00:21 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228210354762e
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd0b48347644ddc60fb16b04140cfcb7
ef8d6c8e3c979e98c82655290150aa14fe5d44d1
f3d27c16653ed979a7cce2dc6239a48a86c7dab2fc34949b540802e50b05275a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6122
Cache-Control: max-age=149832
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 03:00:21 GMT
Etag: "638b9ba3-1d7"
Expires: Mon, 05 Dec 2022 20:37:33 GMT
Last-Modified: Sat, 03 Dec 2022 18:55:31 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
142.250.74.46200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 04 Dec 2022 02:46:55 GMT
expires: Sun, 04 Dec 2022 04:46:55 GMT
cache-control: public, max-age=7200
age: 806
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/sdk.js
31.13.72.12200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1957)
Hash b70f1729407bfb6613436028eac62f09
92c1012d893b96a85491199ace9c42e1a3b1fec4
18b84026dae418a4f3fd11c59f06d0d09ffb4cb93ff3a2f2c638adeadfe43a3c
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: c4e18962ed56ff7eaec8d0fb9629ed71
etag: "85d0a87b8e8ae354a94223d385583da0"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sun, 04 Dec 2022 03:18:58 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: tw8XKUB7+2YTQ2Ao6sYvCQ==
x-fb-debug: FUFh4riMZOEXdzs01pDed5Wi83b5ffS6o6cmx9TT6Xtl3i6ktNZxrZQw5HHiPbGGWXYy5hMiqOwZJkuIKbx6qQ==
priority: u=3,i
content-length: 1686
x-fb-trip-id: 1904183273
date: Sun, 04 Dec 2022 03:00:21 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 08ca0238100c906a665f21b1caa97f47
3f605891faeafb51a36cecd25d331bcc450d34e9
35dac74d71c723f7a8e7585174fad51a0115e4a294a2c0d80b63026e25825618
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 03:00:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/sdk/xfbml.customerchat.js
31.13.72.12200 OK 92 kB URL HTTP/2 connect.facebook.net/en_US/sdk/xfbml.customerchat.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (20829)
Hash c503079183117ec5b74901c88db9e961
dd42437347a6c692b6d8ee44ff3d6b506a7dee21
7384f42aa1a20c95de64551781a8da7288804235a734943e2a57bfdd5a1d4165
GET /en_US/sdk/xfbml.customerchat.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 565196ee90ffeed4b95f5636f493927d
etag: "8000f16bb5e9f71e887bb4ffa019b953"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sun, 04 Dec 2022 03:17:28 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: xQMHkYMRfsW3SQHIjbnpYQ==
x-fb-debug: Q83Js2Rq9yh5sUHEMr9/VG3Hvm9tw953d1dVjzkktdbvRUJeAiKmpQlo4nJxDe6TTpXBTQ1p9+MPJeEIXmaLTA==
content-length: 92387
x-fb-trip-id: 1904183273
date: Sun, 04 Dec 2022 03:00:21 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j98&a=1827704936&t=pageview&_s=1&dl=https%3A%2F%2Fcc.chitubox.com%2Flogin%3Fcallback%3Dhttps%3A%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do%3FsoftwareId%3D17839%26softwareVersionId%3Dv1.9.4%26fileName%3DCHITUBOX64Install_V1.9.4.exe&ul=en-us&de=UTF-8&dt=CHITUBOX%20Customer%20Center&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YADAAEABAAAAACAAI~&jid=972663099&gjid=204292919&cid=432596966.1670122819&tid=UA-211432644-1&_gid=403868981.1670122819&_r=1>m=2wgbu0P3GPWJM&z=1662698601
142.250.74.46200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=1827704936&t=pageview&_s=1&dl=https%3A%2F%2Fcc.chitubox.com%2Flogin%3Fcallback%3Dhttps%3A%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do%3FsoftwareId%3D17839%26softwareVersionId%3Dv1.9.4%26fileName%3DCHITUBOX64Install_V1.9.4.exe&ul=en-us&de=UTF-8&dt=CHITUBOX%20Customer%20Center&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YADAAEABAAAAACAAI~&jid=972663099&gjid=204292919&cid=432596966.1670122819&tid=UA-211432644-1&_gid=403868981.1670122819&_r=1>m=2wgbu0P3GPWJM&z=1662698601
IP 142.250.74.46:0
File type ASCII text, with no line terminators
Hash cc7a1e792bca8ccb1946b7a07f6dbc03
11a2757082428311f587b7664fa9840376137f80
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
POST /j/collect?v=1&_v=j98&a=1827704936&t=pageview&_s=1&dl=https%3A%2F%2Fcc.chitubox.com%2Flogin%3Fcallback%3Dhttps%3A%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do%3FsoftwareId%3D17839%26softwareVersionId%3Dv1.9.4%26fileName%3DCHITUBOX64Install_V1.9.4.exe&ul=en-us&de=UTF-8&dt=CHITUBOX%20Customer%20Center&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YADAAEABAAAAACAAI~&jid=972663099&gjid=204292919&cid=432596966.1670122819&tid=UA-211432644-1&_gid=403868981.1670122819&_r=1>m=2wgbu0P3GPWJM&z=1662698601 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://cc.chitubox.com
Connection: keep-alive
Referer: https://cc.chitubox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://cc.chitubox.com
date: Sun, 04 Dec 2022 03:00:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/10973682359/?random=1670122817881&cv=11&fst=1670122817881&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcc.chitubox.com%2Flogin%3Fcallback%3Dhttps%3A%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do%3FsoftwareId%3D17839%26softwareVersionId%3Dv1.9.4%26fileName%3DCHITUBOX64Install_V1.9.4.exe&tiba=CHITUBOX%20Customer%20Center&auid=1294913482.1670122818&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.66200 OK 960 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/10973682359/?random=1670122817881&cv=11&fst=1670122817881&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcc.chitubox.com%2Flogin%3Fcallback%3Dhttps%3A%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do%3FsoftwareId%3D17839%26softwareVersionId%3Dv1.9.4%26fileName%3DCHITUBOX64Install_V1.9.4.exe&tiba=CHITUBOX%20Customer%20Center&auid=1294913482.1670122818&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.66:0
File type ASCII text, with very long lines (2191), with no line terminators
Hash 6fab4de1aa8836ff95a2895cf8231709
9ecae954363a0cc9701a91e924352a4dc40040ad
83160a685c1de61706c3fde708e75278377f1286fa9fb3ad9d17debd155fbccc
GET /pagead/viewthroughconversion/10973682359/?random=1670122817881&cv=11&fst=1670122817881&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcc.chitubox.com%2Flogin%3Fcallback%3Dhttps%3A%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do%3FsoftwareId%3D17839%26softwareVersionId%3Dv1.9.4%26fileName%3DCHITUBOX64Install_V1.9.4.exe&tiba=CHITUBOX%20Customer%20Center&auid=1294913482.1670122818&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 03:00:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 960
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 04-Dec-2022 03:15:21 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd0b48347644ddc60fb16b04140cfcb7
ef8d6c8e3c979e98c82655290150aa14fe5d44d1
f3d27c16653ed979a7cce2dc6239a48a86c7dab2fc34949b540802e50b05275a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6122
Cache-Control: max-age=149832
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 03:00:21 GMT
Etag: "638b9ba3-1d7"
Expires: Mon, 05 Dec 2022 20:37:33 GMT
Last-Modified: Sat, 03 Dec 2022 18:55:31 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VT08P6LCX3&cid=432596966.1670122819>m=2oebu0&aip=1&z=1609794782
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VT08P6LCX3&cid=432596966.1670122819>m=2oebu0&aip=1&z=1609794782
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VT08P6LCX3&cid=432596966.1670122819>m=2oebu0&aip=1&z=1609794782 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 03:00:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 08ca0238100c906a665f21b1caa97f47
3f605891faeafb51a36cecd25d331bcc450d34e9
35dac74d71c723f7a8e7585174fad51a0115e4a294a2c0d80b63026e25825618
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 03:00:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 663979bbd831a40bec8611cfac8d77af
aa43c96676a33100f244e6772e37adc2b6f89b76
60c21027da288e857f546b531dd226d81206bfa85a35985b0e1587a68dec4d5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 03:00:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-211432644-1&cid=432596966.1670122819&jid=972663099&gjid=204292919&_gid=403868981.1670122819&_u=YADAAEAAAAAAACAAI~&z=730897997
108.177.14.157200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-211432644-1&cid=432596966.1670122819&jid=972663099&gjid=204292919&_gid=403868981.1670122819&_u=YADAAEAAAAAAACAAI~&z=730897997
IP 108.177.14.157:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-211432644-1&cid=432596966.1670122819&jid=972663099&gjid=204292919&_gid=403868981.1670122819&_u=YADAAEAAAAAAACAAI~&z=730897997 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://cc.chitubox.com
Connection: keep-alive
