ultahours.com/fume-extra-vape-need-to-know-maintenance-tips/
66.29.146.46301 Moved Permanently 707 B URL HTTP/1.1 ultahours.com/fume-extra-vape-need-to-know-maintenance-tips/
IP 66.29.146.46:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /fume-extra-vape-need-to-know-maintenance-tips/ HTTP/1.1
Host: ultahours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Sun, 27 Nov 2022 18:00:51 GMT
server: LiteSpeed
location: https://ultahours.com/fume-extra-vape-need-to-know-maintenance-tips/
x-turbo-charged-by: LiteSpeed
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cdbad2434b7d127a4fc769807a9dc3e7
fa98cd9fc2309ab4423f33f683d17bdb17d76713
560cbbb751ab2884024da3b93fba6bc45c6434797dba72a98c05e7fc2bb94bc1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7547
Expires: Sun, 27 Nov 2022 20:06:38 GMT
Date: Sun, 27 Nov 2022 18:00:51 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 64b2a23eab6e5ae8c010ec7242be930c
0673e4385ba01a5a245711bab96cafc34f765793
64751d193f7af72431e9689581faffcae1a30ff50ea425697b2b80ff61c87909
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5815
Cache-Control: max-age=151637
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 18:00:51 GMT
Etag: "63833c71-1d7"
Expires: Tue, 29 Nov 2022 12:08:08 GMT
Last-Modified: Sun, 27 Nov 2022 10:31:13 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13164
Expires: Sun, 27 Nov 2022 21:40:15 GMT
Date: Sun, 27 Nov 2022 18:00:51 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 27 Nov 2022 17:17:40 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2591
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: SNPR/5sdFOn2p7M6Ct6+6oucckHVEkWwQZwpNrwCvHrMjq5ukDd/WdzvkAfkl+0oK4Mum0KOUzI=
x-amz-request-id: EBRBQ3JTQA6XS97M
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 27 Nov 2022 17:44:43 GMT
age: 968
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 18:00:51 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 27 Nov 2022 17:11:12 GMT
cache-control: public,max-age=3600
age: 2979
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 99f33f9386740bd09ebe2266160d9071
c7f6851d9b83f7b9a45a58291908656d792f98c9
56a70d0f7562a70f53bca316985232cf28e602e918de7ee784d5add67d344470
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 18:00:51 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 20:32:09 GMT
Expires: Thu, 01 Dec 2022 20:32:08 GMT
Etag: "c7f6851d9b83f7b9a45a58291908656d792f98c9"
Cache-Control: max-age=354076,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 770cc40aaa45fab4-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a6fee11dfe1b88cd768a0ca3e2bd0c89
59cec9a44a4a92467678afe65f347f68641a2174
50870c499aae4d5dfd6df25a36cd04b6d185b66ef0590e46933984bf52e2483f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5546
Cache-Control: max-age=146306
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 18:00:52 GMT
Etag: "638328ac-1d7"
Expires: Tue, 29 Nov 2022 10:39:18 GMT
Last-Modified: Sun, 27 Nov 2022 09:06:52 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 275f0035de997821992b512cf1c41d0a
cd24fff9ab00012c1c23622ab1f86aaaf02da8c9
1a8dd40698e960be61c4284c14c9d7a30dc3fe89bbbbf60618e741688f9f0f4a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3181
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 18:00:52 GMT
Last-Modified: Sun, 27 Nov 2022 17:07:51 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 280
push.services.mozilla.com/
35.161.230.192101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.230.192:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: TSSmGWct4GQ8U5u91MuTqQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: it++L5Q3XQrpXz3YFlwVUnDsL4A=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6618a3e9f3ab3591a04a0db9f656df37
98d475c6229eb538e3d4a0e461d1db626c81d04c
e509dd8b081ad01919210043de05f48e1ec1bf3823efd4d6c82b40d06f268afb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E509DD8B081AD01919210043DE05F48E1EC1BF3823EFD4D6C82B40D06F268AFB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=429
Expires: Sun, 27 Nov 2022 18:08:01 GMT
Date: Sun, 27 Nov 2022 18:00:52 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 275f0035de997821992b512cf1c41d0a
cd24fff9ab00012c1c23622ab1f86aaaf02da8c9
1a8dd40698e960be61c4284c14c9d7a30dc3fe89bbbbf60618e741688f9f0f4a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3181
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 18:00:52 GMT
Last-Modified: Sun, 27 Nov 2022 17:07:51 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 280
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6618a3e9f3ab3591a04a0db9f656df37
98d475c6229eb538e3d4a0e461d1db626c81d04c
e509dd8b081ad01919210043de05f48e1ec1bf3823efd4d6c82b40d06f268afb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E509DD8B081AD01919210043DE05F48E1EC1BF3823EFD4D6C82B40D06F268AFB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=429
Expires: Sun, 27 Nov 2022 18:08:01 GMT
Date: Sun, 27 Nov 2022 18:00:52 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 275f0035de997821992b512cf1c41d0a
cd24fff9ab00012c1c23622ab1f86aaaf02da8c9
1a8dd40698e960be61c4284c14c9d7a30dc3fe89bbbbf60618e741688f9f0f4a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3181
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 18:00:52 GMT
Last-Modified: Sun, 27 Nov 2022 17:07:51 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 280
ultahours.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
66.29.146.46200 OK 12 kB URL HTTP/2 ultahours.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 66.29.146.46:0
File type ASCII text, with very long lines (47826)
Hash c4d7cc056b49b00e05cc29cc59aa3d5a
48c426bec60099d2a8628df430ed682c72aab42a
8009c12f2674a8d38401f4b5faad1fef2cfcd18a8c927ed2561ae9d7de9b57b5
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: ultahours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultahours.com/fume-extra-vape-need-to-know-maintenance-tips/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 04 Dec 2022 18:00:52 GMT
content-type: text/css
last-modified: Tue, 15 Nov 2022 21:33:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 11616
date: Sun, 27 Nov 2022 18:00:52 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ultahours.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1
66.29.146.46200 OK 982 B URL HTTP/2 ultahours.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1
IP 66.29.146.46:0
File type ASCII text, with very long lines (4186), with no line terminators
Hash 24f4d7f425e792ab35adaab50816e54a
9e25bf79b674ddb7ba09ad7f118c50ec473c02c8
1c78bfb4d523785a4ebd37bb1f79f214f9bdb16673f7cc50805f7f1a26ad7f83
GET /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1 HTTP/1.1
Host: ultahours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultahours.com/fume-extra-vape-need-to-know-maintenance-tips/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 04 Dec 2022 18:00:52 GMT
content-type: text/css
last-modified: Sat, 08 Jun 2019 06:15:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 982
date: Sun, 27 Nov 2022 18:00:52 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ultahours.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
66.29.146.46200 OK 2.4 kB URL HTTP/2 ultahours.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
IP 66.29.146.46:0
File type ASCII text, with very long lines (11256), with no line terminators
Hash ce94f62588d05264ac0148712111cb11
518bcd922f54169aeb199c0ccbc5877165ac218e
84ab658a69c39f424be0b27f61d612447d01606fce33beb962cbea53627d8c81
GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17 HTTP/1.1
Host: ultahours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultahours.com/fume-extra-vape-need-to-know-maintenance-tips/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 04 Dec 2022 18:00:52 GMT
content-type: text/css
last-modified: Wed, 30 Sep 2020 01:23:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2394
date: Sun, 27 Nov 2022 18:00:52 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c6bd82985c4427ff7e474c5c7c71e73c
f9cc525520b0d571cd3f143806c8a5f1ee0166fc
cb027063ba1c1ffa08eef4faee1640fcd8ae3890c10d4295fb06c2c8b408de94
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CB027063BA1C1FFA08EEF4FAEE1640FCD8AE3890C10D4295FB06C2C8B408DE94"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3690
Expires: Sun, 27 Nov 2022 19:02:22 GMT
Date: Sun, 27 Nov 2022 18:00:52 GMT
Connection: keep-alive
ultahours.com/wp-content/themes/infinity-news/assets/lib/ionicons/css/ionicons.min.css?ver=6.1.1
66.29.146.46200 OK 7.0 kB URL HTTP/2 ultahours.com/wp-content/themes/infinity-news/assets/lib/ionicons/css/ionicons.min.css?ver=6.1.1
IP 66.29.146.46:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (46127)
Hash bff8fed5f3729dcd6d809051d1587b26
493246e12d05519db3cf0c56c5849e4c45f36abb
ee761402e40579eb079976df6c4730cd81d478e88828bc3b6afbdc930ce11f0f
GET /wp-content/themes/infinity-news/assets/lib/ionicons/css/ionicons.min.css?ver=6.1.1 HTTP/1.1
Host: ultahours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultahours.com/fume-extra-vape-need-to-know-maintenance-tips/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 04 Dec 2022 18:00:52 GMT
content-type: text/css
last-modified: Wed, 27 Jul 2022 12:00:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 7022
date: Sun, 27 Nov 2022 18:00:52 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ultahours.com/wp-content/themes/infinity-news/assets/lib/slick/css/slick.min.css?ver=6.1.1
66.29.146.46200 OK 390 B URL HTTP/2 ultahours.com/wp-content/themes/infinity-news/assets/lib/slick/css/slick.min.css?ver=6.1.1
IP 66.29.146.46:0
File type ASCII text, with very long lines (1297), with no line terminators
Hash 90d451e2b9d402cfd2e47ffbde3359e2
dec46a706d3beb7dc98ad70565760afc5d8a10a5
7452dc40c2fa32f9057e40c64bca650356d71b25b2b127631408e03d22a289fe
GET /wp-content/themes/infinity-news/assets/lib/slick/css/slick.min.css?ver=6.1.1 HTTP/1.1
Host: ultahours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultahours.com/fume-extra-vape-need-to-know-maintenance-tips/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 04 Dec 2022 18:00:52 GMT
content-type: text/css
last-modified: Mon, 14 Dec 2020 00:12:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 390
date: Sun, 27 Nov 2022 18:00:52 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ultahours.com/wp-content/fonts/ce20112a080e0a4d8ce4e9f8912ea350.css?ver=1.3.8
66.29.146.46200 OK 1.3 kB URL HTTP/2 ultahours.com/wp-content/fonts/ce20112a080e0a4d8ce4e9f8912ea350.css?ver=1.3.8
IP 66.29.146.46:0
Hash 0572d679fcacfc95552f8602240eb012
d2ddb52d7145036ea6702073f4a41c850ab4a1e9
a0273eb2ad3443c8e68c007235ee1355374b6e5747b05efda14ffeaf226abe97
GET /wp-content/fonts/ce20112a080e0a4d8ce4e9f8912ea350.css?ver=1.3.8 HTTP/1.1
Host: ultahours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultahours.com/fume-extra-vape-need-to-know-maintenance-tips/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 04 Dec 2022 18:00:52 GMT
content-type: text/css
last-modified: Wed, 13 Apr 2022 08:04:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1273
date: Sun, 27 Nov 2022 18:00:52 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ultahours.com/wp-includes/css/classic-themes.min.css?ver=1
66.29.146.46200 OK 217 B URL HTTP/2 ultahours.com/wp-includes/css/classic-themes.min.css?ver=1
IP 66.29.146.46:0
Hash 95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: ultahours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultahours.com/fume-extra-vape-need-to-know-maintenance-tips/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 04 Dec 2022 18:00:52 GMT
content-type: text/css
last-modified: Wed, 02 Nov 2022 09:33:38 GMT
accept-ranges: bytes
content-length: 217