Referer: https://cc.chitubox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://cc.chitubox.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 04 Dec 2022 03:00:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-VT08P6LCX3>m=2oebu0&_p=1827704936&_gaz=1&cid=432596966.1670122819&ul=en-us&sr=1280x1024&_s=1&sid=1670122818&sct=1&seg=0&dl=https%3A%2F%2Fcc.chitubox.com%2Flogin%3Fcallback%3Dhttps%3A%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do%3FsoftwareId%3D17839%26softwareVersionId%3Dv1.9.4%26fileName%3DCHITUBOX64Install_V1.9.4.exe&dt=CHITUBOX%20Customer%20Center&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-VT08P6LCX3>m=2oebu0&_p=1827704936&_gaz=1&cid=432596966.1670122819&ul=en-us&sr=1280x1024&_s=1&sid=1670122818&sct=1&seg=0&dl=https%3A%2F%2Fcc.chitubox.com%2Flogin%3Fcallback%3Dhttps%3A%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do%3FsoftwareId%3D17839%26softwareVersionId%3Dv1.9.4%26fileName%3DCHITUBOX64Install_V1.9.4.exe&dt=CHITUBOX%20Customer%20Center&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-VT08P6LCX3>m=2oebu0&_p=1827704936&_gaz=1&cid=432596966.1670122819&ul=en-us&sr=1280x1024&_s=1&sid=1670122818&sct=1&seg=0&dl=https%3A%2F%2Fcc.chitubox.com%2Flogin%3Fcallback%3Dhttps%3A%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do%3FsoftwareId%3D17839%26softwareVersionId%3Dv1.9.4%26fileName%3DCHITUBOX64Install_V1.9.4.exe&dt=CHITUBOX%20Customer%20Center&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cc.chitubox.com
Connection: keep-alive
Referer: https://cc.chitubox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://cc.chitubox.com
date: Sun, 04 Dec 2022 03:00:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.facebook.com/plugins/customer_chat/SDK/?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df16ca23a54a79dc%26domain%3Dcc.chitubox.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcc.chitubox.com%252Ffea5631a8fbdb4%26relation%3Dparent.parent¤t_url=https%3A%2F%2Fcc.chitubox.com%2Flogin%3Fcallback%3Dhttps%3A%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do%3FsoftwareId%3D17839%26softwareVersionId%3Dv1.9.4%26fileName%3DCHITUBOX64Install_V1.9.4.exe&event_name=chat_plugin_sdk_facade_create&greeting_dialog_display=show&is_loaded_by_facade=true&loading_time=0&locale=en_US&log_id=d0d59fa0-b9e7-44a0-962d-72fd68adf611&page_id=110698050301469&ref=w16846475_0d0302db5192915709e942f275219545b8e21085_b758b249-fb64-a68c-ef6a-776e32dffc67&request_time=1670122819294&sdk=joey&should_use_new_domain=false&suppress_http_code=1&theme_color=%23FFFFFF
157.240.240.35200 OK 0 B URL HTTP/2 www.facebook.com/plugins/customer_chat/SDK/?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df16ca23a54a79dc%26domain%3Dcc.chitubox.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcc.chitubox.com%252Ffea5631a8fbdb4%26relation%3Dparent.parent¤t_url=https%3A%2F%2Fcc.chitubox.com%2Flogin%3Fcallback%3Dhttps%3A%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do%3FsoftwareId%3D17839%26softwareVersionId%3Dv1.9.4%26fileName%3DCHITUBOX64Install_V1.9.4.exe&event_name=chat_plugin_sdk_facade_create&greeting_dialog_display=show&is_loaded_by_facade=true&loading_time=0&locale=en_US&log_id=d0d59fa0-b9e7-44a0-962d-72fd68adf611&page_id=110698050301469&ref=w16846475_0d0302db5192915709e942f275219545b8e21085_b758b249-fb64-a68c-ef6a-776e32dffc67&request_time=1670122819294&sdk=joey&should_use_new_domain=false&suppress_http_code=1&theme_color=%23FFFFFF
IP 157.240.240.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/customer_chat/SDK/?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df16ca23a54a79dc%26domain%3Dcc.chitubox.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcc.chitubox.com%252Ffea5631a8fbdb4%26relation%3Dparent.parent¤t_url=https%3A%2F%2Fcc.chitubox.com%2Flogin%3Fcallback%3Dhttps%3A%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do%3FsoftwareId%3D17839%26softwareVersionId%3Dv1.9.4%26fileName%3DCHITUBOX64Install_V1.9.4.exe&event_name=chat_plugin_sdk_facade_create&greeting_dialog_display=show&is_loaded_by_facade=true&loading_time=0&locale=en_US&log_id=d0d59fa0-b9e7-44a0-962d-72fd68adf611&page_id=110698050301469&ref=w16846475_0d0302db5192915709e942f275219545b8e21085_b758b249-fb64-a68c-ef6a-776e32dffc67&request_time=1670122819294&sdk=joey&should_use_new_domain=false&suppress_http_code=1&theme_color=%23FFFFFF HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Origin: https://cc.chitubox.com
Connection: keep-alive
Referer: https://cc.chitubox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
access-control-allow-origin: https://cc.chitubox.com
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: cOT16dWaLgMEU1pIXvxuf+SQ0Sdlu/DxSVA6FNy7MX21Ao314kDkH7jr7YrHt6BiEQ7eXkzlTEjP9cgwTqVSsg==
content-length: 0
date: Sun, 04 Dec 2022 03:00:21 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/plugins/customer_chat/facade/?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df16ca23a54a79dc%26domain%3Dcc.chitubox.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcc.chitubox.com%252Ffea5631a8fbdb4%26relation%3Dparent.parent¤t_url=https%3A%2F%2Fcc.chitubox.com%2Flogin%3Fcallback%3Dhttps%3A%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do%3FsoftwareId%3D17839%26softwareVersionId%3Dv1.9.4%26fileName%3DCHITUBOX64Install_V1.9.4.exe&greeting_dialog_display=show&is_loaded_by_facade=true&locale=en_US&log_id=d0d59fa0-b9e7-44a0-962d-72fd68adf611&page_id=110698050301469&ref=w16846475_0d0302db5192915709e942f275219545b8e21085_b758b249-fb64-a68c-ef6a-776e32dffc67&request_time=1670122819294&sdk=joey&should_use_new_domain=false&suppress_http_code=1&theme_color=%23FFFFFF
157.240.240.35200 OK 751 B URL HTTP/2 www.facebook.com/plugins/customer_chat/facade/?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df16ca23a54a79dc%26domain%3Dcc.chitubox.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcc.chitubox.com%252Ffea5631a8fbdb4%26relation%3Dparent.parent¤t_url=https%3A%2F%2Fcc.chitubox.com%2Flogin%3Fcallback%3Dhttps%3A%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do%3FsoftwareId%3D17839%26softwareVersionId%3Dv1.9.4%26fileName%3DCHITUBOX64Install_V1.9.4.exe&greeting_dialog_display=show&is_loaded_by_facade=true&locale=en_US&log_id=d0d59fa0-b9e7-44a0-962d-72fd68adf611&page_id=110698050301469&ref=w16846475_0d0302db5192915709e942f275219545b8e21085_b758b249-fb64-a68c-ef6a-776e32dffc67&request_time=1670122819294&sdk=joey&should_use_new_domain=false&suppress_http_code=1&theme_color=%23FFFFFF
IP 157.240.240.35:0
File type ASCII text, with very long lines (1298), with no line terminators
Hash f240d52e06d17e7064ce350a3315979b
18592e58d65687953ea77f5b1cb7d9b74be3bdb8
09d9f677f8049b17536303b4ffe73a1f9f66b5db86ac9c743b269abe60d02eb2
GET /plugins/customer_chat/facade/?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df16ca23a54a79dc%26domain%3Dcc.chitubox.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcc.chitubox.com%252Ffea5631a8fbdb4%26relation%3Dparent.parent¤t_url=https%3A%2F%2Fcc.chitubox.com%2Flogin%3Fcallback%3Dhttps%3A%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do%3FsoftwareId%3D17839%26softwareVersionId%3Dv1.9.4%26fileName%3DCHITUBOX64Install_V1.9.4.exe&greeting_dialog_display=show&is_loaded_by_facade=true&locale=en_US&log_id=d0d59fa0-b9e7-44a0-962d-72fd68adf611&page_id=110698050301469&ref=w16846475_0d0302db5192915709e942f275219545b8e21085_b758b249-fb64-a68c-ef6a-776e32dffc67&request_time=1670122819294&sdk=joey&should_use_new_domain=false&suppress_http_code=1&theme_color=%23FFFFFF HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Origin: https://cc.chitubox.com
Connection: keep-alive
Referer: https://cc.chitubox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/json; charset=utf-8
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
access-control-allow-origin: https://cc.chitubox.com
strict-transport-security: max-age=15552000; preload
x-fb-debug: aFiKkSdHo157NYSiVJoK8uOM+LLbm0AdTpRvSJBWF0LGA4hOe0JIvXnvcfg+4RgDmxB5VtlfhupoCnGxhkqxyg==
date: Sun, 04 Dec 2022 03:00:21 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cc.chitubox.com/assets/img/logo.png
47.246.44.209200 OK 8.4 kB URL HTTP/2 cc.chitubox.com/assets/img/logo.png
IP 47.246.44.209:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type PNG image data, 835 x 168, 8-bit/color RGBA, non-interlaced\012- data
Hash dc1b44a5787581a2385c954b8d7fa1a9
ebdc9356b984234792e087f392e8627df58e2723
cef740539a557a071a656e72abc3ad1dde0c0dd14d6902ad821069ddc1ed47c2
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/img/logo.png HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/login?callback=https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do
Cookie: _gcl_au=1.1.1294913482.1670122818; _uab_collina=167012281812717218599485; CBDCustomerLang=en; _ga_VT08P6LCX3=GS1.1.1670122818.1.0.1670122818.60.0.0; _ga=GA1.2.432596966.1670122819; _gid=GA1.2.403868981.1670122819; _gat_UA-211432644-1=1; CLT=YThlZjdjMjItZWZiMy00YmE0LTgyOGYtOGZiMTBkZWUzOWYz
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/png
content-length: 8442
date: Sun, 04 Dec 2022 02:41:09 GMT
last-modified: Fri, 02 Dec 2022 06:21:13 GMT
etag: "63899959-20fa"
accept-ranges: bytes
ali-swift-global-savetime: 1670121669
via: cache14.l2de2[0,0,304-0,H], cache15.l2de2[1,0], cache5.se1[22,21,200-0,H], cache5.se1[24,0]
age: 1152
x-cache: HIT TCP_REFRESH_HIT dirn:1:349461858
x-swift-savetime: Sun, 04 Dec 2022 03:00:21 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228219065063e
X-Firefox-Spdy: h2
cc.chitubox.com/assets/img/login_top_logo.png
47.246.44.209200 OK 6.0 kB URL HTTP/2 cc.chitubox.com/assets/img/login_top_logo.png
IP 47.246.44.209:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type PNG image data, 145 x 145, 8-bit/color RGBA, non-interlaced\012- data
Hash d51da6d2fe5a7ac89098f24aea9557cc
3ae0e8e8c47ea5d1752b8afe31fa248c312cf852
41f7b5164757ae57c53f7ebd12ce25bcf4733c526e8a81ae23f6dac6168defff
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/img/login_top_logo.png HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/login?callback=https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do
Cookie: _gcl_au=1.1.1294913482.1670122818; _uab_collina=167012281812717218599485; CBDCustomerLang=en; _ga_VT08P6LCX3=GS1.1.1670122818.1.0.1670122818.60.0.0; _ga=GA1.2.432596966.1670122819; _gid=GA1.2.403868981.1670122819; _gat_UA-211432644-1=1; CLT=YThlZjdjMjItZWZiMy00YmE0LTgyOGYtOGZiMTBkZWUzOWYz
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/png
content-length: 6023
date: Sun, 04 Dec 2022 02:06:42 GMT
last-modified: Fri, 02 Dec 2022 06:21:13 GMT
etag: "63899959-1787"
accept-ranges: bytes
ali-swift-global-savetime: 1670119602
via: cache4.l2de2[0,0,304-0,H], cache5.l2de2[2,0], cache3.se1[23,23,200-0,H], cache5.se1[25,0]
age: 3219
x-cache: HIT TCP_REFRESH_HIT dirn:11:439578655
x-swift-savetime: Sun, 04 Dec 2022 03:00:21 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228219105064e
X-Firefox-Spdy: h2
cc.chitubox.com/assets/img/login/chitubox.png
47.246.44.209200 OK 3.2 kB URL HTTP/2 cc.chitubox.com/assets/img/login/chitubox.png
IP 47.246.44.209:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type PNG image data, 228 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 67b691fde3681d80b157e548645cfcec
46ce201f5230dd099bf78dd8da2e91d9979d0e81
9383a3cbd182625279cd9222564c9d2958b80832421fb9b5b6c97caba508fa03
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/img/login/chitubox.png HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/login?callback=https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do
Cookie: _gcl_au=1.1.1294913482.1670122818; _uab_collina=167012281812717218599485; CBDCustomerLang=en; _ga_VT08P6LCX3=GS1.1.1670122818.1.0.1670122818.60.0.0; _ga=GA1.2.432596966.1670122819; _gid=GA1.2.403868981.1670122819; _gat_UA-211432644-1=1; CLT=YThlZjdjMjItZWZiMy00YmE0LTgyOGYtOGZiMTBkZWUzOWYz
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/png
content-length: 3245
date: Sun, 04 Dec 2022 02:07:05 GMT
last-modified: Fri, 02 Dec 2022 06:21:13 GMT
etag: "63899959-cad"
accept-ranges: bytes
ali-swift-global-savetime: 1670119625
via: cache8.l2de2[0,0,304-0,H], cache21.l2de2[1,0], cache3.se1[22,22,200-0,H], cache5.se1[24,0]
age: 3196
x-cache: HIT TCP_REFRESH_HIT dirn:2:421778724
x-swift-savetime: Sun, 04 Dec 2022 03:00:21 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228219345076e
X-Firefox-Spdy: h2
cc.chitubox.com/assets/img/login/login-left.png
47.246.44.209200 OK 179 kB URL HTTP/2 cc.chitubox.com/assets/img/login/login-left.png
IP 47.246.44.209:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type PNG image data, 400 x 601, 8-bit/color RGBA, non-interlaced\012- data
Size 179 kB (178682 bytes)
Hash 5f5812b1130c8448fc536745f2298f6f
4ef421d0e5ba74705e452e6631733b182e960c05
b310733428235b5290327138303579bb7c82890915af7bbbad31eb0f8f24f9e0
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/img/login/login-left.png HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/login?callback=https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do
Cookie: _gcl_au=1.1.1294913482.1670122818; _uab_collina=167012281812717218599485; CBDCustomerLang=en; _ga_VT08P6LCX3=GS1.1.1670122818.1.0.1670122818.60.0.0; _ga=GA1.2.432596966.1670122819; _gid=GA1.2.403868981.1670122819; _gat_UA-211432644-1=1; CLT=YThlZjdjMjItZWZiMy00YmE0LTgyOGYtOGZiMTBkZWUzOWYz
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/png
content-length: 178682
date: Sun, 04 Dec 2022 02:07:05 GMT
last-modified: Fri, 02 Dec 2022 06:21:13 GMT
etag: "63899959-2b9fa"
accept-ranges: bytes
ali-swift-global-savetime: 1670119625
via: cache6.l2de2[0,0,304-0,H], cache5.l2de2[1,0], cache4.se1[25,25,200-0,H], cache5.se1[27,0]
age: 3196
x-cache: HIT TCP_REFRESH_HIT dirn:11:108619793
x-swift-savetime: Sun, 04 Dec 2022 03:00:21 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228219345075e
X-Firefox-Spdy: h2
cc.chitubox.com/assets/img/login/facebook-icon.svg
47.246.44.209200 OK 425 B URL HTTP/2 cc.chitubox.com/assets/img/login/facebook-icon.svg
IP 47.246.44.209:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (405), with no line terminators
Hash 7b354143354374625e1339d64076acdb
e70a167f1670ea416bb9b5a487fc03c4040cdbf6
f5cc534d42889826c91d3938ade6efb55e72ece37ab8444728fab01a627dc7ba
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/img/login/facebook-icon.svg HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/login?callback=https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do
Cookie: _gcl_au=1.1.1294913482.1670122818; _uab_collina=167012281812717218599485; CBDCustomerLang=en; _ga_VT08P6LCX3=GS1.1.1670122818.1.0.1670122818.60.0.0; _ga=GA1.2.432596966.1670122819; _gid=GA1.2.403868981.1670122819; _gat_UA-211432644-1=1; CLT=YThlZjdjMjItZWZiMy00YmE0LTgyOGYtOGZiMTBkZWUzOWYz
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/svg+xml
content-length: 425
date: Sun, 04 Dec 2022 02:07:05 GMT
last-modified: Fri, 02 Dec 2022 06:21:13 GMT
etag: "63899959-1a9"
accept-ranges: bytes
ali-swift-global-savetime: 1670119625
via: cache15.l2de2[0,0,304-0,H], cache25.l2de2[0,0], cache5.se1[21,22,200-0,H], cache5.se1[23,0]
age: 3196
x-cache: HIT TCP_REFRESH_HIT dirn:4:350294826
x-swift-savetime: Sun, 04 Dec 2022 03:00:21 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228219515080e
X-Firefox-Spdy: h2
cc.chitubox.com/assets/img/nav/nav_chitubox_pro.jpg
47.246.44.209200 OK 37 kB URL HTTP/2 cc.chitubox.com/assets/img/nav/nav_chitubox_pro.jpg
IP 47.246.44.209:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 292x166, components 3\012- data
Hash 4d5e2a3d41985508abb491bb1c3bb076
e642b6d3e871b0354364375867e3eea79c4ad3be
e347aa15041d506fa9609d7ca11900bf96331b8c1acb40e8f6452328677f23ec
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/img/nav/nav_chitubox_pro.jpg HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/login?callback=https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do
Cookie: _gcl_au=1.1.1294913482.1670122818; _uab_collina=167012281812717218599485; CBDCustomerLang=en; _ga_VT08P6LCX3=GS1.1.1670122818.1.0.1670122818.60.0.0; _ga=GA1.2.432596966.1670122819; _gid=GA1.2.403868981.1670122819; _gat_UA-211432644-1=1; CLT=YThlZjdjMjItZWZiMy00YmE0LTgyOGYtOGZiMTBkZWUzOWYz; externalObj=[{"url":"","params":{"callback":"https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do"},"time":"2022-12-04 03:00:19"}]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/jpeg
content-length: 37290
date: Sun, 04 Dec 2022 02:41:09 GMT
last-modified: Fri, 02 Dec 2022 06:21:13 GMT
etag: "63899959-91aa"
accept-ranges: bytes
ali-swift-global-savetime: 1670121669
via: cache12.l2de2[0,0,304-0,H], cache15.l2de2[0,0], cache5.se1[22,22,200-0,H], cache5.se1[23,0]
age: 1153
x-cache: HIT TCP_REFRESH_HIT dirn:4:350210842
x-swift-savetime: Sun, 04 Dec 2022 03:00:22 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228220325117e
X-Firefox-Spdy: h2
cc.chitubox.com/assets/img/nav/nav_chitubox_free.png
47.246.44.209200 OK 36 kB URL HTTP/2 cc.chitubox.com/assets/img/nav/nav_chitubox_free.png
IP 47.246.44.209:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type PNG image data, 292 x 164, 8-bit/color RGB, non-interlaced\012- data
Hash a77623dcab66faabd2e40bf6916b791f
c804311ceb7d2c2fcb0942d82cd3cbc31d93dfb1
2619bf502dd1e9dccd4987f329122fba82ea383776287452a76966114d9d18f2
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/img/nav/nav_chitubox_free.png HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/login?callback=https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do
Cookie: _gcl_au=1.1.1294913482.1670122818; _uab_collina=167012281812717218599485; CBDCustomerLang=en; _ga_VT08P6LCX3=GS1.1.1670122818.1.0.1670122818.60.0.0; _ga=GA1.2.432596966.1670122819; _gid=GA1.2.403868981.1670122819; _gat_UA-211432644-1=1; CLT=YThlZjdjMjItZWZiMy00YmE0LTgyOGYtOGZiMTBkZWUzOWYz; externalObj=[{"url":"","params":{"callback":"https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do"},"time":"2022-12-04 03:00:19"}]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/png
content-length: 35715
date: Sun, 04 Dec 2022 02:41:09 GMT
last-modified: Fri, 02 Dec 2022 06:21:13 GMT
etag: "63899959-8b83"
accept-ranges: bytes
ali-swift-global-savetime: 1670121669
via: cache19.l2de2[0,0,304-0,H], cache3.l2de2[1,0], cache8.se1[23,23,200-0,H], cache5.se1[24,0]
age: 1153
x-cache: HIT TCP_REFRESH_HIT dirn:4:13843647
x-swift-savetime: Sun, 04 Dec 2022 03:00:22 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228220315116e