date: Sun, 27 Nov 2022 18:00:52 GMT
server: LiteSpeed
vary: User-Agent
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ultahours.com/wp-content/themes/infinity-news/assets/lib/magnific-popup/magnific-popup.css?ver=6.1.1
66.29.146.46200 OK 1.7 kB URL HTTP/2 ultahours.com/wp-content/themes/infinity-news/assets/lib/magnific-popup/magnific-popup.css?ver=6.1.1
IP 66.29.146.46:0
Hash 03b0f3835745934343c47a2156262fe1
e99d28783482b3944d07ff3c68e18355c7887ff9
0ebf9903106fcf5bf718fa026aedb96decc0a48a7a9ec2e0dc1cad43119ad9ff
GET /wp-content/themes/infinity-news/assets/lib/magnific-popup/magnific-popup.css?ver=6.1.1 HTTP/1.1
Host: ultahours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultahours.com/fume-extra-vape-need-to-know-maintenance-tips/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 04 Dec 2022 18:00:52 GMT
content-type: text/css
last-modified: Wed, 27 Jul 2022 12:00:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1660
date: Sun, 27 Nov 2022 18:00:52 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ultahours.com/wp-content/themes/infinity-news/assets/lib/sidr/css/jquery.sidr.dark.css?ver=6.1.1
66.29.146.46200 OK 489 B URL HTTP/2 ultahours.com/wp-content/themes/infinity-news/assets/lib/sidr/css/jquery.sidr.dark.css?ver=6.1.1
IP 66.29.146.46:0
Hash b7b24002fb0f621c4fcb61c891e4f66b
9085371b46749386e42193176b1ec82f09cf5e92
76b7e60f921e463a38f64d34893a6cdd00b47549011d80b056128103f08e1be2
GET /wp-content/themes/infinity-news/assets/lib/sidr/css/jquery.sidr.dark.css?ver=6.1.1 HTTP/1.1
Host: ultahours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultahours.com/fume-extra-vape-need-to-know-maintenance-tips/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 04 Dec 2022 18:00:52 GMT
content-type: text/css
last-modified: Wed, 27 Jul 2022 12:00:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 489
date: Sun, 27 Nov 2022 18:00:52 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ultahours.com/wp-content/themes/infinity-news/assets/lib/aos/css/aos.css?ver=6.1.1
66.29.146.46200 OK 1.5 kB URL HTTP/2 ultahours.com/wp-content/themes/infinity-news/assets/lib/aos/css/aos.css?ver=6.1.1
IP 66.29.146.46:0
File type ASCII text, with very long lines (26053), with no line terminators
Hash 5639e4329fc2bd97ef94f1260781166a
554d440071df8ed105686daa38d6417f098e1ffc
355f6c40fcb2d2e7d9dd9c63d0dd980c4344d7f4b45cf6f078df23be853ef0a9
GET /wp-content/themes/infinity-news/assets/lib/aos/css/aos.css?ver=6.1.1 HTTP/1.1
Host: ultahours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultahours.com/fume-extra-vape-need-to-know-maintenance-tips/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 04 Dec 2022 18:00:52 GMT
content-type: text/css
last-modified: Mon, 14 Dec 2020 00:12:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1539
date: Sun, 27 Nov 2022 18:00:52 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 8620cb50c13aa6595039feb6a940c719
87697510b8823d7312df41eaca3fd042a12bf96d
eda65270df7fee2cb4c1dcd7d5116c6e58918b7685ff2b2ef5e791c5b787a618
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5496
Cache-Control: max-age=143381
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 18:00:52 GMT
Etag: "63831d71-117"
Expires: Tue, 29 Nov 2022 09:50:33 GMT
Last-Modified: Sun, 27 Nov 2022 08:18:57 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279
tzegilo.com/stattag.js
172.67.194.45200 OK 5.5 kB IP 172.67.194.45:0
File type ASCII text, with very long lines (12966), with no line terminators
Hash 9309f9aad39d938d0048186a9094c54c
9521e2178783c035ca01a1c1408728a1fdf7018c
2da8ebea84b18b6491d8169fe658f45aa6fa315175b5b510f8807799e1fda5c7
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultahours.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 18:00:52 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 15:07:42 GMT
etag: W/"637e373e-32a6"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 6297
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pSytDJ11Qn4oW9ZM18ymQF7G2BCorl87BGRc3BGA%2BR5ypJD7zHm6uyPG3zf1b51MapuDZVjGzmosF4AGay4GFkL94EETuy3TJdaI5aXGXh6cvTBFtJoe7mhifOPRrA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770cc4117f97b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43dca8ebcf06bd09eb16b5516072ec48
84fe572e189c13383dc0a805a90c07de69c48ee6
be524e069364f1231ff9f6f8a5ca6ae8aa4353ba95fa7913c30c13ed008ab8fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE524E069364F1231FF9F6F8A5CA6AE8AA4353BA95FA7913C30C13ED008AB8FD"
Last-Modified: Sat, 26 Nov 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4014
Expires: Sun, 27 Nov 2022 19:07:46 GMT
Date: Sun, 27 Nov 2022 18:00:52 GMT
Connection: keep-alive
bedrapiona.com/5/5542892/?oo=1&js_build=iclick-v1.454.0
139.45.197.234200 OK 1.4 kB URL HTTP/2 bedrapiona.com/5/5542892/?oo=1&js_build=iclick-v1.454.0
IP 139.45.197.234:0
Hash 358f56075c9a773d2d587c509b078710
90d123c39d46289a66500d410b53d701b4d5dc0b
64fffe347c12227e990cf93df1833a14fb55528be0449b91cb096b58363fb6ef
GET /5/5542892/?oo=1&js_build=iclick-v1.454.0 HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ultahours.com
Connection: keep-alive
Referer: https://ultahours.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 18:00:52 GMT
content-type: application/json
x-trace-id: ab4429a7c5a0a038b1ba3dea87468eb4
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://ultahours.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=d963e6ba606147eebc11fce780f7e529; expires=Mon, 27 Nov 2023 18:00:52 GMT; path=/; secure; SameSite=None
oaidts=1669572052; expires=Mon, 27 Nov 2023 18:00:52 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
ultahours.com/wp-content/plugins/jetpack/css/jetpack.css?ver=11.5.1
66.29.146.46200 OK 16 kB URL HTTP/2 ultahours.com/wp-content/plugins/jetpack/css/jetpack.css?ver=11.5.1
IP 66.29.146.46:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 689ebe98eda70de6e971dd03b18f0328
218ed8ee8e28b44f8492660c2c750f47ae0b3447
945844c773bb0f2ed5f1fb8d2f5ff8a4b9471860df265eda71fa679ff98ea80f
GET /wp-content/plugins/jetpack/css/jetpack.css?ver=11.5.1 HTTP/1.1
Host: ultahours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultahours.com/fume-extra-vape-need-to-know-maintenance-tips/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 04 Dec 2022 18:00:52 GMT
content-type: text/css
last-modified: Tue, 25 Oct 2022 17:51:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 15569
date: Sun, 27 Nov 2022 18:00:52 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ultahours.com/wp-content/uploads/2022/04/cropped-cropped-TechT-b-e1636814845832-1.png
66.29.146.46200 OK 14 kB URL HTTP/2 ultahours.com/wp-content/uploads/2022/04/cropped-cropped-TechT-b-e1636814845832-1.png
IP 66.29.146.46:0
File type PNG image data, 512 x 70, 8-bit/color RGBA, non-interlaced\012- data
Hash 146f49e8d4a698fa42af90e217986155
fa6ecbaf7e1063b882300fbe4535cfeca6cd7815
5c114e7c2c171a032e831b4ebceb52c4f1f87ad8a7194f32458c0659382c602d
GET /wp-content/uploads/2022/04/cropped-cropped-TechT-b-e1636814845832-1.png HTTP/1.1
Host: ultahours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultahours.com/fume-extra-vape-need-to-know-maintenance-tips/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 04 Dec 2022 18:00:52 GMT
content-type: image/png
last-modified: Sun, 17 Apr 2022 07:52:54 GMT
accept-ranges: bytes
content-length: 14244
date: Sun, 27 Nov 2022 18:00:52 GMT
server: LiteSpeed
vary: User-Agent
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ultahours.com/wp-content/themes/infinity-news/style.css?ver=6.1.1
66.29.146.46200 OK 16 kB URL HTTP/2 ultahours.com/wp-content/themes/infinity-news/style.css?ver=6.1.1
IP 66.29.146.46:0
File type Unicode text, UTF-8 text, with very long lines (754)
Hash 31f39d014b63825a36bf93dc6f7f6bc5
97fb7331482fa254fe121cbd896b52ced48d5bfa
b236bacf1ed8afc277a451746167810662ad7fff2a85b4f1f92d5bee057020a8
GET /wp-content/themes/infinity-news/style.css?ver=6.1.1 HTTP/1.1
Host: ultahours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultahours.com/fume-extra-vape-need-to-know-maintenance-tips/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 04 Dec 2022 18:00:52 GMT
content-type: text/css
last-modified: Tue, 20 Sep 2022 12:28:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 16126
date: Sun, 27 Nov 2022 18:00:52 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ultahours.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
66.29.146.46200 OK 4.0 kB URL HTTP/2 ultahours.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 66.29.146.46:0
File type ASCII text, with very long lines (11126)
Hash 7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: ultahours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultahours.com/fume-extra-vape-need-to-know-maintenance-tips/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 04 Dec 2022 18:00:52 GMT
content-type: application/javascript
last-modified: Wed, 18 Nov 2020 19:36:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3995
date: Sun, 27 Nov 2022 18:00:52 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ultahours.com/wp-content/themes/infinity-news/assets/lib/slick/js/slick.min.js?ver=6.1.1
66.29.146.46200 OK 10 kB URL HTTP/2 ultahours.com/wp-content/themes/infinity-news/assets/lib/slick/js/slick.min.js?ver=6.1.1
IP 66.29.146.46:0
File type ASCII text, with very long lines (32076), with CRLF line terminators
Hash 8b3c8cf5bb0269cefda394392af4638d
9d84999107863a4eaab14b7e3e7a949dc896eb5d
1239b96fb3c9b57331e39d1bab711d06f1debfc33b2fdeb13b5fd455c011bb0c
GET /wp-content/themes/infinity-news/assets/lib/slick/js/slick.min.js?ver=6.1.1 HTTP/1.1
Host: ultahours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultahours.com/fume-extra-vape-need-to-know-maintenance-tips/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 04 Dec 2022 18:00:52 GMT
content-type: application/javascript
last-modified: Mon, 14 Dec 2020 00:12:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 10112
date: Sun, 27 Nov 2022 18:00:52 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ultahours.com/wp-content/themes/infinity-news/assets/lib/default/js/skip-link-focus-fix.js?ver=20151215
66.29.146.46200 OK 332 B URL HTTP/2 ultahours.com/wp-content/themes/infinity-news/assets/lib/default/js/skip-link-focus-fix.js?ver=20151215
IP 66.29.146.46:0
Hash 0f7b58a8c17b892defb8c3595a119d07
c6f89bbe8565fbae58376323b67a8debf4316edb
a5b6916a01fce60f536309a5528ef2ad9ae4d8e90fce5b368882f919cc420074
GET /wp-content/themes/infinity-news/assets/lib/default/js/skip-link-focus-fix.js?ver=20151215 HTTP/1.1
Host: ultahours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultahours.com/fume-extra-vape-need-to-know-maintenance-tips/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 04 Dec 2022 18:00:52 GMT
content-type: application/javascript
last-modified: Wed, 27 Jul 2022 12:00:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 332
date: Sun, 27 Nov 2022 18:00:52 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash c910a44bf58b708c25d146fd52adb8e9
374a72c3026ea1fa5defd1e8eb7be2ca7184dfd5
3cf34029e6a112320130d154ac1291e49bcb4a80f0caaf84309456986f0adc77
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 18:00:53 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 13:33:17 GMT
Expires: Fri, 02 Dec 2022 13:33:16 GMT
Etag: "374a72c3026ea1fa5defd1e8eb7be2ca7184dfd5"
Cache-Control: max-age=415342,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 770cc4127a69fab4-OSL
datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
37.48.68.71200 OK 12 B URL HTTP/1.1 datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 37.48.68.71:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1232
Origin: https://ultahours.com
Connection: keep-alive