X-Firefox-Spdy: h2
cc.chitubox.com/assets/img/login/google-icon.svg
47.246.44.209200 OK 27 kB URL HTTP/2 cc.chitubox.com/assets/img/login/google-icon.svg
IP 47.246.44.209:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 1b7cb23ab820f8ea30a9b8defa038434
edaee5e78398c155aa1d16a4b5dda25431111e0f
e3b3be4597edc11e78446e3e6ccb8695e07e38dd5b3b226f7e7ff2c9b15645e2
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/img/login/google-icon.svg HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/login?callback=https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do
Cookie: _gcl_au=1.1.1294913482.1670122818; _uab_collina=167012281812717218599485; CBDCustomerLang=en; _ga_VT08P6LCX3=GS1.1.1670122818.1.0.1670122818.60.0.0; _ga=GA1.2.432596966.1670122819; _gid=GA1.2.403868981.1670122819; _gat_UA-211432644-1=1; CLT=YThlZjdjMjItZWZiMy00YmE0LTgyOGYtOGZiMTBkZWUzOWYz
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/svg+xml
vary: Accept-Encoding
date: Sun, 04 Dec 2022 02:07:05 GMT
last-modified: Fri, 02 Dec 2022 06:21:13 GMT
etag: W/"63899959-707"
ali-swift-global-savetime: 1670119625
via: cache17.l2de2[0,0,304-0,H], cache8.l2de2[1,0], cache7.se1[23,23,200-0,H], cache5.se1[25,0]
age: 3196
x-cache: HIT TCP_REFRESH_HIT dirn:3:426502390
x-swift-savetime: Sun, 04 Dec 2022 03:00:21 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228219515081e
content-encoding: gzip
X-Firefox-Spdy: h2
cc.chitubox.com/assets/img/nav_chitubox_vs.jpg
47.246.44.209200 OK 22 kB URL HTTP/2 cc.chitubox.com/assets/img/nav_chitubox_vs.jpg
IP 47.246.44.209:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 294x169, components 3\012- data
Hash a71625cd1ab871765ed9e8fd533d8165
21c20a1801b089a7b01e114fb2a50cebc0a8827e
782a58257677257bbfd9902a9e981526fb44332d5c3c06b5586cbc70672ed823
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/img/nav_chitubox_vs.jpg HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/login?callback=https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do
Cookie: _gcl_au=1.1.1294913482.1670122818; _uab_collina=167012281812717218599485; CBDCustomerLang=en; _ga_VT08P6LCX3=GS1.1.1670122818.1.0.1670122818.60.0.0; _ga=GA1.2.432596966.1670122819; _gid=GA1.2.403868981.1670122819; _gat_UA-211432644-1=1; CLT=YThlZjdjMjItZWZiMy00YmE0LTgyOGYtOGZiMTBkZWUzOWYz; externalObj=[{"url":"","params":{"callback":"https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do"},"time":"2022-12-04 03:00:19"}]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/jpeg
content-length: 22455
date: Sun, 04 Dec 2022 02:41:09 GMT
last-modified: Fri, 02 Dec 2022 06:21:13 GMT
etag: "63899959-57b7"
accept-ranges: bytes
ali-swift-global-savetime: 1670121669
via: cache2.l2de2[0,0,304-0,H], cache5.l2de2[1,0], cache3.se1[23,23,200-0,H], cache5.se1[25,0]
age: 1153
x-cache: HIT TCP_REFRESH_HIT dirn:1:406416973
x-swift-savetime: Sun, 04 Dec 2022 03:00:22 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228220425121e
X-Firefox-Spdy: h2
cc.chitubox.com/assets/img/promotion/header-new-icon.png
47.246.44.209200 OK 2.3 kB URL HTTP/2 cc.chitubox.com/assets/img/promotion/header-new-icon.png
IP 47.246.44.209:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type PNG image data, 31 x 35, 8-bit/color RGBA, non-interlaced\012- data
Hash fe4f56cf8b269a7d1ed30aa32b07d9ea
a4aea334b17513cf5723fb5174e7e56602b93dbc
5bc84a1eafe43566890d09e46cde618f80dce6779bf8dca990caa5d34308693a
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/img/promotion/header-new-icon.png HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/login?callback=https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do
Cookie: _gcl_au=1.1.1294913482.1670122818; _uab_collina=167012281812717218599485; CBDCustomerLang=en; _ga_VT08P6LCX3=GS1.1.1670122818.1.0.1670122818.60.0.0; _ga=GA1.2.432596966.1670122819; _gid=GA1.2.403868981.1670122819; _gat_UA-211432644-1=1; CLT=YThlZjdjMjItZWZiMy00YmE0LTgyOGYtOGZiMTBkZWUzOWYz; externalObj=[{"url":"","params":{"callback":"https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do"},"time":"2022-12-04 03:00:19"}]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/png
content-length: 2315
date: Sun, 04 Dec 2022 02:41:09 GMT
last-modified: Fri, 02 Dec 2022 06:21:13 GMT
etag: "63899959-90b"
accept-ranges: bytes
ali-swift-global-savetime: 1670121669
via: cache5.l2de2[0,0,304-0,H], cache25.l2de2[1,0], cache7.se1[21,22,200-0,H], cache5.se1[23,0]
age: 1153
x-cache: HIT TCP_REFRESH_HIT dirn:11:430528758
x-swift-savetime: Sun, 04 Dec 2022 03:00:22 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228220535130e
X-Firefox-Spdy: h2
manychat.com/pixel/logEvent
18.185.191.84200 OK 11 kB URL HTTP/2 manychat.com/pixel/logEvent
IP 18.185.191.84:0
Hash 9ad5ef5cf715b73b24d1ec0461385746
d3512f05c29a3dd1cff69a5871b4a3be522f4380
8504b1d0e89c85412954c7961106c18241dce4d6fb0c24ab3a569dbc0429612a
POST /pixel/logEvent HTTP/1.1
Host: manychat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 664
Origin: https://cc.chitubox.com
Connection: keep-alive
Referer: https://cc.chitubox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty/1.21.4.1
date: Sun, 04 Dec 2022 03:00:20 GMT
content-type: application/json
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
cc.chitubox.com/assets/img/icon.png?t=016
47.246.44.209200 OK 41 kB URL HTTP/2 cc.chitubox.com/assets/img/icon.png?t=016
IP 47.246.44.209:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type PNG image data, 512 x 466, 8-bit/color RGBA, non-interlaced\012- data
Hash b716df96cc1ef83873d0f2cf8c849b0b
ba8e82a82d0738816f4465d8fa7dcdf16c649467
ffe53153b2cf88210904338f3d1854ec359805f35d5bdc439efa94e7ba924c45
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/img/icon.png?t=016 HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/styles.103ede9607ea4095d692.css
Cookie: _gcl_au=1.1.1294913482.1670122818; _uab_collina=167012281812717218599485; CBDCustomerLang=en; _ga_VT08P6LCX3=GS1.1.1670122818.1.0.1670122818.60.0.0; _ga=GA1.2.432596966.1670122819; _gid=GA1.2.403868981.1670122819; _gat_UA-211432644-1=1; CLT=YThlZjdjMjItZWZiMy00YmE0LTgyOGYtOGZiMTBkZWUzOWYz; externalObj=[{"url":"","params":{"callback":"https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do"},"time":"2022-12-04 03:00:19"}]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/png
content-length: 41249
date: Sun, 04 Dec 2022 02:41:09 GMT
last-modified: Fri, 02 Dec 2022 06:21:13 GMT
etag: "63899959-a121"
accept-ranges: bytes
ali-swift-global-savetime: 1670121669
via: cache3.l2de2[0,0,304-0,H], cache20.l2de2[0,0], cache3.se1[22,22,200-0,H], cache5.se1[24,0]
age: 1153
x-cache: HIT TCP_REFRESH_HIT dirn:2:421698657
x-swift-savetime: Sun, 04 Dec 2022 03:00:22 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228220975157e
X-Firefox-Spdy: h2
cc.chitubox.com/login-background.9f2e4781efb48cb29311.png
47.246.44.209200 OK 958 kB URL HTTP/2 cc.chitubox.com/login-background.9f2e4781efb48cb29311.png
IP 47.246.44.209:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type PNG image data, 1920 x 773, 8-bit/color RGBA, non-interlaced\012- data
Size 958 kB (957481 bytes)
Hash 671417d5e65d351ce16ff67696b3da64
5384875c1ed2093529bfdfb853b008be1f5dc1ab
1e00fab9413be8d0230d948175b8a2e3623621f4a83e3632337f7a020974dc12
Analyzer Verdict Alert quad9 Sinkholed
GET /login-background.9f2e4781efb48cb29311.png HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/login?callback=https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do
Cookie: _gcl_au=1.1.1294913482.1670122818; _uab_collina=167012281812717218599485; CBDCustomerLang=en; _ga_VT08P6LCX3=GS1.1.1670122818.1.0.1670122818.60.0.0; _ga=GA1.2.432596966.1670122819; _gid=GA1.2.403868981.1670122819; _gat_UA-211432644-1=1; CLT=YThlZjdjMjItZWZiMy00YmE0LTgyOGYtOGZiMTBkZWUzOWYz; externalObj=[{"url":"","params":{"callback":"https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do"},"time":"2022-12-04 03:00:19"}]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/png
content-length: 957481
date: Sun, 04 Dec 2022 02:10:32 GMT
last-modified: Fri, 02 Dec 2022 06:21:14 GMT
etag: "6389995a-e9c29"
accept-ranges: bytes
ali-swift-global-savetime: 1670119832
via: cache20.l2de2[0,0,304-0,H], cache10.l2de2[1,0], cache5.se1[22,23,200-0,H], cache5.se1[27,0]
age: 2990
x-cache: HIT TCP_REFRESH_HIT dirn:11:345184522
x-swift-savetime: Sun, 04 Dec 2022 03:00:22 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228220865155e
X-Firefox-Spdy: h2
cc.chitubox.com/fontawesome-webfont.20fd1704ea223900efa9.woff2?v=4.7.0
47.246.44.209200 OK 77 kB URL HTTP/2 cc.chitubox.com/fontawesome-webfont.20fd1704ea223900efa9.woff2?v=4.7.0
IP 47.246.44.209:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert quad9 Sinkholed
GET /fontawesome-webfont.20fd1704ea223900efa9.woff2?v=4.7.0 HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://cc.chitubox.com/styles.103ede9607ea4095d692.css
Cookie: _gcl_au=1.1.1294913482.1670122818; _uab_collina=167012281812717218599485; CBDCustomerLang=en; _ga_VT08P6LCX3=GS1.1.1670122818.1.0.1670122818.60.0.0; _ga=GA1.2.432596966.1670122819; _gid=GA1.2.403868981.1670122819; _gat_UA-211432644-1=1; CLT=YThlZjdjMjItZWZiMy00YmE0LTgyOGYtOGZiMTBkZWUzOWYz; externalObj=[{"url":"","params":{"callback":"https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do"},"time":"2022-12-04 03:00:19"}]
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: font/woff2
content-length: 77160
date: Sun, 04 Dec 2022 02:41:09 GMT
last-modified: Fri, 02 Dec 2022 06:21:14 GMT
etag: "6389995a-12d68"
accept-ranges: bytes
ali-swift-global-savetime: 1670121669
via: cache15.l2de2[0,0,304-0,H], cache8.l2de2[0,0], cache4.se1[21,21,200-0,H], cache5.se1[24,0]
age: 1153
x-cache: HIT TCP_REFRESH_HIT dirn:2:94134646
x-swift-savetime: Sun, 04 Dec 2022 03:00:22 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228221335173e
X-Firefox-Spdy: h2
cc.chitubox.com/assets/img/icon.png
47.246.44.209200 OK 41 kB URL HTTP/2 cc.chitubox.com/assets/img/icon.png
IP 47.246.44.209:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type PNG image data, 512 x 466, 8-bit/color RGBA, non-interlaced\012- data
Hash b716df96cc1ef83873d0f2cf8c849b0b
ba8e82a82d0738816f4465d8fa7dcdf16c649467
ffe53153b2cf88210904338f3d1854ec359805f35d5bdc439efa94e7ba924c45
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/img/icon.png HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/styles.103ede9607ea4095d692.css
Cookie: _gcl_au=1.1.1294913482.1670122818; _uab_collina=167012281812717218599485; CBDCustomerLang=en; _ga_VT08P6LCX3=GS1.1.1670122818.1.0.1670122818.60.0.0; _ga=GA1.2.432596966.1670122819; _gid=GA1.2.403868981.1670122819; _gat_UA-211432644-1=1; CLT=YThlZjdjMjItZWZiMy00YmE0LTgyOGYtOGZiMTBkZWUzOWYz; externalObj=[{"url":"","params":{"callback":"https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do"},"time":"2022-12-04 03:00:19"}]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/png
content-length: 41249
date: Sun, 04 Dec 2022 02:06:42 GMT
last-modified: Fri, 02 Dec 2022 06:21:13 GMT
etag: "63899959-a121"
accept-ranges: bytes
ali-swift-global-savetime: 1670119602
via: cache14.l2de2[0,0,304-0,H], cache4.l2de2[1,0], cache8.se1[87,87,200-0,H], cache5.se1[93,0]
age: 3220
x-cache: HIT TCP_REFRESH_HIT dirn:11:15829075
x-swift-savetime: Sun, 04 Dec 2022 03:00:22 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228220865154e
X-Firefox-Spdy: h2
cc.chitubox.com/assets/img/nav/what_new.png
47.246.44.209200 OK 13 kB URL HTTP/2 cc.chitubox.com/assets/img/nav/what_new.png
IP 47.246.44.209:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type PNG image data, 290 x 165, 8-bit/color RGB, non-interlaced\012- data
Hash 051ce0ceddb5576f91d87b37c0fc2e1c
f340cbc359a644638ca9ea9b9ad136d2dc953efc
578d8acf07aac222ab8ac700f95aead6b18a3662dcf712ddcc9d4034f1c5a8a7
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/img/nav/what_new.png HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/login?callback=https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do
Cookie: _gcl_au=1.1.1294913482.1670122818; _uab_collina=167012281812717218599485; CBDCustomerLang=en; _ga_VT08P6LCX3=GS1.1.1670122818.1.0.1670122818.60.0.0; _ga=GA1.2.432596966.1670122819; _gid=GA1.2.403868981.1670122819; _gat_UA-211432644-1=1; CLT=YThlZjdjMjItZWZiMy00YmE0LTgyOGYtOGZiMTBkZWUzOWYz; externalObj=[{"url":"","params":{"callback":"https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do"},"time":"2022-12-04 03:00:19"}]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/png
content-length: 12726
date: Sun, 04 Dec 2022 02:06:42 GMT
last-modified: Fri, 02 Dec 2022 06:21:13 GMT
etag: "63899959-31b6"
accept-ranges: bytes
ali-swift-global-savetime: 1670119602
via: cache1.l2de2[0,0,304-0,H], cache5.l2de2[1,0], cache8.se1[23,24,200-0,H], cache5.se1[25,0]
age: 3220
x-cache: HIT TCP_REFRESH_HIT dirn:4:13843082
x-swift-savetime: Sun, 04 Dec 2022 03:00:22 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228222925226e
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 0d85a45c2e9badfb04568378ac6394ad
f84acb749c7f7fd2bec896acf76ae64adcb2ae1d
279453ff6424ec96efd53843e684d1110c078ec4f2a4226a50b6c9d48352552e
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 03:00:22 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Thu, 08 Dec 2022 01:24:48 GMT
ETag: "f84acb749c7f7fd2bec896acf76ae64adcb2ae1d"
Last-Modified: Sun, 04 Dec 2022 01:24:49 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1715
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77414a993d86b503-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1377c2956f6d4d989e6fafbe01600b49
7a550dd67e42a8f1ba1468646af02691d0580345
4e0206cd8e1112cdefa7f974876461a968bbcbbf016b1b1c2e3af77346507886
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 03:00:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1377c2956f6d4d989e6fafbe01600b49
7a550dd67e42a8f1ba1468646af02691d0580345
4e0206cd8e1112cdefa7f974876461a968bbcbbf016b1b1c2e3af77346507886
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 03:00:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/sdk.js?hash=29a5ad50c47351cead84479582d6eb4d
31.13.72.12200 OK 87 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=29a5ad50c47351cead84479582d6eb4d
IP 31.13.72.12:0
File type ASCII text, with very long lines (13192)
Hash a199bd3f0adab202788c5bd47bd34414
7d8d4c88fb1e3ccedc265969aa6f8fa1c5660f66
a4d1ff3b3da7dddc6d024319561b760579ce4b839829f36c56e1ada82d8bb6e1
GET /en_US/sdk.js?hash=29a5ad50c47351cead84479582d6eb4d HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cc.chitubox.com
Connection: keep-alive
Referer: https://cc.chitubox.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: bc907025f657cd864dd72c117788359a
etag: "d0dd798f9ece4fc5c5b7b2b363ef9667"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Mon, 04 Dec 2023 01:18:00 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: oZm9PwrasgJ4jFvUe9NEFA==
x-fb-debug: m+icIYTSJYZqvabW1eEQ+ZWYo8mm61DVbfF+xKy0hJyfpuMXcflmJqbnfNC9Iel7ySIIBsXsmZgQT0CQhF6u4A==
content-length: 86894
x-fb-trip-id: 2050670934
date: Sun, 04 Dec 2022 03:00:22 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
socialplugin.facebook.net/new_domain_gating/?endpoint=customerchat&page_id=110698050301469&suppress_http_code=1
31.13.72.8200 OK 86 B URL HTTP/2 socialplugin.facebook.net/new_domain_gating/?endpoint=customerchat&page_id=110698050301469&suppress_http_code=1
IP 31.13.72.8:0
File type ASCII text, with no line terminators
Hash ac72dada01d1a901d2bba93659954aa7
4a0a3ce2152da5b0863c132b346c5f0bbd0b170e
ae14b15c032c9fd47ea68138fb0ced5f863b844d47255020312a15bad0a72c8f
GET /new_domain_gating/?endpoint=customerchat&page_id=110698050301469&suppress_http_code=1 HTTP/1.1
Host: socialplugin.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Origin: https://cc.chitubox.com
Connection: keep-alive
Referer: https://cc.chitubox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/json; charset=utf-8
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
access-control-allow-origin: https://cc.chitubox.com
x-fb-debug: zLInbY/kZlr2aJjMyVr94ycTi6T4XeGwyXhDi4VQ8oR4FchhOFF7JfwDpMp723U/M2qFATDbxsodrlk+Wvm0PQ==
date: Sun, 04 Dec 2022 03:00:21 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1f3a4f3edea56419c58836a0c80d5cea
1558a7ad0acc0c09cdf39ec92030f7ee5736e595
70aeda0cb136ac1add86931a338558b9f302576cd65537575d232fda623fe2f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 03:00:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
chitubox-web-tracking-sz.cn-shenzhen.log.aliyuncs.com/logstores/chitubox-web-tracking-sz-store/track_ua.gif?APIVersion=0.6.0&type=visit&site=home
112.74.122.51200 OK 43 B URL HTTP/1.1 chitubox-web-tracking-sz.cn-shenzhen.log.aliyuncs.com/logstores/chitubox-web-tracking-sz-store/track_ua.gif?APIVersion=0.6.0&type=visit&site=home
IP 112.74.122.51:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /logstores/chitubox-web-tracking-sz-store/track_ua.gif?APIVersion=0.6.0&type=visit&site=home HTTP/1.1
Host: chitubox-web-tracking-sz.cn-shenzhen.log.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Access-Control-Allow-Origin: *
Date: Sun, 04 Dec 2022 03:00:22 GMT
x-log-time: 1670122822
x-log-requestid: 638C0D460199F235F7DDB65B
fis.cbd-3d.com/chitubox/chitubox/public/cc/language/en.json?t=2022-11
47.246.44.209200 OK 14 kB URL HTTP/2 fis.cbd-3d.com/chitubox/chitubox/public/cc/language/en.json?t=2022-11
IP 47.246.44.209:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type Unicode text, UTF-8 (with BOM) text, with very long lines (429), with CRLF line terminators
Hash c83065138b65108dd3ade3d379fd9b19
a815b1e8f908d8ccb5d22394020347322cc3f5c8
0af709399ed0f641b07c3f2486dbbc3cd8a4445d32774d7fe9062d87d9376bfb
GET /chitubox/chitubox/public/cc/language/en.json?t=2022-11 HTTP/1.1
Host: fis.cbd-3d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cc.chitubox.com
Connection: keep-alive
Referer: https://cc.chitubox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/json
content-length: 14502
strict-transport-security: max-age=5184000
date: Sun, 04 Dec 2022 02:41:10 GMT