Referer: https://ultahours.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sun, 27 Nov 2022 18:00:53 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://ultahours.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
ultahours.com/wp-content/themes/infinity-news/assets/lib/magnific-popup/jquery.magnific-popup.min.js?ver=6.1.1
66.29.146.46200 OK 7.0 kB URL HTTP/2 ultahours.com/wp-content/themes/infinity-news/assets/lib/magnific-popup/jquery.magnific-popup.min.js?ver=6.1.1
IP 66.29.146.46:0
File type ASCII text, with very long lines (20087)
Hash f5e275bd34668dca4972a4cceccd7907
cba188e35681cd77cfcbd026aac16315747fab12
7874f3927ffd30d189723404d3fb9699e728955b083abeccc9a988890b4b2ede
GET /wp-content/themes/infinity-news/assets/lib/magnific-popup/jquery.magnific-popup.min.js?ver=6.1.1 HTTP/1.1
Host: ultahours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultahours.com/fume-extra-vape-need-to-know-maintenance-tips/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 04 Dec 2022 18:00:52 GMT
content-type: application/javascript
last-modified: Wed, 27 Jul 2022 12:00:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 7043
date: Sun, 27 Nov 2022 18:00:52 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ultahours.com/wp-content/themes/infinity-news/assets/lib/theiaStickySidebar/theia-sticky-sidebar.min.js?ver=6.1.1
66.29.146.46200 OK 1.6 kB URL HTTP/2 ultahours.com/wp-content/themes/infinity-news/assets/lib/theiaStickySidebar/theia-sticky-sidebar.min.js?ver=6.1.1
IP 66.29.146.46:0
File type HTML document, ASCII text, with very long lines (5370)
Hash ac0418cf95536a79f55d2fbfcd2c78ed
29c608e1f396dc44447d70a13af717857a446858
e40bb720a7f039cb4526993c6dcb18fa51b1f9071963083f7db40222134db94f
GET /wp-content/themes/infinity-news/assets/lib/theiaStickySidebar/theia-sticky-sidebar.min.js?ver=6.1.1 HTTP/1.1
Host: ultahours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultahours.com/fume-extra-vape-need-to-know-maintenance-tips/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 04 Dec 2022 18:00:52 GMT
content-type: application/javascript
last-modified: Wed, 27 Jul 2022 12:00:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1598
date: Sun, 27 Nov 2022 18:00:52 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ultahours.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
66.29.146.46200 OK 30 kB URL HTTP/2 ultahours.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 66.29.146.46:0
File type ASCII text, with very long lines (65447)
Hash 3a1740685bd5c0bbd5f2b812e1eb7fb4
488e07695da787fed18361c50292aef35abb5e81
4a07aed2d8cf88afdec0b56b365b951c76d387db3459166b5a0d25e2e6cc95ef
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: ultahours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultahours.com/fume-extra-vape-need-to-know-maintenance-tips/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 04 Dec 2022 18:00:52 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 09:33:37 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 30324
date: Sun, 27 Nov 2022 18:00:52 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ultahours.com/wp-content/uploads/2022/04/cropped-TechT-b-e1636814845832.png
66.29.146.46200 OK 14 kB URL HTTP/2 ultahours.com/wp-content/uploads/2022/04/cropped-TechT-b-e1636814845832.png
IP 66.29.146.46:0
File type PNG image data, 512 x 70, 8-bit/color RGBA, non-interlaced\012- data
Hash 3179f7b917384960dd5df3acf457a120
b229c1332746cf5ba51bc484dd85918f93ef1793
d8ea53e6553eafaa0e673a9afb6cc41b38d768f8320b9e61c8251c2b511683f6
GET /wp-content/uploads/2022/04/cropped-TechT-b-e1636814845832.png HTTP/1.1
Host: ultahours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultahours.com/fume-extra-vape-need-to-know-maintenance-tips/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 04 Dec 2022 18:00:52 GMT
content-type: image/png
last-modified: Sun, 17 Apr 2022 07:51:16 GMT
accept-ranges: bytes
content-length: 14367
date: Sun, 27 Nov 2022 18:00:52 GMT
server: LiteSpeed
vary: User-Agent
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ultahours.com/wp-content/themes/infinity-news/assets/lib/twp/js/ajax.js?ver=6.1.1
66.29.146.46200 OK 508 B URL HTTP/2 ultahours.com/wp-content/themes/infinity-news/assets/lib/twp/js/ajax.js?ver=6.1.1
IP 66.29.146.46:0
Hash b4b3a83b97199fe7ea4d325bd06d7e60
e7a3766c6fbffe3784eaba438cc878adbf3610bf
9a435f807be0f42ad28e2040d92c5f4cd3e3e2b3c7bbf97fe5f381fe9deb12c7
GET /wp-content/themes/infinity-news/assets/lib/twp/js/ajax.js?ver=6.1.1 HTTP/1.1
Host: ultahours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultahours.com/fume-extra-vape-need-to-know-maintenance-tips/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 04 Dec 2022 18:00:52 GMT
content-type: application/javascript
last-modified: Wed, 27 Jul 2022 12:00:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 508
date: Sun, 27 Nov 2022 18:00:52 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ultahours.com/wp-content/themes/infinity-news/assets/lib/twp/js/script.js?ver=6.1.1
66.29.146.46200 OK 3.3 kB URL HTTP/2 ultahours.com/wp-content/themes/infinity-news/assets/lib/twp/js/script.js?ver=6.1.1
IP 66.29.146.46:0
Hash f9465cf9d5f854a33d46eaf7c201e400
c8c012da4463251d93bdeb31fbbadbb804262ae9
8b4c5bcab33c58f1d4394c623f4c155ed8a1fff975c29d784e72fcae3a13dc01
GET /wp-content/themes/infinity-news/assets/lib/twp/js/script.js?ver=6.1.1 HTTP/1.1
Host: ultahours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultahours.com/fume-extra-vape-need-to-know-maintenance-tips/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 04 Dec 2022 18:00:52 GMT
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 12:28:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3255
date: Sun, 27 Nov 2022 18:00:52 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ultahours.com/wp-content/themes/infinity-news/assets/lib/aos/js/aos.js?ver=6.1.1
66.29.146.46200 OK 4.2 kB URL HTTP/2 ultahours.com/wp-content/themes/infinity-news/assets/lib/aos/js/aos.js?ver=6.1.1
IP 66.29.146.46:0
File type ASCII text, with very long lines (14243), with no line terminators
Hash dd6aa9a8b1f40f7b18157e96d6fa51b3
9f4360e25aa690f10d5ee6eb940535191cfd79e6
5706e4eb2b6e3c323885db7ff8cb4db591991d4eb77c3d8d1db11419f8eea3db
GET /wp-content/themes/infinity-news/assets/lib/aos/js/aos.js?ver=6.1.1 HTTP/1.1
Host: ultahours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultahours.com/fume-extra-vape-need-to-know-maintenance-tips/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 04 Dec 2022 18:00:52 GMT
content-type: application/javascript
last-modified: Mon, 14 Dec 2020 00:12:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 4224
date: Sun, 27 Nov 2022 18:00:52 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ultahours.com/wp-content/themes/infinity-news/assets/lib/sidr/js/jquery.sidr.min.js?ver=6.1.1
66.29.146.46200 OK 2.5 kB URL HTTP/2 ultahours.com/wp-content/themes/infinity-news/assets/lib/sidr/js/jquery.sidr.min.js?ver=6.1.1
IP 66.29.146.46:0
File type ASCII text, with very long lines (6911)
Hash 56191a960e91bbebdbb9ce0d344fabbe
395aca9cd08dd9858395fadca0551b39587fd589
20ee80052cfc9681ff5f48b568e0655237aee2b7a70a2abcdd55ca32e10488b4
GET /wp-content/themes/infinity-news/assets/lib/sidr/js/jquery.sidr.min.js?ver=6.1.1 HTTP/1.1
Host: ultahours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultahours.com/fume-extra-vape-need-to-know-maintenance-tips/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 04 Dec 2022 18:00:52 GMT
content-type: application/javascript
last-modified: Wed, 27 Jul 2022 12:00:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2463
date: Sun, 27 Nov 2022 18:00:52 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ultahours.com/wp-content/themes/infinity-news/assets/lib/jquery-match-height/js/jquery.matchHeight.min.js?ver=6.1.1
66.29.146.46200 OK 2.8 kB URL HTTP/2 ultahours.com/wp-content/themes/infinity-news/assets/lib/jquery-match-height/js/jquery.matchHeight.min.js?ver=6.1.1
IP 66.29.146.46:0
Hash 4e21091d6314a61514349a355c585c7e
79b7c27ac7a575d50a08d8e5e8df9a65838cbfe5
90cbba5f730459fcfbf0773629319bc7658d974b2f4751040fb09c37f7e1608d
GET /wp-content/themes/infinity-news/assets/lib/jquery-match-height/js/jquery.matchHeight.min.js?ver=6.1.1 HTTP/1.1
Host: ultahours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultahours.com/fume-extra-vape-need-to-know-maintenance-tips/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 04 Dec 2022 18:00:52 GMT
content-type: application/javascript
last-modified: Wed, 27 Jul 2022 12:00:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2843
date: Sun, 27 Nov 2022 18:00:52 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ultahours.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
66.29.146.46200 OK 4.6 kB URL HTTP/2 ultahours.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 66.29.146.46:0
File type ASCII text, with very long lines (15660)
Hash 0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: ultahours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultahours.com/fume-extra-vape-need-to-know-maintenance-tips/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 04 Dec 2022 18:00:52 GMT
content-type: application/javascript
last-modified: Tue, 24 May 2022 21:49:07 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 4619
date: Sun, 27 Nov 2022 18:00:52 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3526a98e63a74776228cd65160da647e
6e81bb8d79e5d6b70e967ea6e21a54fc238b0ccc
ba9e629b537b565062d21195f3e99bd589f0ce9c815d69a1490d97ad31974f40
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BA9E629B537B565062D21195F3E99BD589F0CE9C815D69A1490D97AD31974F40"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15056
Expires: Sun, 27 Nov 2022 22:11:49 GMT
Date: Sun, 27 Nov 2022 18:00:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash edfdea84c823cedac82d72f35c163911
5b519c8aaaf4de1261ff11709da34f39428aa39a
d2b900f1dcda90417d369dae119a894c8dd4ba3a2a632914f348aa6df020e8a8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2B900F1DCDA90417D369DAE119A894C8DD4BA3A2A632914F348AA6DF020E8A8"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6819
Expires: Sun, 27 Nov 2022 19:54:32 GMT
Date: Sun, 27 Nov 2022 18:00:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 39441102d05d0ccf7958cf4106ed4736
bccef58eac94c6d6fa0d0bb93af2ce9022e4da17
6e311fdb187f995362010ca45822bb7acee18b2d8ea2ff9f5580a2e8399f82ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6E311FDB187F995362010CA45822BB7ACEE18B2D8EA2FF9F5580A2E8399F82BA"
Last-Modified: Sun, 27 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5967
Expires: Sun, 27 Nov 2022 19:40:20 GMT
Date: Sun, 27 Nov 2022 18:00:53 GMT
Connection: keep-alive
ultahours.com/wp-content/fonts/roboto/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
66.29.146.46200 OK 16 kB URL HTTP/2 ultahours.com/wp-content/fonts/roboto/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 66.29.146.46:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash f00e7e4432f7c70d8c97efbe2c50d43b
d836c7d4bc52bcd67626b8960ae030ad315c2507
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
GET /wp-content/fonts/roboto/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: ultahours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ultahours.com/wp-content/fonts/ce20112a080e0a4d8ce4e9f8912ea350.css?ver=1.3.8
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 04 Dec 2022 18:00:53 GMT
content-type: font/woff2
last-modified: Tue, 12 Apr 2022 09:53:35 GMT
accept-ranges: bytes
content-length: 15920
date: Sun, 27 Nov 2022 18:00:53 GMT
server: LiteSpeed
vary: User-Agent
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
pixel.wp.com/g.gif?v=ext&blog=205467603&post=0&tz=0&srv=ultahours.com&j=1%3A11.5.1&host=ultahours.com&ref=&fcp=2371&rand=0.5376474746556152