x-oss-request-id: 638C08C6E67E4F3634D0048B
access-control-allow-origin: https://cc.chitubox.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-max-age: 1800
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "0228C0D6AA735B0F4326E03EB7B05332"
last-modified: Fri, 02 Dec 2022 08:57:14 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 13175253431476156251
x-oss-storage-class: Standard
x-oss-meta-real-name: en.json
content-disposition: attachment; filename=en.json
vary: Accept-Encoding
content-md5: AijA1qpzWw9DJuA+t7BTMg==
x-oss-server-time: 45
ali-swift-global-savetime: 1670121670
via: cache5.l2de2[0,0,304-0,H], cache8.l2de2[1,0], cache3.se1[1503,1503,200-0,H], cache5.se1[1506,0]
content-encoding: gzip
age: 1153
x-cache: HIT TCP_REFRESH_HIT dirn:2:421696010
x-swift-savetime: Sun, 04 Dec 2022 03:00:23 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228218225039e
X-Firefox-Spdy: h2
fis.cbd-3d.com//chitubox/chitubox/public/cms/csv/paypal.svg
47.246.44.209200 OK 990 B URL HTTP/2 fis.cbd-3d.com//chitubox/chitubox/public/cms/csv/paypal.svg
IP 47.246.44.209:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (990), with no line terminators
Hash b746fa26ea89b91e5c50700da2a047b1
e809af3e76933f82eb2fd569385de25819eb90f2
738aea06fc682365e1d9fbc844c3b238f1dcb47f73215d31979ac412f6576402
GET //chitubox/chitubox/public/cms/csv/paypal.svg HTTP/1.1
Host: fis.cbd-3d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/svg+xml
content-length: 990
strict-transport-security: max-age=5184000
date: Sun, 04 Dec 2022 02:10:20 GMT
x-oss-request-id: 638C018C647D973538628896
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "B746FA26EA89B91E5C50700DA2A047B1"
last-modified: Fri, 02 Dec 2022 06:32:10 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 12062891127650808518
x-oss-storage-class: Standard
x-oss-meta-real-name: paypal.svg
content-md5: t0b6JuqJuR5cUHANoqBHsQ==
x-oss-server-time: 52
ali-swift-global-savetime: 1670119820
via: cache21.l2de2[0,0,304-0,H], cache10.l2de2[1,0], cache1.se1[0,0,200-0,H], cache2.se1[1,0]
age: 3003
x-cache: HIT TCP_MEM_HIT dirn:4:171944859
x-swift-savetime: Sun, 04 Dec 2022 02:25:06 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9616701228234356289e
X-Firefox-Spdy: h2
fis.cbd-3d.com/chitubox/chitubox/public/cms/csv/Maestro.svg
47.246.44.209200 OK 633 B URL HTTP/2 fis.cbd-3d.com/chitubox/chitubox/public/cms/csv/Maestro.svg
IP 47.246.44.209:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (633), with no line terminators
Hash df0fdfa6704acefbde1f7f634bd4ae58
e748ea377d76f51190e30f85160de753d17b35cc
b32c1ed2753ff845db593063b1cbadb00fbb579cb969e53cfafdb540b7800023
GET /chitubox/chitubox/public/cms/csv/Maestro.svg HTTP/1.1
Host: fis.cbd-3d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/svg+xml
content-length: 633
strict-transport-security: max-age=5184000
date: Sun, 04 Dec 2022 02:53:55 GMT
x-oss-request-id: 638C0BC393B01338396545CC
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "DF0FDFA6704ACEFBDE1F7F634BD4AE58"
last-modified: Fri, 02 Dec 2022 06:27:10 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17891802613849730984
x-oss-storage-class: Standard
x-oss-meta-real-name: Maestro.svg
content-md5: 3w/fpnBKzvveH39jS9SuWA==
x-oss-server-time: 42
ali-swift-global-savetime: 1670122435
via: cache14.l2de2[0,0,304-0,H], cache5.l2de2[0,0], cache1.se1[21,21,200-0,H], cache2.se1[22,0]
age: 388
x-cache: HIT TCP_REFRESH_HIT dirn:11:181642672
x-swift-savetime: Sun, 04 Dec 2022 03:00:23 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9616701228234296283e
X-Firefox-Spdy: h2
fis.cbd-3d.com//chitubox/chitubox/public/cms/csv/Mastercard.svg
47.246.44.209200 OK 634 B URL HTTP/2 fis.cbd-3d.com//chitubox/chitubox/public/cms/csv/Mastercard.svg
IP 47.246.44.209:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (634), with no line terminators
Hash 12f706c8640a196fd97387f05d7b5c9b
171aa18c076dd80e353fdeab3e64d70ea168846c
0d75303cce76da3abe1dc800402a4591c64f8da39dd4156f72021cbae9b7eacd
GET //chitubox/chitubox/public/cms/csv/Mastercard.svg HTTP/1.1
Host: fis.cbd-3d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/svg+xml
content-length: 634
strict-transport-security: max-age=5184000
date: Sun, 04 Dec 2022 02:32:09 GMT
x-oss-request-id: 638C06A911A5983030E39BC5
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "12F706C8640A196FD97387F05D7B5C9B"
last-modified: Fri, 02 Dec 2022 06:28:29 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 13160761143435839904
x-oss-storage-class: Standard
x-oss-meta-real-name: Mastercard.svg
content-md5: EvcGyGQKGW/Zc4fwXXtcmw==
x-oss-server-time: 4
ali-swift-global-savetime: 1670121129
via: cache8.l2de2[0,0,304-0,H], cache19.l2de2[1,0], cache1.se1[22,21,200-0,H], cache2.se1[23,0]
age: 1694
x-cache: HIT TCP_REFRESH_HIT dirn:4:171949250
x-swift-savetime: Sun, 04 Dec 2022 03:00:23 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9616701228234326286e
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F757562c1-a4bf-4a51-bf99-64f3a0d51840.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F757562c1-a4bf-4a51-bf99-64f3a0d51840.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2c37ed587ee5e3fbdc8cab86ef1345f9
364a32a224b2cacc26b138d57a8945c191e537b1
3c66654da4670e0d5ec87afb6c62f0a420d90875c57b280710f2592269a9303e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F757562c1-a4bf-4a51-bf99-64f3a0d51840.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8285
x-amzn-requestid: 882c673f-4e3f-4f84-a51d-bbac56f716eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAAEWUoAMFWuA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-3a2c571d6272b3493ec2a1c5;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DX2amuyEjkaWng9x7x8TknBMeXzYPSW7pimxhVkcwOPPPbKrX0beQQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:50:24 GMT
etag: "364a32a224b2cacc26b138d57a8945c191e537b1"
content-type: image/jpeg
age: 18600
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cc.chitubox.com/1-es2015.ef9b69d7d0a5110b9d35.js
47.246.44.209200 OK 0 B URL HTTP/2 cc.chitubox.com/1-es2015.ef9b69d7d0a5110b9d35.js
IP 47.246.44.209:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Analyzer Verdict Alert quad9 Sinkholed
GET /1-es2015.ef9b69d7d0a5110b9d35.js HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/login?callback=https://sac.chitubox.com/software/download.do?softwareId=17839&softwareVersionId=v1.9.4&fileName=CHITUBOX64Install_V1.9.4.exe
Cookie: _gcl_au=1.1.1294913482.1670122818; _uab_collina=167012281812717218599485; CBDCustomerLang=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
date: Sun, 04 Dec 2022 02:10:31 GMT
last-modified: Fri, 02 Dec 2022 06:21:13 GMT
etag: W/"63899959-22fcf"
ali-swift-global-savetime: 1670119831
via: cache8.l2de2[0,0,304-0,H], cache14.l2de2[1,0], cache5.se1[22,22,200-0,H], cache5.se1[24,0]
age: 2989
x-cache: HIT TCP_REFRESH_HIT dirn:4:350211379
x-swift-savetime: Sun, 04 Dec 2022 03:00:20 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228207204675e
content-encoding: gzip
X-Firefox-Spdy: h2
sac.chitubox.com/software/getMainstreamProduct.do2
47.254.47.204200 OK 0 B URL HTTP/2 sac.chitubox.com/software/getMainstreamProduct.do2
IP 47.254.47.204:0
ASN #45102 Alibaba US Technology Co., Ltd.
Analyzer Verdict Alert quad9 Sinkholed
GET /software/getMainstreamProduct.do2 HTTP/1.1
Host: sac.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Origin: https://cc.chitubox.com
Connection: keep-alive
Referer: https://cc.chitubox.com/
Cookie: _gcl_au=1.1.1294913482.1670122818; CBDCustomerLang=en; _ga_VT08P6LCX3=GS1.1.1670122818.1.0.1670122818.60.0.0; _ga=GA1.2.432596966.1670122819; _gid=GA1.2.403868981.1670122819; _gat_UA-211432644-1=1; CLT=YThlZjdjMjItZWZiMy00YmE0LTgyOGYtOGZiMTBkZWUzOWYz; externalObj=[{"url":"","params":{"callback":"https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do"},"time":"2022-12-04 03:00:19"}]
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 03:00:22 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://cc.chitubox.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
cms.chitubox.com/log.do?t=REFERRER_EVENT&o=Linux&l=en&st=pc&bt=Firefox&bv=5.0%20(X11)&ru=&rs=&rd=&tu=/login&ts=?callback=https:%252F%252Fsac.chitubox.com%252Fsoftware%252Fdownload.do&ta=https://cc.chitubox.com/login?callback=https:%252F%252Fsac.chitubox.com%252Fsoftware%252Fdownload.do&other=%7B%22url%22:%22https://cc.chitubox.com/login?callback=https:%252F%252Fsac.chitubox.com%252Fsoftware%252Fdownload.do%22%7D
47.254.47.204200 OK 0 B URL HTTP/2 cms.chitubox.com/log.do?t=REFERRER_EVENT&o=Linux&l=en&st=pc&bt=Firefox&bv=5.0%20(X11)&ru=&rs=&rd=&tu=/login&ts=?callback=https:%252F%252Fsac.chitubox.com%252Fsoftware%252Fdownload.do&ta=https://cc.chitubox.com/login?callback=https:%252F%252Fsac.chitubox.com%252Fsoftware%252Fdownload.do&other=%7B%22url%22:%22https://cc.chitubox.com/login?callback=https:%252F%252Fsac.chitubox.com%252Fsoftware%252Fdownload.do%22%7D
IP 47.254.47.204:0
ASN #45102 Alibaba US Technology Co., Ltd.