192.0.76.3200 OK 50 B URL HTTP/2 pixel.wp.com/g.gif?v=ext&blog=205467603&post=0&tz=0&srv=ultahours.com&j=1%3A11.5.1&host=ultahours.com&ref=&fcp=2371&rand=0.5376474746556152
IP 192.0.76.3:0
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&blog=205467603&post=0&tz=0&srv=ultahours.com&j=1%3A11.5.1&host=ultahours.com&ref=&fcp=2371&rand=0.5376474746556152 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultahours.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 18:00:53 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
ultahours.com/wp-content/fonts/roboto/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
66.29.146.46200 OK 16 kB URL HTTP/2 ultahours.com/wp-content/fonts/roboto/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 66.29.146.46:0
File type Web Open Font Format (Version 2), TrueType, length 15732, version 1.0\012- data
Hash 80fe119e5efa3911b9d61b265f723b3d
34f751a1b1a0c1c0b5264b99f490e689db939657
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
GET /wp-content/fonts/roboto/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: ultahours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ultahours.com/wp-content/fonts/ce20112a080e0a4d8ce4e9f8912ea350.css?ver=1.3.8
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 04 Dec 2022 18:00:53 GMT
content-type: font/woff2
last-modified: Tue, 12 Apr 2022 09:53:28 GMT
accept-ranges: bytes
content-length: 15732
date: Sun, 27 Nov 2022 18:00:53 GMT
server: LiteSpeed
vary: User-Agent
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
arsnivyr.com/1?z=5542900
139.45.197.242200 OK 7.3 kB IP 139.45.197.242:0
Hash b28bbf977b0f27dfa8600c149e170132
b0d59ec89c44a18806c7743f3d888699156584ff
8ff0d20a3385c819700107135741bf6eccd9c138e778d8e998f18b04a7359829
Analyzer Verdict Alert quad9 Sinkholed
GET /1?z=5542900 HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultahours.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 18:00:52 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: a50f89c1607b7989ab09727661e8021b
access-control-expose-headers: X-Sc
x-sc: 8KfWOmclC8PPZrp3Hdr8LqHALXhw5rWs9mg8RJSyVlQqero5_2a1I6dclbmbuzXmht7AIcJsUzuAM0xCuwwGguk59i0=
set-cookie: scm=1; expires=Mon, 27 Nov 2023 18:00:52 GMT; secure; SameSite=None
OAID=38c57bcd74d045348e467d7d5129b126; expires=Mon, 27 Nov 2023 18:00:52 GMT; secure; SameSite=None
oaidts=1669572052; expires=Mon, 27 Nov 2023 18:00:52 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10580
Expires: Sun, 27 Nov 2022 20:57:13 GMT
Date: Sun, 27 Nov 2022 18:00:53 GMT
Connection: keep-alive
arsnivyr.com/1?z=5542886
139.45.197.242200 OK 7.3 kB IP 139.45.197.242:0
Hash 0425a493565da87da6938d0397f42e90
afc8c5c2916150b88be69e3315209fff73cc28a1
19290cb1acde43b21ffaf1fb1d01e9925a696df4874cca6297d3068b0baf748c
Analyzer Verdict Alert quad9 Sinkholed
GET /1?z=5542886 HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultahours.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 18:00:52 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 77a8fc42aee8fa4e392f25e0131f815b
access-control-expose-headers: X-Sc
x-sc: YFFhpp6KEdWZyXLX-yMNaxIrbQXg6BNyLuz2q2bKggayiufa-X3RDcbjFwuaMjCiDpSKRphx3oYFNBiJDjNvPzJ1Fu4=
set-cookie: scm=1; expires=Mon, 27 Nov 2023 18:00:52 GMT; secure; SameSite=None
OAID=779cfdd14cfd4841b84ba227dc8543f3; expires=Mon, 27 Nov 2023 18:00:52 GMT; secure; SameSite=None
oaidts=1669572052; expires=Mon, 27 Nov 2023 18:00:52 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10580
Expires: Sun, 27 Nov 2022 20:57:13 GMT
Date: Sun, 27 Nov 2022 18:00:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10580
Expires: Sun, 27 Nov 2022 20:57:13 GMT
Date: Sun, 27 Nov 2022 18:00:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2cd887044e91d7ed0f1a8d7119ff7dd0
ae8aa4ce6ddaccba771fe65446926b60fc5628da
bad283c15531000b7a8c126d442154b64a880cc26196a46cbd2e6266a526db67
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10199
x-amzn-requestid: baee3bbe-7ded-425a-ae39-fccfc8169217
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iF1VIAMF09g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-5522727b2f09b27e63b23270;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: K2eKLQhrsCdd4ASsfEibRuZAYW4CpPTlO3fZs7xdoKrw1HBxfTGkEA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:42:14 GMT
etag: "ae8aa4ce6ddaccba771fe65446926b60fc5628da"
content-type: image/jpeg
age: 73119
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6188ef1b-7a47-4903-9867-0e57b53def62.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6188ef1b-7a47-4903-9867-0e57b53def62.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 116eb5028a206e55f758f3e34887c87e
10577d9fc19028a0e0303634ec16ad8b2d41fa7a
d5d0f5518f8346e78f00a57632efe36f3363cabfa9abb30b7bea60261b29910b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6188ef1b-7a47-4903-9867-0e57b53def62.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5103
x-amzn-requestid: 203eadee-9375-4290-ae0a-dd48e83df697
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFGzTE90oAMFTyA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637eb814-2c32253b155d5dd0283fdd07;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 00:17:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7tHm0mthR9kBsxWjBYctLA-AicheWuIxgPLw0UJtI8QhOv1oW13C3A==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 14:46:13 GMT
age: 11680
etag: "10577d9fc19028a0e0303634ec16ad8b2d41fa7a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/2764.svg
192.0.77.48200 OK 368 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/2764.svg
IP 192.0.77.48:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (368), with no line terminators
Hash 0483f2b648dcc986d01385062052ae1c
61bd815f1497863265a76d92623042835e5e7fe2
09a743ee0c32ca57c9be64b13b29c396310d1dd309cb4d7d3be722e47db95f27
GET /images/core/emoji/14.0.0/svg/2764.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultahours.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 18:00:53 GMT
content-type: image/svg+xml
content-length: 368
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
inklinkor.com/tag.min.js
104.21.91.63200 OK 34 kB IP 104.21.91.63:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 26e94d180e1558ba072bf2a7e5fc9316
9dbd0264cd992e6c98625270300fb0d2e22fc2ee
f60d7924238e30e97e491716da0b46d6b9e1cf102a7ac20973c0e265ac6d67d1
GET /tag.min.js HTTP/1.1
Host: inklinkor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultahours.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 18:00:52 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: ee7f4fcb68086acc026e8144050782b2
cache-control: max-age=86400
last-modified: Wed, 23 Nov 2022 10:05:31 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Mon, 28 Nov 2022 17:39:28 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 1284
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yQqCYsEW0%2BYg6L5csb0DQTY%2FreXYHSrds71urIg%2FMIsmnK3ESHOHzn7mG0j3GvdaMMS6mz%2B2wEbDmN%2Fd%2BeW32XmHPI1gxxN4llCr9PV4qajyCFSRDWnFYNq8dbYoR%2BdD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770cc40f9c91b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 433875a1b1fef34e45f2d8ac344c07e3
f2129466436cbbdd58abe42a47fb7af19eba58e6
ab1e7b46f3804640c7dd94d70c8c31ec2dfc3e2f0f015a8556d04d9d9089c450
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5099
x-amzn-requestid: 57648043-7820-453d-9549-0f743b6c2557
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4jFBvoAMFl1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-53b59d607b82c264180f469d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: VsdLWuh4rCawI5V0YYGaHxEMl2YEVNgsbjfCwzDsrnCZhRK2FkCkVw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:42:14 GMT
etag: "f2129466436cbbdd58abe42a47fb7af19eba58e6"
content-type: image/jpeg
age: 73119
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AVwDLlKoy5pc9NNuR_OakMB0ONGAoO-k2AKwV--b2sjiaqYSKAWlZg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:42:14 GMT
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
age: 73119
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1db6041a0bdb2319ae85afcc30caaeec
3b0ec6a7188dadf986f72fda8110296d9abd6f35
05f1f9b7834e7268dc34e3233434217f58cb68ee43a403cd08d0bb0ab4f37815
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13049
x-amzn-requestid: 2755f206-af23-4597-b4b9-7dae5001d6be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBsvpHDJoAMFhFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d5b30-600008f573bd7e0024585eb1;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 23:28:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: y0ofyT6UcPjB8mfRR1VMjHSTW64Qb_EQ0rrjsOdbby1CG-xMIFJMPw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:49:19 GMT
age: 72694
etag: "3b0ec6a7188dadf986f72fda8110296d9abd6f35"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ultahours.com/wp-content/themes/infinity-news/assets/lib/ionicons/fonts/ionicons.woff2?v=4.5.5
66.29.146.46200 OK 51 kB URL HTTP/2 ultahours.com/wp-content/themes/infinity-news/assets/lib/ionicons/fonts/ionicons.woff2?v=4.5.5
IP 66.29.146.46:0
File type Web Open Font Format (Version 2), TrueType, length 50556, version 1.0\012- data
Hash 96f1c901c087fb64019f7665f7f8aca6
60c9e10a709815148bf4a9b333a396692739cd5c
2d02d165cb720aec2fde78a93113a459729e0503951353f719076bc5b4a7a845
GET /wp-content/themes/infinity-news/assets/lib/ionicons/fonts/ionicons.woff2?v=4.5.5 HTTP/1.1
Host: ultahours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ultahours.com/wp-content/themes/infinity-news/assets/lib/ionicons/css/ionicons.min.css?ver=6.1.1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 04 Dec 2022 18:00:53 GMT
content-type: font/woff2
last-modified: Mon, 14 Dec 2020 00:12:24 GMT
accept-ranges: bytes
content-length: 50556
date: Sun, 27 Nov 2022 18:00:53 GMT
server: LiteSpeed
vary: User-Agent
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
bedrapiona.com/5/5425340/?oo=1&js_build=iclick-v1.454.0
139.45.197.234200 OK 17 kB URL HTTP/2 bedrapiona.com/5/5425340/?oo=1&js_build=iclick-v1.454.0
IP 139.45.197.234:0
Hash 55d3772ab873aba6a38bbb1ad636187e
233d827355001e7dfe89ac2d66ff96f661b4f2dc
f5d1af4e4b4a89a65a0b7ab860d23b39b9f43bd01ff78a206a60f4d2fe1143e9
GET /5/5425340/?oo=1&js_build=iclick-v1.454.0 HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ultahours.com
Connection: keep-alive
Referer: https://ultahours.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 18:00:52 GMT
content-type: application/json
x-trace-id: 79166db5f457ab7e7d607107babb3326
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://ultahours.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=34833461a6b143cba942a0c856014447; expires=Mon, 27 Nov 2023 18:00:52 GMT; path=/; secure; SameSite=None
oaidts=1669572052; expires=Mon, 27 Nov 2023 18:00:52 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
ultahours.com/wp-content/fonts/roboto/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
66.29.146.46200 OK 18 kB URL HTTP/2 ultahours.com/wp-content/fonts/roboto/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
IP 66.29.146.46:0
File type Web Open Font Format (Version 2), TrueType, length 17484, version 1.0\012- data
Hash e4f11143c6bf4e4aa3c65df0dc2f0cb6
a35afbb7b7b2c5152c4032f8b2373f47056dfd06
4c7856c0d39606a745670d4c03525f3644fe65304191be208516def923cc3762
GET /wp-content/fonts/roboto/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2 HTTP/1.1
Host: ultahours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ultahours.com/wp-content/fonts/ce20112a080e0a4d8ce4e9f8912ea350.css?ver=1.3.8
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 04 Dec 2022 18:00:53 GMT
content-type: font/woff2
last-modified: Tue, 12 Apr 2022 09:53:14 GMT
accept-ranges: bytes
content-length: 17484
date: Sun, 27 Nov 2022 18:00:53 GMT
server: LiteSpeed
vary: User-Agent
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ibrapush.com/zone?pub=0&zone_id=5425339&is_mobile=false&domain=ultahours.com&var=&ymid=&var_3=
139.45.197.250200 OK 664 B URL HTTP/2 ibrapush.com/zone?pub=0&zone_id=5425339&is_mobile=false&domain=ultahours.com&var=&ymid=&var_3=
IP 139.45.197.250:0
File type JSON data\012- , ASCII text, with very long lines (663)
Hash 41ebaaccbec9555a5d67f03af80f12ff
63cfc9c5a8dd6dd22ca8ea380677565eceee20d2
3221f09badbbeaa3eb8f532a7ddc41633acf916a342fe8258f6acf21e51e3b15
GET /zone?pub=0&zone_id=5425339&is_mobile=false&domain=ultahours.com&var=&ymid=&var_3= HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ultahours.com/
Origin: https://ultahours.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 18:00:53 GMT
content-type: application/json; charset=utf-8
content-length: 664
x-trace-id: 77da80cf9953e4750b529771c261a0c1
access-control-allow-origin: https://ultahours.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ultahours.com/wp-content/fonts/fira-sans/va9B4kDNxMZdWfMOD5VnSKzeRhf6.woff2
66.29.146.46200 OK 24 kB URL HTTP/2 ultahours.com/wp-content/fonts/fira-sans/va9B4kDNxMZdWfMOD5VnSKzeRhf6.woff2
IP 66.29.146.46:0
File type Web Open Font Format (Version 2), TrueType, length 23600, version 1.0\012- data
Hash 96535c146ffa5386af6a241b26a3a6b4
23cd84c531d12b9ee5e2fa0d1dd7620f4d6cff57
5a993ab2e9326ab9a1d3f403acf8eed16029f1113c786bcfef3f5b529343ab81
GET /wp-content/fonts/fira-sans/va9B4kDNxMZdWfMOD5VnSKzeRhf6.woff2 HTTP/1.1
Host: ultahours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ultahours.com/wp-content/fonts/ce20112a080e0a4d8ce4e9f8912ea350.css?ver=1.3.8
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 04 Dec 2022 18:00:53 GMT
content-type: font/woff2
last-modified: Tue, 12 Apr 2022 09:53:06 GMT
accept-ranges: bytes
content-length: 23600
date: Sun, 27 Nov 2022 18:00:53 GMT
server: LiteSpeed
vary: User-Agent
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ultahours.com/wp-content/fonts/fira-sans/va9B4kDNxMZdWfMOD5VnPKreRhf6.woff2
66.29.146.46200 OK 22 kB URL HTTP/2 ultahours.com/wp-content/fonts/fira-sans/va9B4kDNxMZdWfMOD5VnPKreRhf6.woff2
IP 66.29.146.46:0
File type Web Open Font Format (Version 2), TrueType, length 22316, version 1.0\012- data
Hash d90c9f754a38229355a68e57d560ba62
f10075d6769df2ad5470c441eae3535c40d61acc
be8268fdf5d6791bc737102f1429ecd20a78d58e2a2cea7db1f614aecefc40fb
GET /wp-content/fonts/fira-sans/va9B4kDNxMZdWfMOD5VnPKreRhf6.woff2 HTTP/1.1
Host: ultahours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ultahours.com/wp-content/fonts/ce20112a080e0a4d8ce4e9f8912ea350.css?ver=1.3.8
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 04 Dec 2022 18:00:53 GMT
content-type: font/woff2
last-modified: Tue, 12 Apr 2022 09:52:55 GMT
accept-ranges: bytes
content-length: 22316
date: Sun, 27 Nov 2022 18:00:53 GMT
server: LiteSpeed
vary: User-Agent
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ultahours.com/wp-content/uploads/2022/08/images-38.jpg
66.29.146.46200 OK 6.4 kB URL HTTP/2 ultahours.com/wp-content/uploads/2022/08/images-38.jpg
IP 66.29.146.46:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 297x170, components 3\012- data
Hash 1fa9f3b1dcf33211fc48b7ed53f18423
309d31af173c00d9cc6df2944b1420f65e0c5abe
8cccb63aadc2762a7f1d49fac8b9a85043618c0ee896e068b2342df9de855f65
GET /wp-content/uploads/2022/08/images-38.jpg HTTP/1.1
Host: ultahours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultahours.com/fume-extra-vape-need-to-know-maintenance-tips/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 04 Dec 2022 18:00:53 GMT
content-type: image/jpeg
last-modified: Wed, 17 Aug 2022 13:48:53 GMT
accept-ranges: bytes
content-length: 6389
date: Sun, 27 Nov 2022 18:00:53 GMT
server: LiteSpeed
vary: User-Agent
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ultahours.com/wp-content/uploads/2021/11/December-Global-Holidays-300x169.jpg
66.29.146.46200 OK 8.1 kB URL HTTP/2 ultahours.com/wp-content/uploads/2021/11/December-Global-Holidays-300x169.jpg
IP 66.29.146.46:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x169, components 3\012- data
Hash 002ff589905b9cf65c0755af874e5cb8
093d431d3d41aee79f3e2e8f47daa0970720dfce
adb092ffa52e2623c7cb7f427f376f5e5c6cf1463a9a703d27ffa05f37ecfce1
GET /wp-content/uploads/2021/11/December-Global-Holidays-300x169.jpg HTTP/1.1
Host: ultahours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultahours.com/fume-extra-vape-need-to-know-maintenance-tips/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 04 Dec 2022 18:00:53 GMT
content-type: image/jpeg
last-modified: Sun, 17 Apr 2022 07:39:57 GMT
accept-ranges: bytes
content-length: 8075
date: Sun, 27 Nov 2022 18:00:53 GMT
server: LiteSpeed
vary: User-Agent
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
stats.wp.com/e-202247.js
192.0.76.3200 OK 12 kB IP 192.0.76.3:0
File type ASCII text, with very long lines (2690)
Hash bf5215904c829bded4ec0501c32e3a5e
2bcde0cfd0fa553faef854a33ea4452d84ff9d77
b037b86b363c64b58b956f37b0ec7f9fedca82aa751b2408a1d06653dd6f3e21
GET /e-202247.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultahours.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 18:00:52 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-3508"
content-encoding: br
expires: Mon, 13 Nov 2023 09:17:34 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
ultahours.com/wp-content/uploads/2022/08/images-31.jpg
66.29.146.46200 OK 11 kB URL HTTP/2 ultahours.com/wp-content/uploads/2022/08/images-31.jpg
IP 66.29.146.46:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 247x204, components 3\012- data
Hash f48512648c36c77fe890fc2acbfbafae
1411a6c5203aec0779cdd3a8d1bad001bd082642
246a1dda1e081ee9d61bfe098e6a51490a288b3ef4e00b4cf3f82ae2474e33b6
GET /wp-content/uploads/2022/08/images-31.jpg HTTP/1.1
Host: ultahours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultahours.com/fume-extra-vape-need-to-know-maintenance-tips/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 04 Dec 2022 18:00:53 GMT
content-type: image/jpeg
last-modified: Mon, 15 Aug 2022 13:39:20 GMT
accept-ranges: bytes
content-length: 11225
date: Sun, 27 Nov 2022 18:00:53 GMT
server: LiteSpeed
vary: User-Agent
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ultahours.com/wp-content/uploads/2022/09/Bamboo-Lunch-Boxes-300x169.webp
66.29.146.46200 OK 7.6 kB URL HTTP/2 ultahours.com/wp-content/uploads/2022/09/Bamboo-Lunch-Boxes-300x169.webp
IP 66.29.146.46:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x169, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8a93a80474808c39c3a4f60a236fa40b
1da2414eb2af507a6f8e303ed40af48dfd7f5ee1
10ae9f8077aad5f2db2135b170ee09c582b9bff707693773a545c01651cb3014
GET /wp-content/uploads/2022/09/Bamboo-Lunch-Boxes-300x169.webp HTTP/1.1
Host: ultahours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultahours.com/fume-extra-vape-need-to-know-maintenance-tips/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 04 Dec 2022 18:00:53 GMT
content-type: image/webp
last-modified: Sat, 10 Sep 2022 13:24:07 GMT
accept-ranges: bytes
content-length: 7642
date: Sun, 27 Nov 2022 18:00:53 GMT
server: LiteSpeed
vary: User-Agent
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
nanouwho.com/1?z=5425338
139.45.197.242200 OK 27 kB IP 139.45.197.242:0
Hash 1c09f9205a8107a928f02c6c5c73c28f
b65af2773e92329fcc686e56b45196937e1742e5
97b2e7356bb7ca6e96df776fdb0e2ddbe86efd3eac87a199e2eef45cdf5d3e6a
Analyzer Verdict Alert quad9 Sinkholed
GET /1?z=5425338 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultahours.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 18:00:53 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 85028d0278e52d5e15b23579d2b69427
access-control-expose-headers: X-Sc
x-sc: 5DYj9pEjoXdxwnR_yjvdoAjKSTT6tir3aOxTggd6UF-jYeKfre2a8-NopCJJAEwJQXZM7HwV40knXbJhGAZtKvzwyFg=
set-cookie: scm=1; expires=Mon, 27 Nov 2023 18:00:53 GMT; secure; SameSite=None
OAID=438e582bdec248be85ca09fad5da7b56; expires=Mon, 27 Nov 2023 18:00:53 GMT; secure; SameSite=None
oaidts=1669572053; expires=Mon, 27 Nov 2023 18:00:53 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
arsnivyr.com/9?z=5542886&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fultahours.com%2Ffume-extra-vape-need-to-know-maintenance-tips%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=34833461a6b143cba942a0c856014447
139.45.197.242204 No Content 0 B URL HTTP/2 arsnivyr.com/9?z=5542886&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fultahours.com%2Ffume-extra-vape-need-to-know-maintenance-tips%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=34833461a6b143cba942a0c856014447
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /9?z=5542886&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fultahours.com%2Ffume-extra-vape-need-to-know-maintenance-tips%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=34833461a6b143cba942a0c856014447 HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ultahours.com/
Origin: https://ultahours.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sun, 27 Nov 2022 18:00:53 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://ultahours.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
ibrapush.com/pfe/current/universal.min.js?v=3.1.405
139.45.197.250200 OK 34 kB URL HTTP/2 ibrapush.com/pfe/current/universal.min.js?v=3.1.405
IP 139.45.197.250:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 94a0282fa95d32134e9eefee3f7d3fd0
d4c14b5ecd267b0fd586ea4ecdcc30ef018296a9
07685d786f54a920bb1e2510c3a2e828b661b9079f6b7ee0f8261bca6a99506b
GET /pfe/current/universal.min.js?v=3.1.405 HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ultahours.com/
Origin: https://ultahours.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 18:00:53 GMT
content-type: application/javascript
last-modified: Thu, 24 Nov 2022 15:53:54 GMT
etag: W/"637f9392-180b9"
access-control-allow-origin: https://ultahours.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
ultahours.com/wp-content/uploads/2022/08/word-image-346-1-300x200.jpeg
66.29.146.46200 OK 13 kB URL HTTP/2 ultahours.com/wp-content/uploads/2022/08/word-image-346-1-300x200.jpeg
IP 66.29.146.46:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x200, components 3\012- data
Hash b14f72314a8e57f92ad081ba82808e34
ef9ebe876290f36d141b591df9790a597a2f8965
4a87ded995dff29dc433918753386c59e0183979a3b16850bbcc3e0971afd48f
GET /wp-content/uploads/2022/08/word-image-346-1-300x200.jpeg HTTP/1.1
Host: ultahours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultahours.com/fume-extra-vape-need-to-know-maintenance-tips/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 04 Dec 2022 18:00:53 GMT
content-type: image/jpeg
last-modified: Fri, 26 Aug 2022 07:24:48 GMT
accept-ranges: bytes
content-length: 13351
date: Sun, 27 Nov 2022 18:00:53 GMT
server: LiteSpeed
vary: User-Agent
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ultahours.com/wp-content/uploads/2022/08/The-MacBook-1-300x169.jpg
66.29.146.46200 OK 14 kB URL HTTP/2 ultahours.com/wp-content/uploads/2022/08/The-MacBook-1-300x169.jpg
IP 66.29.146.46:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x169, components 3\012- data
Hash 4b0469d6d8f046418b9748123c909765
cd85244b187013dac2ae114d0da9fa8daf7b095e
f6470f06efc1b187a14b8209b681a1cb469d4d083a999a8136ef8d90af265fb4
GET /wp-content/uploads/2022/08/The-MacBook-1-300x169.jpg HTTP/1.1
Host: ultahours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultahours.com/fume-extra-vape-need-to-know-maintenance-tips/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 04 Dec 2022 18:00:53 GMT
content-type: image/jpeg