Analyzer Verdict Alert quad9 Sinkholed
GET /log.do?t=REFERRER_EVENT&o=Linux&l=en&st=pc&bt=Firefox&bv=5.0%20(X11)&ru=&rs=&rd=&tu=/login&ts=?callback=https:%252F%252Fsac.chitubox.com%252Fsoftware%252Fdownload.do&ta=https://cc.chitubox.com/login?callback=https:%252F%252Fsac.chitubox.com%252Fsoftware%252Fdownload.do&other=%7B%22url%22:%22https://cc.chitubox.com/login?callback=https:%252F%252Fsac.chitubox.com%252Fsoftware%252Fdownload.do%22%7D HTTP/1.1
Host: cms.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Origin: https://cc.chitubox.com
Connection: keep-alive
Referer: https://cc.chitubox.com/
Cookie: _gcl_au=1.1.1294913482.1670122818; CBDCustomerLang=en; _ga_VT08P6LCX3=GS1.1.1670122818.1.0.1670122818.60.0.0; _ga=GA1.2.432596966.1670122819; _gid=GA1.2.403868981.1670122819; _gat_UA-211432644-1=1; CLT=YThlZjdjMjItZWZiMy00YmE0LTgyOGYtOGZiMTBkZWUzOWYz; externalObj=[{"url":"","params":{"callback":"https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do"},"time":"2022-12-04 03:00:19"}]
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 03:00:22 GMT
content-type: application/json
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://cc.chitubox.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
cc.chitubox.com/assets/img/nav/nav_academy_case.svg
47.246.44.209200 OK 0 B URL HTTP/2 cc.chitubox.com/assets/img/nav/nav_academy_case.svg
IP 47.246.44.209:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/img/nav/nav_academy_case.svg HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/login?callback=https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do
Cookie: _gcl_au=1.1.1294913482.1670122818; _uab_collina=167012281812717218599485; CBDCustomerLang=en; _ga_VT08P6LCX3=GS1.1.1670122818.1.0.1670122818.60.0.0; _ga=GA1.2.432596966.1670122819; _gid=GA1.2.403868981.1670122819; _gat_UA-211432644-1=1; CLT=YThlZjdjMjItZWZiMy00YmE0LTgyOGYtOGZiMTBkZWUzOWYz; externalObj=[{"url":"","params":{"callback":"https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do"},"time":"2022-12-04 03:00:19"}]
Sec-Fetch-Dest: embed
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/svg+xml
vary: Accept-Encoding
date: Sun, 04 Dec 2022 02:43:09 GMT
last-modified: Fri, 02 Dec 2022 06:21:13 GMT
etag: W/"63899959-57b"
ali-swift-global-savetime: 1670121789
via: cache1.l2de2[0,0,304-0,H], cache23.l2de2[1,0], cache4.se1[23,23,200-0,H], cache5.se1[25,0]
age: 1033
x-cache: HIT TCP_REFRESH_HIT dirn:4:104504337
x-swift-savetime: Sun, 04 Dec 2022 03:00:22 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228220465125e
content-encoding: gzip
X-Firefox-Spdy: h2
cc.chitubox.com/assets/img/nav/nav_support_team.svg
47.246.44.209200 OK 0 B URL HTTP/2 cc.chitubox.com/assets/img/nav/nav_support_team.svg
IP 47.246.44.209:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/img/nav/nav_support_team.svg HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/login?callback=https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do
Cookie: _gcl_au=1.1.1294913482.1670122818; _uab_collina=167012281812717218599485; CBDCustomerLang=en; _ga_VT08P6LCX3=GS1.1.1670122818.1.0.1670122818.60.0.0; _ga=GA1.2.432596966.1670122819; _gid=GA1.2.403868981.1670122819; _gat_UA-211432644-1=1; CLT=YThlZjdjMjItZWZiMy00YmE0LTgyOGYtOGZiMTBkZWUzOWYz; externalObj=[{"url":"","params":{"callback":"https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do"},"time":"2022-12-04 03:00:19"}]
Sec-Fetch-Dest: embed
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/svg+xml
vary: Accept-Encoding
date: Sun, 04 Dec 2022 02:43:09 GMT
last-modified: Fri, 02 Dec 2022 06:21:13 GMT
etag: W/"63899959-623"
ali-swift-global-savetime: 1670121789
via: cache9.l2de2[0,0,304-0,H], cache4.l2de2[1,0], cache3.se1[23,23,200-0,H], cache5.se1[24,0]
age: 1033
x-cache: HIT TCP_REFRESH_HIT dirn:1:403421321
x-swift-savetime: Sun, 04 Dec 2022 03:00:22 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228220485127e
content-encoding: gzip
X-Firefox-Spdy: h2
cc.chitubox.com/assets/img/nav/nav_support_affiliate.svg
47.246.44.209200 OK 0 B URL HTTP/2 cc.chitubox.com/assets/img/nav/nav_support_affiliate.svg
IP 47.246.44.209:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/img/nav/nav_support_affiliate.svg HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/login?callback=https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do
Cookie: _gcl_au=1.1.1294913482.1670122818; _uab_collina=167012281812717218599485; CBDCustomerLang=en; _ga_VT08P6LCX3=GS1.1.1670122818.1.0.1670122818.60.0.0; _ga=GA1.2.432596966.1670122819; _gid=GA1.2.403868981.1670122819; _gat_UA-211432644-1=1; CLT=YThlZjdjMjItZWZiMy00YmE0LTgyOGYtOGZiMTBkZWUzOWYz; externalObj=[{"url":"","params":{"callback":"https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do"},"time":"2022-12-04 03:00:19"}]
Sec-Fetch-Dest: embed
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/svg+xml
vary: Accept-Encoding
date: Sun, 04 Dec 2022 02:43:09 GMT
last-modified: Fri, 02 Dec 2022 06:21:13 GMT
etag: W/"63899959-7dc"
ali-swift-global-savetime: 1670121789
via: cache8.l2de2[0,0,304-0,H], cache11.l2de2[1,0], cache5.se1[22,22,200-0,H], cache5.se1[24,0]
age: 1033
x-cache: HIT TCP_REFRESH_HIT dirn:4:347245416
x-swift-savetime: Sun, 04 Dec 2022 03:00:22 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228220495128e
content-encoding: gzip
X-Firefox-Spdy: h2
fis.cbd-3d.com/chitubox/chitubox/public/cms/csv/Visa.svg
47.246.44.209200 OK 0 B URL HTTP/2 fis.cbd-3d.com/chitubox/chitubox/public/cms/csv/Visa.svg
IP 47.246.44.209:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
GET /chitubox/chitubox/public/cms/csv/Visa.svg HTTP/1.1
Host: fis.cbd-3d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/svg+xml
vary: Accept-Encoding
strict-transport-security: max-age=5184000
date: Sun, 04 Dec 2022 02:10:20 GMT
x-oss-request-id: 638C018CE8F77331310BD24B
x-oss-cdn-auth: success
etag: W/"4EC5AAF1F98064F0C8AC99446EE42D52"
last-modified: Fri, 02 Dec 2022 06:26:33 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 13827437326930840265
x-oss-storage-class: Standard
x-oss-meta-real-name: Visa.svg
content-md5: TsWq8fmAZPDIrJlEbuQtUg==
x-oss-server-time: 20
ali-swift-global-savetime: 1670119820
via: cache9.l2de2[0,0,304-0,H], cache12.l2de2[0,0], cache2.se1[0,0,200-0,H], cache2.se1[2,0]
age: 3003
x-cache: HIT TCP_MEM_HIT dirn:6:462477806
x-swift-savetime: Sun, 04 Dec 2022 02:25:06 GMT
x-swift-cachetime: 3600
content-encoding: br
timing-allow-origin: *
eagleid: 2ff62c9616701228234186278e
X-Firefox-Spdy: h2
cc.chitubox.com/assets/img/nav/nav_academy_tutorial.svg
47.246.44.209200 OK 0 B URL HTTP/2 cc.chitubox.com/assets/img/nav/nav_academy_tutorial.svg
IP 47.246.44.209:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/img/nav/nav_academy_tutorial.svg HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/login?callback=https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do
Cookie: _gcl_au=1.1.1294913482.1670122818; _uab_collina=167012281812717218599485; CBDCustomerLang=en; _ga_VT08P6LCX3=GS1.1.1670122818.1.0.1670122818.60.0.0; _ga=GA1.2.432596966.1670122819; _gid=GA1.2.403868981.1670122819; _gat_UA-211432644-1=1; CLT=YThlZjdjMjItZWZiMy00YmE0LTgyOGYtOGZiMTBkZWUzOWYz; externalObj=[{"url":"","params":{"callback":"https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do"},"time":"2022-12-04 03:00:19"}]
Sec-Fetch-Dest: embed
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/svg+xml
vary: Accept-Encoding
date: Sun, 04 Dec 2022 02:43:08 GMT
last-modified: Fri, 02 Dec 2022 06:21:13 GMT
etag: W/"63899959-6a4"
ali-swift-global-savetime: 1670121788
via: cache8.l2de2[0,0,304-0,H], cache20.l2de2[1,0], cache8.se1[22,21,200-0,H], cache5.se1[23,0]
age: 1034
x-cache: HIT TCP_REFRESH_HIT dirn:4:10956807
x-swift-savetime: Sun, 04 Dec 2022 03:00:22 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228220445123e
content-encoding: gzip
X-Firefox-Spdy: h2
cc.chitubox.com/assets/img/nav/nav_academy_advanced.svg
47.246.44.209200 OK 0 B URL HTTP/2 cc.chitubox.com/assets/img/nav/nav_academy_advanced.svg
IP 47.246.44.209:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/img/nav/nav_academy_advanced.svg HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/login?callback=https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do
Cookie: _gcl_au=1.1.1294913482.1670122818; _uab_collina=167012281812717218599485; CBDCustomerLang=en; _ga_VT08P6LCX3=GS1.1.1670122818.1.0.1670122818.60.0.0; _ga=GA1.2.432596966.1670122819; _gid=GA1.2.403868981.1670122819; _gat_UA-211432644-1=1; CLT=YThlZjdjMjItZWZiMy00YmE0LTgyOGYtOGZiMTBkZWUzOWYz; externalObj=[{"url":"","params":{"callback":"https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do"},"time":"2022-12-04 03:00:19"}]
Sec-Fetch-Dest: embed
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/svg+xml
vary: Accept-Encoding
date: Sun, 04 Dec 2022 02:43:08 GMT