last-modified: Tue, 23 Aug 2022 11:33:34 GMT
accept-ranges: bytes
content-length: 14138
date: Sun, 27 Nov 2022 18:00:53 GMT
server: LiteSpeed
vary: User-Agent
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ultahours.com/wp-content/uploads/2022/08/images-50.jpg
66.29.146.46200 OK 15 kB URL HTTP/2 ultahours.com/wp-content/uploads/2022/08/images-50.jpg
IP 66.29.146.46:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 260x194, components 3\012- data
Hash dfb2599fd8d2391c3f4d089e7803295a
05c147f40b2e1f2cc1d77856dda3478eb6384e6f
d64a639f8e80eb79ffd14fb172085f71e0662b29f46deb29cde7ac1825fdc66e
GET /wp-content/uploads/2022/08/images-50.jpg HTTP/1.1
Host: ultahours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultahours.com/fume-extra-vape-need-to-know-maintenance-tips/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 04 Dec 2022 18:00:53 GMT
content-type: image/jpeg
last-modified: Mon, 22 Aug 2022 09:24:14 GMT
accept-ranges: bytes
content-length: 15204
date: Sun, 27 Nov 2022 18:00:53 GMT
server: LiteSpeed
vary: User-Agent
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ultahours.com/wp-content/uploads/2022/08/images-47-300x160.jpg
66.29.146.46200 OK 11 kB URL HTTP/2 ultahours.com/wp-content/uploads/2022/08/images-47-300x160.jpg
IP 66.29.146.46:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x160, components 3\012- data
Hash c4eaf2deaf9da6f4001e419bb5ede324
0dc0ca5335bfc8dfd973a9bf9577b66d05b543bf
d550cfffe0013319dba2ec97421a2451379167dcc1614542f5afc67f7d70a87b
GET /wp-content/uploads/2022/08/images-47-300x160.jpg HTTP/1.1
Host: ultahours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultahours.com/fume-extra-vape-need-to-know-maintenance-tips/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 04 Dec 2022 18:00:53 GMT
content-type: image/jpeg
last-modified: Sat, 20 Aug 2022 07:54:24 GMT
accept-ranges: bytes
content-length: 11159
date: Sun, 27 Nov 2022 18:00:53 GMT
server: LiteSpeed
vary: User-Agent
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ultahours.com/wp-content/uploads/2022/08/images-41-300x160.jpg
66.29.146.46200 OK 16 kB URL HTTP/2 ultahours.com/wp-content/uploads/2022/08/images-41-300x160.jpg
IP 66.29.146.46:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x160, components 3\012- data
Hash 3a36d9f486f4f5ef2a7cb6538054e09f
ebcd9c603db7839a846bbc0c797116558e3078bb
62da1b978f619c76b0c89cfe50febececf5ab8ac51dacaba7c929f4556187d25
GET /wp-content/uploads/2022/08/images-41-300x160.jpg HTTP/1.1
Host: ultahours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultahours.com/fume-extra-vape-need-to-know-maintenance-tips/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 04 Dec 2022 18:00:53 GMT
content-type: image/jpeg
last-modified: Thu, 18 Aug 2022 10:59:29 GMT
accept-ranges: bytes
content-length: 15730
date: Sun, 27 Nov 2022 18:00:53 GMT
server: LiteSpeed
vary: User-Agent
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ultahours.com/wp-content/uploads/2022/08/download-39-300x160.jpg
66.29.146.46200 OK 13 kB URL HTTP/2 ultahours.com/wp-content/uploads/2022/08/download-39-300x160.jpg
IP 66.29.146.46:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x160, components 3\012- data
Hash 71d97b9489ee0a24fb5d16113cdb6b16
69b0a0ddebdcd3fd79d7eee728290809887bd357
475a3201e78962eb0c715b29bad70ee37d84f4f0ea37d4cc1b88c4066c30cd9a
GET /wp-content/uploads/2022/08/download-39-300x160.jpg HTTP/1.1
Host: ultahours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultahours.com/fume-extra-vape-need-to-know-maintenance-tips/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 04 Dec 2022 18:00:53 GMT
content-type: image/jpeg
last-modified: Fri, 19 Aug 2022 11:12:06 GMT
accept-ranges: bytes
content-length: 12723
date: Sun, 27 Nov 2022 18:00:53 GMT
server: LiteSpeed
vary: User-Agent
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
nanouwho.com/9?z=5425338&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fultahours.com%2Ffume-extra-vape-need-to-know-maintenance-tips%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=34833461a6b143cba942a0c856014447
139.45.197.242204 No Content 0 B URL HTTP/2 nanouwho.com/9?z=5425338&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fultahours.com%2Ffume-extra-vape-need-to-know-maintenance-tips%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=34833461a6b143cba942a0c856014447
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /9?z=5425338&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fultahours.com%2Ffume-extra-vape-need-to-know-maintenance-tips%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=34833461a6b143cba942a0c856014447 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ultahours.com/
Origin: https://ultahours.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sun, 27 Nov 2022 18:00:54 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://ultahours.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
arsnivyr.com/11?rnd=156935901&z=5542886&b=15811603&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=4-9npUE7J__NJ8SY45CES2zHdaxV9uaSuyFbTYdKwenu00Wyq81392qaOLSrmpzjviSODFUvdanpPb26OKHY2LDFLr1l4IO4OQnH_YkKSWIWsR7cNT3s89-tqOIq88jJ0vZydvIIB6ascyS45L3Li5yr7V0-MF3D68zesnFthnWeTCNmaueulFH9fGjSVKVfFAg9C5UMy43UBDzkRgByyiR-NK-QBMxYjhAR5D58e9m55N3SmtreMnqQxtH5wuJ9f98tuaP4z4NUNq0mFf4fK8SSLUOu1lGhFKN6twXdAjdYYU9p-CRk3rbSUki0x9d_fLu8jgiTkj-luXUQE67kxv9PduP21JNkF-5uQgdzv8lmPdwIejqhs_v4hubDp7omwBqOfmlMjc7Vdg5n-m6OTmHntM7T0kzHhCXG5pNUgqkwA0Q5nFzvTp1jDFTfArtj8Bs-RW93sJ8kBnPf6FhcLTj430c_CnC6GC-ZKK1ijkSexSMHKbvqF56kgV4M9UbK1V8EMOUnnwXjDQXoWPLAPPDS5q6iO-k9uXvhYGDHFOCJibWIvoXDUbbrY525nmaMN7mowuGaI81SBITg3F1PqgLnsU9J2ENwaIPUXmeHuLZmh9p-E0SEm4ViODS71aoBt7kRZELakH4Bvuhzr5A4CPrVIGc3CCnYa5pJZJNhsDpqUj0C5yt-Fvks4WPR33mYWDy2UYkIor6pA7qX6Qc47cXfH8EbIRgI7Sq3QCLCI9MUiZr3sdCFHiCgBWl_itJ-nSwF0Z5ISLm5TfjkX4MY35vBgUnYH5CZhMGmnftzEwWVQq8IZE_6NTnGDns6MssWSd7BsxuBC-uWI4ro-zPZ5WETbmqJ07ytWg2L61x69wEILcmV3J9AQvK3W9dqoNEQ_bQia-O6-cD-rMzIXa6q-SxZdHyLZDee&ruid=bed6084b-61e9-4e5b-97e2-0fd0d57fc9bb&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fultahours.com%2Ffume-extra-vape-need-to-know-maintenance-tips%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=183
139.45.197.242200 OK 0 B URL HTTP/2 arsnivyr.com/11?rnd=156935901&z=5542886&b=15811603&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=4-9npUE7J__NJ8SY45CES2zHdaxV9uaSuyFbTYdKwenu00Wyq81392qaOLSrmpzjviSODFUvdanpPb26OKHY2LDFLr1l4IO4OQnH_YkKSWIWsR7cNT3s89-tqOIq88jJ0vZydvIIB6ascyS45L3Li5yr7V0-MF3D68zesnFthnWeTCNmaueulFH9fGjSVKVfFAg9C5UMy43UBDzkRgByyiR-NK-QBMxYjhAR5D58e9m55N3SmtreMnqQxtH5wuJ9f98tuaP4z4NUNq0mFf4fK8SSLUOu1lGhFKN6twXdAjdYYU9p-CRk3rbSUki0x9d_fLu8jgiTkj-luXUQE67kxv9PduP21JNkF-5uQgdzv8lmPdwIejqhs_v4hubDp7omwBqOfmlMjc7Vdg5n-m6OTmHntM7T0kzHhCXG5pNUgqkwA0Q5nFzvTp1jDFTfArtj8Bs-RW93sJ8kBnPf6FhcLTj430c_CnC6GC-ZKK1ijkSexSMHKbvqF56kgV4M9UbK1V8EMOUnnwXjDQXoWPLAPPDS5q6iO-k9uXvhYGDHFOCJibWIvoXDUbbrY525nmaMN7mowuGaI81SBITg3F1PqgLnsU9J2ENwaIPUXmeHuLZmh9p-E0SEm4ViODS71aoBt7kRZELakH4Bvuhzr5A4CPrVIGc3CCnYa5pJZJNhsDpqUj0C5yt-Fvks4WPR33mYWDy2UYkIor6pA7qX6Qc47cXfH8EbIRgI7Sq3QCLCI9MUiZr3sdCFHiCgBWl_itJ-nSwF0Z5ISLm5TfjkX4MY35vBgUnYH5CZhMGmnftzEwWVQq8IZE_6NTnGDns6MssWSd7BsxuBC-uWI4ro-zPZ5WETbmqJ07ytWg2L61x69wEILcmV3J9AQvK3W9dqoNEQ_bQia-O6-cD-rMzIXa6q-SxZdHyLZDee&ruid=bed6084b-61e9-4e5b-97e2-0fd0d57fc9bb&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fultahours.com%2Ffume-extra-vape-need-to-know-maintenance-tips%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=183
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /11?rnd=156935901&z=5542886&b=15811603&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=4-9npUE7J__NJ8SY45CES2zHdaxV9uaSuyFbTYdKwenu00Wyq81392qaOLSrmpzjviSODFUvdanpPb26OKHY2LDFLr1l4IO4OQnH_YkKSWIWsR7cNT3s89-tqOIq88jJ0vZydvIIB6ascyS45L3Li5yr7V0-MF3D68zesnFthnWeTCNmaueulFH9fGjSVKVfFAg9C5UMy43UBDzkRgByyiR-NK-QBMxYjhAR5D58e9m55N3SmtreMnqQxtH5wuJ9f98tuaP4z4NUNq0mFf4fK8SSLUOu1lGhFKN6twXdAjdYYU9p-CRk3rbSUki0x9d_fLu8jgiTkj-luXUQE67kxv9PduP21JNkF-5uQgdzv8lmPdwIejqhs_v4hubDp7omwBqOfmlMjc7Vdg5n-m6OTmHntM7T0kzHhCXG5pNUgqkwA0Q5nFzvTp1jDFTfArtj8Bs-RW93sJ8kBnPf6FhcLTj430c_CnC6GC-ZKK1ijkSexSMHKbvqF56kgV4M9UbK1V8EMOUnnwXjDQXoWPLAPPDS5q6iO-k9uXvhYGDHFOCJibWIvoXDUbbrY525nmaMN7mowuGaI81SBITg3F1PqgLnsU9J2ENwaIPUXmeHuLZmh9p-E0SEm4ViODS71aoBt7kRZELakH4Bvuhzr5A4CPrVIGc3CCnYa5pJZJNhsDpqUj0C5yt-Fvks4WPR33mYWDy2UYkIor6pA7qX6Qc47cXfH8EbIRgI7Sq3QCLCI9MUiZr3sdCFHiCgBWl_itJ-nSwF0Z5ISLm5TfjkX4MY35vBgUnYH5CZhMGmnftzEwWVQq8IZE_6NTnGDns6MssWSd7BsxuBC-uWI4ro-zPZ5WETbmqJ07ytWg2L61x69wEILcmV3J9AQvK3W9dqoNEQ_bQia-O6-cD-rMzIXa6q-SxZdHyLZDee&ruid=bed6084b-61e9-4e5b-97e2-0fd0d57fc9bb&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fultahours.com%2Ffume-extra-vape-need-to-know-maintenance-tips%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=183 HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ultahours.com
Connection: keep-alive
Referer: https://ultahours.com/
Cookie: scm=1; OAID=34833461a6b143cba942a0c856014447; oaidts=1669572052
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 18:00:54 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://ultahours.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 170992feb8411bb25593a04c20a3ea75
access-control-expose-headers: X-Sc
set-cookie: OAID=34833461a6b143cba942a0c856014447; expires=Mon, 27 Nov 2023 18:00:54 GMT; secure; SameSite=None
oaidts=1669572052; expires=Mon, 27 Nov 2023 18:00:54 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
arsnivyr.com/11?rnd=264837137&z=5542900&b=15811603&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=fdbnIC6Kychv-pnYJUrEjsIAhyIbvRMZQ8K7iPR-otel9X466uuBD8yDF8tYgVnsbF4pydacYajefb2SxGKnbygutWyO0v8bPcYV8JKvhFwMfilr8R_ZNuREo57HTYGCPCSa1_AiIlKAIXkc5FTwOd4TwJ3j0wOYx4BOtupGBSRCYVuQ6eLPGXtIUqmM-F-pWrO8gS9KEtdrjQbli18UNgJ5jkJUgtAb9J6BbeGavKWfGBxIq7kdln70OPa5Cp_fixAQ3Y8KJQw12Vl6aPR3OX4AheD_5WA8J5ERA4nnfE31yJIYjJk-M8A9rgwIlCpHJwy6Scd9d3PDkcPhk7DbM9KPtGiVfD_2sWjJwhSvbzujweZZKdMKu3OyTY-qOOM43Sma93NI4snXyxA_bTDwQul9pGLGlhGhEVrVjYIR7Xl4GiLhGuAWxVoJ1fy9DIUjq_SlW4oBLHmLtCK68G5lZM8dJ4dIIlfniFF6ovbRhd_VawQemk30rMPxaOnjJdkuiEyQnDTxP28H7JdFh3HlpFKNGsL50hQVoZZiKDtOP1SHj1zm5wWu1FzZ9ASYjQCOx6dOP_BcpECpNELU_yj97JPaOn-lVblAxHngvxosApyZRyB0uPxpFi_DoVrTirGsocRJFaKG1qlLNlKhuHWX-rs4kWrX19XF5VzPvhLohKWt5X9zFYfQo6V_rov9074izOnIx887-G5kHK__9khhE3_ji-c8o77oOm-DuXht1umTXJNTR_u3tBlEyQaiDS1Nvlo_Vg4iTOp2IblATEx2LqR3rEx5Jvo9iCU6fBt6OsgKw6XMTplUXOcut7TCsYQYnV8p8wv-gNVdGsPSOz_5xMsf1k5MYi1Q2YjF8w==&ruid=97506d89-d533-4360-b7c5-87f46d5edb22&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fultahours.com%2Ffume-extra-vape-need-to-know-maintenance-tips%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=141
139.45.197.242200 OK 0 B URL HTTP/2 arsnivyr.com/11?rnd=264837137&z=5542900&b=15811603&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=fdbnIC6Kychv-pnYJUrEjsIAhyIbvRMZQ8K7iPR-otel9X466uuBD8yDF8tYgVnsbF4pydacYajefb2SxGKnbygutWyO0v8bPcYV8JKvhFwMfilr8R_ZNuREo57HTYGCPCSa1_AiIlKAIXkc5FTwOd4TwJ3j0wOYx4BOtupGBSRCYVuQ6eLPGXtIUqmM-F-pWrO8gS9KEtdrjQbli18UNgJ5jkJUgtAb9J6BbeGavKWfGBxIq7kdln70OPa5Cp_fixAQ3Y8KJQw12Vl6aPR3OX4AheD_5WA8J5ERA4nnfE31yJIYjJk-M8A9rgwIlCpHJwy6Scd9d3PDkcPhk7DbM9KPtGiVfD_2sWjJwhSvbzujweZZKdMKu3OyTY-qOOM43Sma93NI4snXyxA_bTDwQul9pGLGlhGhEVrVjYIR7Xl4GiLhGuAWxVoJ1fy9DIUjq_SlW4oBLHmLtCK68G5lZM8dJ4dIIlfniFF6ovbRhd_VawQemk30rMPxaOnjJdkuiEyQnDTxP28H7JdFh3HlpFKNGsL50hQVoZZiKDtOP1SHj1zm5wWu1FzZ9ASYjQCOx6dOP_BcpECpNELU_yj97JPaOn-lVblAxHngvxosApyZRyB0uPxpFi_DoVrTirGsocRJFaKG1qlLNlKhuHWX-rs4kWrX19XF5VzPvhLohKWt5X9zFYfQo6V_rov9074izOnIx887-G5kHK__9khhE3_ji-c8o77oOm-DuXht1umTXJNTR_u3tBlEyQaiDS1Nvlo_Vg4iTOp2IblATEx2LqR3rEx5Jvo9iCU6fBt6OsgKw6XMTplUXOcut7TCsYQYnV8p8wv-gNVdGsPSOz_5xMsf1k5MYi1Q2YjF8w==&ruid=97506d89-d533-4360-b7c5-87f46d5edb22&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fultahours.com%2Ffume-extra-vape-need-to-know-maintenance-tips%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=141
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /11?rnd=264837137&z=5542900&b=15811603&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=fdbnIC6Kychv-pnYJUrEjsIAhyIbvRMZQ8K7iPR-otel9X466uuBD8yDF8tYgVnsbF4pydacYajefb2SxGKnbygutWyO0v8bPcYV8JKvhFwMfilr8R_ZNuREo57HTYGCPCSa1_AiIlKAIXkc5FTwOd4TwJ3j0wOYx4BOtupGBSRCYVuQ6eLPGXtIUqmM-F-pWrO8gS9KEtdrjQbli18UNgJ5jkJUgtAb9J6BbeGavKWfGBxIq7kdln70OPa5Cp_fixAQ3Y8KJQw12Vl6aPR3OX4AheD_5WA8J5ERA4nnfE31yJIYjJk-M8A9rgwIlCpHJwy6Scd9d3PDkcPhk7DbM9KPtGiVfD_2sWjJwhSvbzujweZZKdMKu3OyTY-qOOM43Sma93NI4snXyxA_bTDwQul9pGLGlhGhEVrVjYIR7Xl4GiLhGuAWxVoJ1fy9DIUjq_SlW4oBLHmLtCK68G5lZM8dJ4dIIlfniFF6ovbRhd_VawQemk30rMPxaOnjJdkuiEyQnDTxP28H7JdFh3HlpFKNGsL50hQVoZZiKDtOP1SHj1zm5wWu1FzZ9ASYjQCOx6dOP_BcpECpNELU_yj97JPaOn-lVblAxHngvxosApyZRyB0uPxpFi_DoVrTirGsocRJFaKG1qlLNlKhuHWX-rs4kWrX19XF5VzPvhLohKWt5X9zFYfQo6V_rov9074izOnIx887-G5kHK__9khhE3_ji-c8o77oOm-DuXht1umTXJNTR_u3tBlEyQaiDS1Nvlo_Vg4iTOp2IblATEx2LqR3rEx5Jvo9iCU6fBt6OsgKw6XMTplUXOcut7TCsYQYnV8p8wv-gNVdGsPSOz_5xMsf1k5MYi1Q2YjF8w==&ruid=97506d89-d533-4360-b7c5-87f46d5edb22&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fultahours.com%2Ffume-extra-vape-need-to-know-maintenance-tips%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=141 HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ultahours.com
Connection: keep-alive
Referer: https://ultahours.com/
Cookie: scm=1; OAID=34833461a6b143cba942a0c856014447; oaidts=1669572052
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 18:00:54 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://ultahours.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 7291a5ffe3c195ed84fa611af316e025
access-control-expose-headers: X-Sc
set-cookie: OAID=34833461a6b143cba942a0c856014447; expires=Mon, 27 Nov 2023 18:00:54 GMT; secure; SameSite=None
oaidts=1669572052; expires=Mon, 27 Nov 2023 18:00:54 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
arsnivyr.com/121?rnd=3998381154&z=5542886&b=15811603&c=6345548&var=&d=https%3A%2F%2Fnya.bz%2F&cln={CELL_NUMBER}&btp=7&rb=4-9npUE7J__NJ8SY45CES2zHdaxV9uaSuyFbTYdKwenu00Wyq81392qaOLSrmpzjviSODFUvdanpPb26OKHY2LDFLr1l4IO4OQnH_YkKSWIWsR7cNT3s89-tqOIq88jJ0vZydvIIB6ascyS45L3Li5yr7V0-MF3D68zesnFthnWeTCNmaueulFH9fGjSVKVfFAg9C5UMy43UBDzkRgByyiR-NK-QBMxYjhAR5D58e9m55N3SmtreMnqQxtH5wuJ9f98tuaP4z4NUNq0mFf4fK8SSLUOu1lGhFKN6twXdAjdYYU9p-CRk3rbSUki0x9d_fLu8jgiTkj-luXUQE67kxv9PduP21JNkF-5uQgdzv8lmPdwIejqhs_v4hubDp7omwBqOfmlMjc7Vdg5n-m6OTmHntM7T0kzHhCXG5pNUgqkwA0Q5nFzvTp1jDFTfArtj8Bs-RW93sJ8kBnPf6FhcLTj430c_CnC6GC-ZKK1ijkSexSMHKbvqF56kgV4M9UbK1V8EMOUnnwXjDQXoWPLAPPDS5q6iO-k9uXvhYGDHFOCJibWIvoXDUbbrY525nmaMN7mowuGaI81SBITg3F1PqgLnsU9J2ENwaIPUXmeHuLZmh9p-E0SEm4ViODS71aoBt7kRZELakH4Bvuhzr5A4CPrVIGc3CCnYa5pJZJNhsDpqUj0C5yt-Fvks4WPR33mYWDy2UYkIor6pA7qX6Qc47cXfH8EbIRgI7Sq3QCLCI9MUiZr3sdCFHiCgBWl_itJ-nSwF0Z5ISLm5TfjkX4MY35vBgUnYH5CZhMGmnftzEwWVQq8IZE_6NTnGDns6MssWSd7BsxuBC-uWI4ro-zPZ5WETbmqJ07ytWg2L61x69wEILcmV3J9AQvK3W9dqoNEQ_bQia-O6-cD-rMzIXa6q-SxZdHyLZDee&bag=Nr-w-j_u_4AWpTtM14CWpUe4Gbxjieqz&ruid=bed6084b-61e9-4e5b-97e2-0fd0d57fc9bb
139.45.197.242302 Found 0 B URL HTTP/2 arsnivyr.com/121?rnd=3998381154&z=5542886&b=15811603&c=6345548&var=&d=https%3A%2F%2Fnya.bz%2F&cln={CELL_NUMBER}&btp=7&rb=4-9npUE7J__NJ8SY45CES2zHdaxV9uaSuyFbTYdKwenu00Wyq81392qaOLSrmpzjviSODFUvdanpPb26OKHY2LDFLr1l4IO4OQnH_YkKSWIWsR7cNT3s89-tqOIq88jJ0vZydvIIB6ascyS45L3Li5yr7V0-MF3D68zesnFthnWeTCNmaueulFH9fGjSVKVfFAg9C5UMy43UBDzkRgByyiR-NK-QBMxYjhAR5D58e9m55N3SmtreMnqQxtH5wuJ9f98tuaP4z4NUNq0mFf4fK8SSLUOu1lGhFKN6twXdAjdYYU9p-CRk3rbSUki0x9d_fLu8jgiTkj-luXUQE67kxv9PduP21JNkF-5uQgdzv8lmPdwIejqhs_v4hubDp7omwBqOfmlMjc7Vdg5n-m6OTmHntM7T0kzHhCXG5pNUgqkwA0Q5nFzvTp1jDFTfArtj8Bs-RW93sJ8kBnPf6FhcLTj430c_CnC6GC-ZKK1ijkSexSMHKbvqF56kgV4M9UbK1V8EMOUnnwXjDQXoWPLAPPDS5q6iO-k9uXvhYGDHFOCJibWIvoXDUbbrY525nmaMN7mowuGaI81SBITg3F1PqgLnsU9J2ENwaIPUXmeHuLZmh9p-E0SEm4ViODS71aoBt7kRZELakH4Bvuhzr5A4CPrVIGc3CCnYa5pJZJNhsDpqUj0C5yt-Fvks4WPR33mYWDy2UYkIor6pA7qX6Qc47cXfH8EbIRgI7Sq3QCLCI9MUiZr3sdCFHiCgBWl_itJ-nSwF0Z5ISLm5TfjkX4MY35vBgUnYH5CZhMGmnftzEwWVQq8IZE_6NTnGDns6MssWSd7BsxuBC-uWI4ro-zPZ5WETbmqJ07ytWg2L61x69wEILcmV3J9AQvK3W9dqoNEQ_bQia-O6-cD-rMzIXa6q-SxZdHyLZDee&bag=Nr-w-j_u_4AWpTtM14CWpUe4Gbxjieqz&ruid=bed6084b-61e9-4e5b-97e2-0fd0d57fc9bb
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /121?rnd=3998381154&z=5542886&b=15811603&c=6345548&var=&d=https%3A%2F%2Fnya.bz%2F&cln={CELL_NUMBER}&btp=7&rb=4-9npUE7J__NJ8SY45CES2zHdaxV9uaSuyFbTYdKwenu00Wyq81392qaOLSrmpzjviSODFUvdanpPb26OKHY2LDFLr1l4IO4OQnH_YkKSWIWsR7cNT3s89-tqOIq88jJ0vZydvIIB6ascyS45L3Li5yr7V0-MF3D68zesnFthnWeTCNmaueulFH9fGjSVKVfFAg9C5UMy43UBDzkRgByyiR-NK-QBMxYjhAR5D58e9m55N3SmtreMnqQxtH5wuJ9f98tuaP4z4NUNq0mFf4fK8SSLUOu1lGhFKN6twXdAjdYYU9p-CRk3rbSUki0x9d_fLu8jgiTkj-luXUQE67kxv9PduP21JNkF-5uQgdzv8lmPdwIejqhs_v4hubDp7omwBqOfmlMjc7Vdg5n-m6OTmHntM7T0kzHhCXG5pNUgqkwA0Q5nFzvTp1jDFTfArtj8Bs-RW93sJ8kBnPf6FhcLTj430c_CnC6GC-ZKK1ijkSexSMHKbvqF56kgV4M9UbK1V8EMOUnnwXjDQXoWPLAPPDS5q6iO-k9uXvhYGDHFOCJibWIvoXDUbbrY525nmaMN7mowuGaI81SBITg3F1PqgLnsU9J2ENwaIPUXmeHuLZmh9p-E0SEm4ViODS71aoBt7kRZELakH4Bvuhzr5A4CPrVIGc3CCnYa5pJZJNhsDpqUj0C5yt-Fvks4WPR33mYWDy2UYkIor6pA7qX6Qc47cXfH8EbIRgI7Sq3QCLCI9MUiZr3sdCFHiCgBWl_itJ-nSwF0Z5ISLm5TfjkX4MY35vBgUnYH5CZhMGmnftzEwWVQq8IZE_6NTnGDns6MssWSd7BsxuBC-uWI4ro-zPZ5WETbmqJ07ytWg2L61x69wEILcmV3J9AQvK3W9dqoNEQ_bQia-O6-cD-rMzIXa6q-SxZdHyLZDee&bag=Nr-w-j_u_4AWpTtM14CWpUe4Gbxjieqz&ruid=bed6084b-61e9-4e5b-97e2-0fd0d57fc9bb HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: scm=1; OAID=34833461a6b143cba942a0c856014447; oaidts=1669572052
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Sun, 27 Nov 2022 18:00:54 GMT
content-length: 0
location: https://nya.bz/
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: e7bc5ab04f4bc213474cc7cbf65b33db
access-control-expose-headers: X-Sc
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
arsnivyr.com/11?rnd=156935901&z=5542886&b=15811603&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=4-9npUE7J__NJ8SY45CES2zHdaxV9uaSuyFbTYdKwenu00Wyq81392qaOLSrmpzjviSODFUvdanpPb26OKHY2LDFLr1l4IO4OQnH_YkKSWIWsR7cNT3s89-tqOIq88jJ0vZydvIIB6ascyS45L3Li5yr7V0-MF3D68zesnFthnWeTCNmaueulFH9fGjSVKVfFAg9C5UMy43UBDzkRgByyiR-NK-QBMxYjhAR5D58e9m55N3SmtreMnqQxtH5wuJ9f98tuaP4z4NUNq0mFf4fK8SSLUOu1lGhFKN6twXdAjdYYU9p-CRk3rbSUki0x9d_fLu8jgiTkj-luXUQE67kxv9PduP21JNkF-5uQgdzv8lmPdwIejqhs_v4hubDp7omwBqOfmlMjc7Vdg5n-m6OTmHntM7T0kzHhCXG5pNUgqkwA0Q5nFzvTp1jDFTfArtj8Bs-RW93sJ8kBnPf6FhcLTj430c_CnC6GC-ZKK1ijkSexSMHKbvqF56kgV4M9UbK1V8EMOUnnwXjDQXoWPLAPPDS5q6iO-k9uXvhYGDHFOCJibWIvoXDUbbrY525nmaMN7mowuGaI81SBITg3F1PqgLnsU9J2ENwaIPUXmeHuLZmh9p-E0SEm4ViODS71aoBt7kRZELakH4Bvuhzr5A4CPrVIGc3CCnYa5pJZJNhsDpqUj0C5yt-Fvks4WPR33mYWDy2UYkIor6pA7qX6Qc47cXfH8EbIRgI7Sq3QCLCI9MUiZr3sdCFHiCgBWl_itJ-nSwF0Z5ISLm5TfjkX4MY35vBgUnYH5CZhMGmnftzEwWVQq8IZE_6NTnGDns6MssWSd7BsxuBC-uWI4ro-zPZ5WETbmqJ07ytWg2L61x69wEILcmV3J9AQvK3W9dqoNEQ_bQia-O6-cD-rMzIXa6q-SxZdHyLZDee&ruid=bed6084b-61e9-4e5b-97e2-0fd0d57fc9bb&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fultahours.com%2Ffume-extra-vape-need-to-know-maintenance-tips%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
139.45.197.242200 OK 0 B URL HTTP/2 arsnivyr.com/11?rnd=156935901&z=5542886&b=15811603&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=4-9npUE7J__NJ8SY45CES2zHdaxV9uaSuyFbTYdKwenu00Wyq81392qaOLSrmpzjviSODFUvdanpPb26OKHY2LDFLr1l4IO4OQnH_YkKSWIWsR7cNT3s89-tqOIq88jJ0vZydvIIB6ascyS45L3Li5yr7V0-MF3D68zesnFthnWeTCNmaueulFH9fGjSVKVfFAg9C5UMy43UBDzkRgByyiR-NK-QBMxYjhAR5D58e9m55N3SmtreMnqQxtH5wuJ9f98tuaP4z4NUNq0mFf4fK8SSLUOu1lGhFKN6twXdAjdYYU9p-CRk3rbSUki0x9d_fLu8jgiTkj-luXUQE67kxv9PduP21JNkF-5uQgdzv8lmPdwIejqhs_v4hubDp7omwBqOfmlMjc7Vdg5n-m6OTmHntM7T0kzHhCXG5pNUgqkwA0Q5nFzvTp1jDFTfArtj8Bs-RW93sJ8kBnPf6FhcLTj430c_CnC6GC-ZKK1ijkSexSMHKbvqF56kgV4M9UbK1V8EMOUnnwXjDQXoWPLAPPDS5q6iO-k9uXvhYGDHFOCJibWIvoXDUbbrY525nmaMN7mowuGaI81SBITg3F1PqgLnsU9J2ENwaIPUXmeHuLZmh9p-E0SEm4ViODS71aoBt7kRZELakH4Bvuhzr5A4CPrVIGc3CCnYa5pJZJNhsDpqUj0C5yt-Fvks4WPR33mYWDy2UYkIor6pA7qX6Qc47cXfH8EbIRgI7Sq3QCLCI9MUiZr3sdCFHiCgBWl_itJ-nSwF0Z5ISLm5TfjkX4MY35vBgUnYH5CZhMGmnftzEwWVQq8IZE_6NTnGDns6MssWSd7BsxuBC-uWI4ro-zPZ5WETbmqJ07ytWg2L61x69wEILcmV3J9AQvK3W9dqoNEQ_bQia-O6-cD-rMzIXa6q-SxZdHyLZDee&ruid=bed6084b-61e9-4e5b-97e2-0fd0d57fc9bb&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fultahours.com%2Ffume-extra-vape-need-to-know-maintenance-tips%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /11?rnd=156935901&z=5542886&b=15811603&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=4-9npUE7J__NJ8SY45CES2zHdaxV9uaSuyFbTYdKwenu00Wyq81392qaOLSrmpzjviSODFUvdanpPb26OKHY2LDFLr1l4IO4OQnH_YkKSWIWsR7cNT3s89-tqOIq88jJ0vZydvIIB6ascyS45L3Li5yr7V0-MF3D68zesnFthnWeTCNmaueulFH9fGjSVKVfFAg9C5UMy43UBDzkRgByyiR-NK-QBMxYjhAR5D58e9m55N3SmtreMnqQxtH5wuJ9f98tuaP4z4NUNq0mFf4fK8SSLUOu1lGhFKN6twXdAjdYYU9p-CRk3rbSUki0x9d_fLu8jgiTkj-luXUQE67kxv9PduP21JNkF-5uQgdzv8lmPdwIejqhs_v4hubDp7omwBqOfmlMjc7Vdg5n-m6OTmHntM7T0kzHhCXG5pNUgqkwA0Q5nFzvTp1jDFTfArtj8Bs-RW93sJ8kBnPf6FhcLTj430c_CnC6GC-ZKK1ijkSexSMHKbvqF56kgV4M9UbK1V8EMOUnnwXjDQXoWPLAPPDS5q6iO-k9uXvhYGDHFOCJibWIvoXDUbbrY525nmaMN7mowuGaI81SBITg3F1PqgLnsU9J2ENwaIPUXmeHuLZmh9p-E0SEm4ViODS71aoBt7kRZELakH4Bvuhzr5A4CPrVIGc3CCnYa5pJZJNhsDpqUj0C5yt-Fvks4WPR33mYWDy2UYkIor6pA7qX6Qc47cXfH8EbIRgI7Sq3QCLCI9MUiZr3sdCFHiCgBWl_itJ-nSwF0Z5ISLm5TfjkX4MY35vBgUnYH5CZhMGmnftzEwWVQq8IZE_6NTnGDns6MssWSd7BsxuBC-uWI4ro-zPZ5WETbmqJ07ytWg2L61x69wEILcmV3J9AQvK3W9dqoNEQ_bQia-O6-cD-rMzIXa6q-SxZdHyLZDee&ruid=bed6084b-61e9-4e5b-97e2-0fd0d57fc9bb&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fultahours.com%2Ffume-extra-vape-need-to-know-maintenance-tips%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ultahours.com
Connection: keep-alive
Referer: https://ultahours.com/
Cookie: scm=1; OAID=34833461a6b143cba942a0c856014447; oaidts=1669572052
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 18:00:54 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://ultahours.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: fd3563c07d70c6e246471790e27030d3
access-control-expose-headers: X-Sc
set-cookie: OAID=34833461a6b143cba942a0c856014447; expires=Mon, 27 Nov 2023 18:00:54 GMT; secure; SameSite=None
oaidts=1669572052; expires=Mon, 27 Nov 2023 18:00:54 GMT; secure; SameSite=None
oaidvc=1; expires=Mon, 27 Nov 2023 18:00:54 GMT; secure; SameSite=None
CNT=1_v1_E0TxAAEAAAB7SwAA; expires=Sun, 27 Nov 2022 19:00:54 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
arsnivyr.com/121?rnd=3601771584&z=5542900&b=15811603&c=6345548&var=&d=https%3A%2F%2Fnya.bz%2F&cln={CELL_NUMBER}&btp=7&rb=fdbnIC6Kychv-pnYJUrEjsIAhyIbvRMZQ8K7iPR-otel9X466uuBD8yDF8tYgVnsbF4pydacYajefb2SxGKnbygutWyO0v8bPcYV8JKvhFwMfilr8R_ZNuREo57HTYGCPCSa1_AiIlKAIXkc5FTwOd4TwJ3j0wOYx4BOtupGBSRCYVuQ6eLPGXtIUqmM-F-pWrO8gS9KEtdrjQbli18UNgJ5jkJUgtAb9J6BbeGavKWfGBxIq7kdln70OPa5Cp_fixAQ3Y8KJQw12Vl6aPR3OX4AheD_5WA8J5ERA4nnfE31yJIYjJk-M8A9rgwIlCpHJwy6Scd9d3PDkcPhk7DbM9KPtGiVfD_2sWjJwhSvbzujweZZKdMKu3OyTY-qOOM43Sma93NI4snXyxA_bTDwQul9pGLGlhGhEVrVjYIR7Xl4GiLhGuAWxVoJ1fy9DIUjq_SlW4oBLHmLtCK68G5lZM8dJ4dIIlfniFF6ovbRhd_VawQemk30rMPxaOnjJdkuiEyQnDTxP28H7JdFh3HlpFKNGsL50hQVoZZiKDtOP1SHj1zm5wWu1FzZ9ASYjQCOx6dOP_BcpECpNELU_yj97JPaOn-lVblAxHngvxosApyZRyB0uPxpFi_DoVrTirGsocRJFaKG1qlLNlKhuHWX-rs4kWrX19XF5VzPvhLohKWt5X9zFYfQo6V_rov9074izOnIx887-G5kHK__9khhE3_ji-c8o77oOm-DuXht1umTXJNTR_u3tBlEyQaiDS1Nvlo_Vg4iTOp2IblATEx2LqR3rEx5Jvo9iCU6fBt6OsgKw6XMTplUXOcut7TCsYQYnV8p8wv-gNVdGsPSOz_5xMsf1k5MYi1Q2YjF8w==&bag=AiAq6Hp8NXtu6KJ6trjPxrS6B1zn_fFG&ruid=97506d89-d533-4360-b7c5-87f46d5edb22