last-modified: Fri, 02 Dec 2022 06:21:13 GMT
etag: W/"63899959-5fa"
ali-swift-global-savetime: 1670121788
via: cache3.l2de2[0,0,304-0,H], cache17.l2de2[1,0], cache3.se1[23,23,200-0,H], cache5.se1[25,0]
age: 1034
x-cache: HIT TCP_REFRESH_HIT dirn:1:403421323
x-swift-savetime: Sun, 04 Dec 2022 03:00:22 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228220455124e
content-encoding: gzip
X-Firefox-Spdy: h2
cc.chitubox.com/assets/img/nav/nav_support_manuals.svg
47.246.44.209200 OK 0 B URL HTTP/2 cc.chitubox.com/assets/img/nav/nav_support_manuals.svg
IP 47.246.44.209:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/img/nav/nav_support_manuals.svg HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/login?callback=https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do
Cookie: _gcl_au=1.1.1294913482.1670122818; _uab_collina=167012281812717218599485; CBDCustomerLang=en; _ga_VT08P6LCX3=GS1.1.1670122818.1.0.1670122818.60.0.0; _ga=GA1.2.432596966.1670122819; _gid=GA1.2.403868981.1670122819; _gat_UA-211432644-1=1; CLT=YThlZjdjMjItZWZiMy00YmE0LTgyOGYtOGZiMTBkZWUzOWYz; externalObj=[{"url":"","params":{"callback":"https:%2F%2Fsac.chitubox.com%2Fsoftware%2Fdownload.do"},"time":"2022-12-04 03:00:19"}]
Sec-Fetch-Dest: embed
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/svg+xml
vary: Accept-Encoding
date: Sun, 04 Dec 2022 02:43:09 GMT
last-modified: Fri, 02 Dec 2022 06:21:13 GMT
etag: W/"63899959-7f4"
ali-swift-global-savetime: 1670121789
via: cache15.l2de2[0,0,304-0,H], cache3.l2de2[1,0], cache3.se1[22,21,200-0,H], cache5.se1[23,0]
age: 1033
x-cache: HIT TCP_REFRESH_HIT dirn:2:418656983
x-swift-savetime: Sun, 04 Dec 2022 03:00:22 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228220475126e
content-encoding: gzip
X-Firefox-Spdy: h2
cc.chitubox.com/runtime-es2015.041759085d3e9482cd6e.js
47.246.44.209200 OK 0 B URL HTTP/2 cc.chitubox.com/runtime-es2015.041759085d3e9482cd6e.js
IP 47.246.44.209:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Analyzer Verdict Alert quad9 Sinkholed
GET /runtime-es2015.041759085d3e9482cd6e.js HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/login?callback=https://sac.chitubox.com/software/download.do?softwareId=17839&softwareVersionId=v1.9.4&fileName=CHITUBOX64Install_V1.9.4.exe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
date: Sun, 04 Dec 2022 02:06:42 GMT
last-modified: Fri, 02 Dec 2022 06:21:14 GMT
etag: W/"6389995a-9c7"
ali-swift-global-savetime: 1670119602
via: cache25.l2de2[0,0,304-0,H], cache8.l2de2[0,0], cache5.se1[23,23,200-0,H], cache5.se1[29,0]
age: 3217
x-cache: HIT TCP_REFRESH_HIT dirn:11:354543902
x-swift-savetime: Sun, 04 Dec 2022 03:00:19 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228198404235e
content-encoding: gzip
X-Firefox-Spdy: h2
fis.cbd-3d.com/chitubox/chitubox/public/cms/csv/AMEX.svg
47.246.44.209200 OK 0 B URL HTTP/2 fis.cbd-3d.com/chitubox/chitubox/public/cms/csv/AMEX.svg
IP 47.246.44.209:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
GET /chitubox/chitubox/public/cms/csv/AMEX.svg HTTP/1.1
Host: fis.cbd-3d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/svg+xml
vary: Accept-Encoding
strict-transport-security: max-age=5184000
date: Sun, 04 Dec 2022 02:10:20 GMT
x-oss-request-id: 638C018CE5E9AB363009E45C
x-oss-cdn-auth: success
etag: W/"75DD3FE3FC585FC43CA06129AA1EC5BE"
last-modified: Fri, 02 Dec 2022 06:24:38 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 5448396767152452691
x-oss-storage-class: Standard
x-oss-meta-real-name: AMEX.svg
content-md5: dd0/4/xYX8Q8oGEpqh7Fvg==
x-oss-server-time: 22
ali-swift-global-savetime: 1670119820
via: cache5.l2de2[0,0,304-0,H], cache23.l2de2[0,0], cache3.se1[0,0,200-0,H], cache2.se1[0,0]
age: 3003
x-cache: HIT TCP_MEM_HIT dirn:1:406391694
x-swift-savetime: Sun, 04 Dec 2022 02:25:06 GMT
x-swift-cachetime: 3600
content-encoding: br
timing-allow-origin: *
eagleid: 2ff62c9616701228234256282e
X-Firefox-Spdy: h2
cc.chitubox.com/main-es2015.bec17842e18155af5593.js
47.246.44.209200 OK 0 B URL HTTP/2 cc.chitubox.com/main-es2015.bec17842e18155af5593.js
IP 47.246.44.209:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Analyzer Verdict Alert quad9 Sinkholed
GET /main-es2015.bec17842e18155af5593.js HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/login?callback=https://sac.chitubox.com/software/download.do?softwareId=17839&softwareVersionId=v1.9.4&fileName=CHITUBOX64Install_V1.9.4.exe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
date: Sun, 04 Dec 2022 02:10:30 GMT
last-modified: Fri, 02 Dec 2022 06:21:14 GMT
etag: W/"6389995a-266701"
ali-swift-global-savetime: 1670119830
via: cache14.l2de2[0,0,304-0,H], cache20.l2de2[0,0], cache2.se1[88,89,200-0,H], cache5.se1[91,0]
age: 2989
x-cache: HIT TCP_REFRESH_HIT dirn:6:454108739
x-swift-savetime: Sun, 04 Dec 2022 03:00:19 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228198414237e
content-encoding: gzip
X-Firefox-Spdy: h2
manychat.com/pixel/logEvent
18.185.191.84200 OK 0 B URL HTTP/2 manychat.com/pixel/logEvent
IP 18.185.191.84:0
POST /pixel/logEvent HTTP/1.1
Host: manychat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 408
Origin: https://cc.chitubox.com
Connection: keep-alive
Referer: https://cc.chitubox.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty/1.21.4.1
date: Sun, 04 Dec 2022 03:00:21 GMT
content-type: application/json
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
cc.chitubox.com/login?callback=https://sac.chitubox.com/software/download.do?softwareId=17839&softwareVersionId=v1.9.4&fileName=CHITUBOX64Install_V1.9.4.exe
47.246.44.209200 OK 0 B URL HTTP/2 cc.chitubox.com/login?callback=https://sac.chitubox.com/software/download.do?softwareId=17839&softwareVersionId=v1.9.4&fileName=CHITUBOX64Install_V1.9.4.exe
IP 47.246.44.209:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Analyzer Verdict Alert quad9 Sinkholed
GET /login?callback=https://sac.chitubox.com/software/download.do?softwareId=17839&softwareVersionId=v1.9.4&fileName=CHITUBOX64Install_V1.9.4.exe HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: Tengine
content-type: text/html; charset=utf-8
vary: Accept-Encoding
date: Sun, 04 Dec 2022 03:00:19 GMT
last-modified: Fri, 02 Dec 2022 06:21:14 GMT
etag: W/"6389995a-9ad"
ali-swift-global-savetime: 1670122819
via: cache4.l2de2[2746,2745,200-0,M], cache17.l2de2[2747,0], cache3.se1[4271,4271,200-0,M], cache5.se1[4274,0]
x-cache: MISS TCP_MISS dirn:-2:-2
x-swift-savetime: Sun, 04 Dec 2022 03:00:19 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228154652260e
content-encoding: gzip
X-Firefox-Spdy: h2
cc.chitubox.com/polyfills-es2015.f955ee086c41edabf52d.js
47.246.44.209200 OK 0 B URL HTTP/2 cc.chitubox.com/polyfills-es2015.f955ee086c41edabf52d.js
IP 47.246.44.209:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Analyzer Verdict Alert quad9 Sinkholed
GET /polyfills-es2015.f955ee086c41edabf52d.js HTTP/1.1
Host: cc.chitubox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/login?callback=https://sac.chitubox.com/software/download.do?softwareId=17839&softwareVersionId=v1.9.4&fileName=CHITUBOX64Install_V1.9.4.exe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
date: Sun, 04 Dec 2022 02:41:05 GMT
last-modified: Fri, 02 Dec 2022 06:21:14 GMT
etag: W/"6389995a-9081"
ali-swift-global-savetime: 1670121666
via: cache2.l2de2[0,0,304-0,H], cache1.l2de2[0,0], cache2.se1[23,24,200-0,H], cache5.se1[28,0]
age: 1153
x-cache: HIT TCP_REFRESH_HIT dirn:11:5565473
x-swift-savetime: Sun, 04 Dec 2022 03:00:19 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff62c9916701228198414236e
content-encoding: gzip
X-Firefox-Spdy: h2
fis.cbd-3d.com//chitubox/chitubox/public/cms/csv/unionpay.svg
47.246.44.209200 OK 0 B URL HTTP/2 fis.cbd-3d.com//chitubox/chitubox/public/cms/csv/unionpay.svg
IP 47.246.44.209:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
GET //chitubox/chitubox/public/cms/csv/unionpay.svg HTTP/1.1
Host: fis.cbd-3d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cc.chitubox.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/svg+xml
vary: Accept-Encoding
strict-transport-security: max-age=5184000
date: Sun, 04 Dec 2022 02:32:09 GMT
x-oss-request-id: 638C06A9647D973439A9E8C2
x-oss-cdn-auth: success
etag: W/"8A10AEFC7295216C338BA4E1224627A1"
last-modified: Fri, 02 Dec 2022 06:29:45 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 311633489719995761
x-oss-storage-class: Standard
x-oss-meta-real-name: unionpay.svg
content-md5: ihCu/HKVIWwzi6ThIkYnoQ==
x-oss-server-time: 18
ali-swift-global-savetime: 1670121129
via: cache12.l2de2[0,0,304-0,H], cache1.l2de2[1,0], cache7.se1[23,23,200-0,H], cache2.se1[25,0]
age: 1694
x-cache: HIT TCP_REFRESH_HIT dirn:3:426383623
x-swift-savetime: Sun, 04 Dec 2022 03:00:23 GMT
x-swift-cachetime: 3600
content-encoding: br
timing-allow-origin: *
eagleid: 2ff62c9616701228234326287e
X-Firefox-Spdy: h2