139.45.197.242302 Found 0 B URL HTTP/2 arsnivyr.com/121?rnd=3601771584&z=5542900&b=15811603&c=6345548&var=&d=https%3A%2F%2Fnya.bz%2F&cln={CELL_NUMBER}&btp=7&rb=fdbnIC6Kychv-pnYJUrEjsIAhyIbvRMZQ8K7iPR-otel9X466uuBD8yDF8tYgVnsbF4pydacYajefb2SxGKnbygutWyO0v8bPcYV8JKvhFwMfilr8R_ZNuREo57HTYGCPCSa1_AiIlKAIXkc5FTwOd4TwJ3j0wOYx4BOtupGBSRCYVuQ6eLPGXtIUqmM-F-pWrO8gS9KEtdrjQbli18UNgJ5jkJUgtAb9J6BbeGavKWfGBxIq7kdln70OPa5Cp_fixAQ3Y8KJQw12Vl6aPR3OX4AheD_5WA8J5ERA4nnfE31yJIYjJk-M8A9rgwIlCpHJwy6Scd9d3PDkcPhk7DbM9KPtGiVfD_2sWjJwhSvbzujweZZKdMKu3OyTY-qOOM43Sma93NI4snXyxA_bTDwQul9pGLGlhGhEVrVjYIR7Xl4GiLhGuAWxVoJ1fy9DIUjq_SlW4oBLHmLtCK68G5lZM8dJ4dIIlfniFF6ovbRhd_VawQemk30rMPxaOnjJdkuiEyQnDTxP28H7JdFh3HlpFKNGsL50hQVoZZiKDtOP1SHj1zm5wWu1FzZ9ASYjQCOx6dOP_BcpECpNELU_yj97JPaOn-lVblAxHngvxosApyZRyB0uPxpFi_DoVrTirGsocRJFaKG1qlLNlKhuHWX-rs4kWrX19XF5VzPvhLohKWt5X9zFYfQo6V_rov9074izOnIx887-G5kHK__9khhE3_ji-c8o77oOm-DuXht1umTXJNTR_u3tBlEyQaiDS1Nvlo_Vg4iTOp2IblATEx2LqR3rEx5Jvo9iCU6fBt6OsgKw6XMTplUXOcut7TCsYQYnV8p8wv-gNVdGsPSOz_5xMsf1k5MYi1Q2YjF8w==&bag=AiAq6Hp8NXtu6KJ6trjPxrS6B1zn_fFG&ruid=97506d89-d533-4360-b7c5-87f46d5edb22
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /121?rnd=3601771584&z=5542900&b=15811603&c=6345548&var=&d=https%3A%2F%2Fnya.bz%2F&cln={CELL_NUMBER}&btp=7&rb=fdbnIC6Kychv-pnYJUrEjsIAhyIbvRMZQ8K7iPR-otel9X466uuBD8yDF8tYgVnsbF4pydacYajefb2SxGKnbygutWyO0v8bPcYV8JKvhFwMfilr8R_ZNuREo57HTYGCPCSa1_AiIlKAIXkc5FTwOd4TwJ3j0wOYx4BOtupGBSRCYVuQ6eLPGXtIUqmM-F-pWrO8gS9KEtdrjQbli18UNgJ5jkJUgtAb9J6BbeGavKWfGBxIq7kdln70OPa5Cp_fixAQ3Y8KJQw12Vl6aPR3OX4AheD_5WA8J5ERA4nnfE31yJIYjJk-M8A9rgwIlCpHJwy6Scd9d3PDkcPhk7DbM9KPtGiVfD_2sWjJwhSvbzujweZZKdMKu3OyTY-qOOM43Sma93NI4snXyxA_bTDwQul9pGLGlhGhEVrVjYIR7Xl4GiLhGuAWxVoJ1fy9DIUjq_SlW4oBLHmLtCK68G5lZM8dJ4dIIlfniFF6ovbRhd_VawQemk30rMPxaOnjJdkuiEyQnDTxP28H7JdFh3HlpFKNGsL50hQVoZZiKDtOP1SHj1zm5wWu1FzZ9ASYjQCOx6dOP_BcpECpNELU_yj97JPaOn-lVblAxHngvxosApyZRyB0uPxpFi_DoVrTirGsocRJFaKG1qlLNlKhuHWX-rs4kWrX19XF5VzPvhLohKWt5X9zFYfQo6V_rov9074izOnIx887-G5kHK__9khhE3_ji-c8o77oOm-DuXht1umTXJNTR_u3tBlEyQaiDS1Nvlo_Vg4iTOp2IblATEx2LqR3rEx5Jvo9iCU6fBt6OsgKw6XMTplUXOcut7TCsYQYnV8p8wv-gNVdGsPSOz_5xMsf1k5MYi1Q2YjF8w==&bag=AiAq6Hp8NXtu6KJ6trjPxrS6B1zn_fFG&ruid=97506d89-d533-4360-b7c5-87f46d5edb22 HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: scm=1; OAID=34833461a6b143cba942a0c856014447; oaidts=1669572052
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Sun, 27 Nov 2022 18:00:54 GMT
content-length: 0
location: https://nya.bz/
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: a30b89c332121d66629f707043b05281
access-control-expose-headers: X-Sc
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
arsnivyr.com/9?z=5542886&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fultahours.com%2Ffume-extra-vape-need-to-know-maintenance-tips%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=34833461a6b143cba942a0c856014447
139.45.197.242200 OK 5.6 kB URL HTTP/2 arsnivyr.com/9?z=5542886&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fultahours.com%2Ffume-extra-vape-need-to-know-maintenance-tips%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=34833461a6b143cba942a0c856014447
IP 139.45.197.242:0
File type JSON data\012- , ASCII text, with very long lines (12972), with no line terminators
Hash 9ebf4c733ec17fa2204f1dbd9b7b9bcd
6f26986123b3fb3db360db84bb722d06fab46a32
35137eaf83930f88ae872946e9abfb91023d2d9fd498a4663acdbc9064e4f603
Analyzer Verdict Alert quad9 Sinkholed
POST /9?z=5542886&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fultahours.com%2Ffume-extra-vape-need-to-know-maintenance-tips%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=34833461a6b143cba942a0c856014447 HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 70
Origin: https://ultahours.com
Connection: keep-alive
Referer: https://ultahours.com/
Cookie: scm=1; OAID=779cfdd14cfd4841b84ba227dc8543f3; oaidts=1669572052
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 18:00:53 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://ultahours.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: fa000b0a6f3eeb6781a78b71c3a61bdf
access-control-expose-headers: X-Sc
set-cookie: OAID=34833461a6b143cba942a0c856014447; expires=Mon, 27 Nov 2023 18:00:53 GMT; secure; SameSite=None
oaidts=1669572052; expires=Mon, 27 Nov 2023 18:00:53 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
nanouwho.com/11?rnd=3449389284&z=5425338&b=15484935&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=JRL8-UupwjImv6ReHBk-rb0QHIdK_WQCrJktKDk2uQn6OkfvFtPKj7jAJP9n8sxGsE0_wWh-WT0hjV8yVgNMCqUeEGMkxORd0LW7gngTmVrtKNnPeKe8Q5gkRnfvdOTvLiOAC5oD8Sl6u2bkU6uy3BaFrDCqzvw6cOUCy0MEBZZZHvNRE50gpWjRjGDy2Egc9I6kbo0Ql5xXGPp_uaQ8DRCxYG-TdDCgOqOWg9lv-ZdI6jYi9FkCadbHdsJxEhhCZ8IK1dtqPjzeD9V16AD34U5RZY92E_fx7tQiNQH6jk9Dv1809UmwiTHv9n55DVxRSzqrJLvQ-Z4vOynu0W_GxPloTxIJqhVovrYT-WiZS9LZPcVCJEwNEkudfJfRejd6xhwsjM3tzsQNRiLw2svLZ_A_JixACxxkElhH5W6wqOQxzfpCi9ZwHmpvW4dGpO6PXIMmJrrMrXPZYN12muXfCLDz8_v4sCWVyHVLEhD5646lor_uWJ1PUemCkO7JNOilk-wdRN6k4GS47wh4MGeKgYth8YJLWHwKsqQUHTi2yqk4oDK7yoWRhQODvWVPZ-nqPnEBe_-q2R2GHylU6XBfpn_UrwrjcrzsnVFcGhicN1oSO1IdBXbPO-54qZM4gmxaccGUSS-B_33iApuz8WJpA3-8lB06W0fY3JUO7ttUFwL_NMjUOGfl4z3FzpAXGp_pUu1jx6yS9FIC3Uja&ruid=4108f6df-4a17-47d7-835d-90a184860cc8&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fultahours.com%2Ffume-extra-vape-need-to-know-maintenance-tips%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=113
139.45.197.242200 OK 0 B URL HTTP/2 nanouwho.com/11?rnd=3449389284&z=5425338&b=15484935&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=JRL8-UupwjImv6ReHBk-rb0QHIdK_WQCrJktKDk2uQn6OkfvFtPKj7jAJP9n8sxGsE0_wWh-WT0hjV8yVgNMCqUeEGMkxORd0LW7gngTmVrtKNnPeKe8Q5gkRnfvdOTvLiOAC5oD8Sl6u2bkU6uy3BaFrDCqzvw6cOUCy0MEBZZZHvNRE50gpWjRjGDy2Egc9I6kbo0Ql5xXGPp_uaQ8DRCxYG-TdDCgOqOWg9lv-ZdI6jYi9FkCadbHdsJxEhhCZ8IK1dtqPjzeD9V16AD34U5RZY92E_fx7tQiNQH6jk9Dv1809UmwiTHv9n55DVxRSzqrJLvQ-Z4vOynu0W_GxPloTxIJqhVovrYT-WiZS9LZPcVCJEwNEkudfJfRejd6xhwsjM3tzsQNRiLw2svLZ_A_JixACxxkElhH5W6wqOQxzfpCi9ZwHmpvW4dGpO6PXIMmJrrMrXPZYN12muXfCLDz8_v4sCWVyHVLEhD5646lor_uWJ1PUemCkO7JNOilk-wdRN6k4GS47wh4MGeKgYth8YJLWHwKsqQUHTi2yqk4oDK7yoWRhQODvWVPZ-nqPnEBe_-q2R2GHylU6XBfpn_UrwrjcrzsnVFcGhicN1oSO1IdBXbPO-54qZM4gmxaccGUSS-B_33iApuz8WJpA3-8lB06W0fY3JUO7ttUFwL_NMjUOGfl4z3FzpAXGp_pUu1jx6yS9FIC3Uja&ruid=4108f6df-4a17-47d7-835d-90a184860cc8&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fultahours.com%2Ffume-extra-vape-need-to-know-maintenance-tips%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=113
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /11?rnd=3449389284&z=5425338&b=15484935&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=JRL8-UupwjImv6ReHBk-rb0QHIdK_WQCrJktKDk2uQn6OkfvFtPKj7jAJP9n8sxGsE0_wWh-WT0hjV8yVgNMCqUeEGMkxORd0LW7gngTmVrtKNnPeKe8Q5gkRnfvdOTvLiOAC5oD8Sl6u2bkU6uy3BaFrDCqzvw6cOUCy0MEBZZZHvNRE50gpWjRjGDy2Egc9I6kbo0Ql5xXGPp_uaQ8DRCxYG-TdDCgOqOWg9lv-ZdI6jYi9FkCadbHdsJxEhhCZ8IK1dtqPjzeD9V16AD34U5RZY92E_fx7tQiNQH6jk9Dv1809UmwiTHv9n55DVxRSzqrJLvQ-Z4vOynu0W_GxPloTxIJqhVovrYT-WiZS9LZPcVCJEwNEkudfJfRejd6xhwsjM3tzsQNRiLw2svLZ_A_JixACxxkElhH5W6wqOQxzfpCi9ZwHmpvW4dGpO6PXIMmJrrMrXPZYN12muXfCLDz8_v4sCWVyHVLEhD5646lor_uWJ1PUemCkO7JNOilk-wdRN6k4GS47wh4MGeKgYth8YJLWHwKsqQUHTi2yqk4oDK7yoWRhQODvWVPZ-nqPnEBe_-q2R2GHylU6XBfpn_UrwrjcrzsnVFcGhicN1oSO1IdBXbPO-54qZM4gmxaccGUSS-B_33iApuz8WJpA3-8lB06W0fY3JUO7ttUFwL_NMjUOGfl4z3FzpAXGp_pUu1jx6yS9FIC3Uja&ruid=4108f6df-4a17-47d7-835d-90a184860cc8&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fultahours.com%2Ffume-extra-vape-need-to-know-maintenance-tips%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=113 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ultahours.com
Connection: keep-alive
Referer: https://ultahours.com/
Cookie: scm=1; OAID=34833461a6b143cba942a0c856014447; oaidts=1669572053
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 18:00:54 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://ultahours.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 96e836e9f55223d2c4b21ff5b21c56da
access-control-expose-headers: X-Sc
set-cookie: OAID=34833461a6b143cba942a0c856014447; expires=Mon, 27 Nov 2023 18:00:54 GMT; secure; SameSite=None
oaidts=1669572053; expires=Mon, 27 Nov 2023 18:00:54 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
nanouwho.com/121?rnd=3503147202&z=5425338&b=15484935&c=6264466&var=&d=https%3A%2F%2Fmediasama.com%2Fstarharem%2F01%2Fs%2Findex_rt.html&cln={CELL_NUMBER}&btp=7&rb=JRL8-UupwjImv6ReHBk-rb0QHIdK_WQCrJktKDk2uQn6OkfvFtPKj7jAJP9n8sxGsE0_wWh-WT0hjV8yVgNMCqUeEGMkxORd0LW7gngTmVrtKNnPeKe8Q5gkRnfvdOTvLiOAC5oD8Sl6u2bkU6uy3BaFrDCqzvw6cOUCy0MEBZZZHvNRE50gpWjRjGDy2Egc9I6kbo0Ql5xXGPp_uaQ8DRCxYG-TdDCgOqOWg9lv-ZdI6jYi9FkCadbHdsJxEhhCZ8IK1dtqPjzeD9V16AD34U5RZY92E_fx7tQiNQH6jk9Dv1809UmwiTHv9n55DVxRSzqrJLvQ-Z4vOynu0W_GxPloTxIJqhVovrYT-WiZS9LZPcVCJEwNEkudfJfRejd6xhwsjM3tzsQNRiLw2svLZ_A_JixACxxkElhH5W6wqOQxzfpCi9ZwHmpvW4dGpO6PXIMmJrrMrXPZYN12muXfCLDz8_v4sCWVyHVLEhD5646lor_uWJ1PUemCkO7JNOilk-wdRN6k4GS47wh4MGeKgYth8YJLWHwKsqQUHTi2yqk4oDK7yoWRhQODvWVPZ-nqPnEBe_-q2R2GHylU6XBfpn_UrwrjcrzsnVFcGhicN1oSO1IdBXbPO-54qZM4gmxaccGUSS-B_33iApuz8WJpA3-8lB06W0fY3JUO7ttUFwL_NMjUOGfl4z3FzpAXGp_pUu1jx6yS9FIC3Uja&bag=9gW--6XClFFYobHlU8PiKpI_4c99iPvS&ruid=4108f6df-4a17-47d7-835d-90a184860cc8
139.45.197.242302 Found 0 B URL HTTP/2 nanouwho.com/121?rnd=3503147202&z=5425338&b=15484935&c=6264466&var=&d=https%3A%2F%2Fmediasama.com%2Fstarharem%2F01%2Fs%2Findex_rt.html&cln={CELL_NUMBER}&btp=7&rb=JRL8-UupwjImv6ReHBk-rb0QHIdK_WQCrJktKDk2uQn6OkfvFtPKj7jAJP9n8sxGsE0_wWh-WT0hjV8yVgNMCqUeEGMkxORd0LW7gngTmVrtKNnPeKe8Q5gkRnfvdOTvLiOAC5oD8Sl6u2bkU6uy3BaFrDCqzvw6cOUCy0MEBZZZHvNRE50gpWjRjGDy2Egc9I6kbo0Ql5xXGPp_uaQ8DRCxYG-TdDCgOqOWg9lv-ZdI6jYi9FkCadbHdsJxEhhCZ8IK1dtqPjzeD9V16AD34U5RZY92E_fx7tQiNQH6jk9Dv1809UmwiTHv9n55DVxRSzqrJLvQ-Z4vOynu0W_GxPloTxIJqhVovrYT-WiZS9LZPcVCJEwNEkudfJfRejd6xhwsjM3tzsQNRiLw2svLZ_A_JixACxxkElhH5W6wqOQxzfpCi9ZwHmpvW4dGpO6PXIMmJrrMrXPZYN12muXfCLDz8_v4sCWVyHVLEhD5646lor_uWJ1PUemCkO7JNOilk-wdRN6k4GS47wh4MGeKgYth8YJLWHwKsqQUHTi2yqk4oDK7yoWRhQODvWVPZ-nqPnEBe_-q2R2GHylU6XBfpn_UrwrjcrzsnVFcGhicN1oSO1IdBXbPO-54qZM4gmxaccGUSS-B_33iApuz8WJpA3-8lB06W0fY3JUO7ttUFwL_NMjUOGfl4z3FzpAXGp_pUu1jx6yS9FIC3Uja&bag=9gW--6XClFFYobHlU8PiKpI_4c99iPvS&ruid=4108f6df-4a17-47d7-835d-90a184860cc8
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /121?rnd=3503147202&z=5425338&b=15484935&c=6264466&var=&d=https%3A%2F%2Fmediasama.com%2Fstarharem%2F01%2Fs%2Findex_rt.html&cln={CELL_NUMBER}&btp=7&rb=JRL8-UupwjImv6ReHBk-rb0QHIdK_WQCrJktKDk2uQn6OkfvFtPKj7jAJP9n8sxGsE0_wWh-WT0hjV8yVgNMCqUeEGMkxORd0LW7gngTmVrtKNnPeKe8Q5gkRnfvdOTvLiOAC5oD8Sl6u2bkU6uy3BaFrDCqzvw6cOUCy0MEBZZZHvNRE50gpWjRjGDy2Egc9I6kbo0Ql5xXGPp_uaQ8DRCxYG-TdDCgOqOWg9lv-ZdI6jYi9FkCadbHdsJxEhhCZ8IK1dtqPjzeD9V16AD34U5RZY92E_fx7tQiNQH6jk9Dv1809UmwiTHv9n55DVxRSzqrJLvQ-Z4vOynu0W_GxPloTxIJqhVovrYT-WiZS9LZPcVCJEwNEkudfJfRejd6xhwsjM3tzsQNRiLw2svLZ_A_JixACxxkElhH5W6wqOQxzfpCi9ZwHmpvW4dGpO6PXIMmJrrMrXPZYN12muXfCLDz8_v4sCWVyHVLEhD5646lor_uWJ1PUemCkO7JNOilk-wdRN6k4GS47wh4MGeKgYth8YJLWHwKsqQUHTi2yqk4oDK7yoWRhQODvWVPZ-nqPnEBe_-q2R2GHylU6XBfpn_UrwrjcrzsnVFcGhicN1oSO1IdBXbPO-54qZM4gmxaccGUSS-B_33iApuz8WJpA3-8lB06W0fY3JUO7ttUFwL_NMjUOGfl4z3FzpAXGp_pUu1jx6yS9FIC3Uja&bag=9gW--6XClFFYobHlU8PiKpI_4c99iPvS&ruid=4108f6df-4a17-47d7-835d-90a184860cc8 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: scm=1; OAID=34833461a6b143cba942a0c856014447; oaidts=1669572053
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Sun, 27 Nov 2022 18:00:54 GMT
content-length: 0
location: https://mediasama.com/starharem/01/s/index_rt.html
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 58cf67d2e3135d2aba1e699ced2c2c8f
access-control-expose-headers: X-Sc
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
nya.bz/
91.209.70.200200 OK 1.4 kB IP 91.209.70.200:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 341a560395e4b4b31e72d5d26a631405
d46f67dd73c06863accf1e439dafcba5f773114a
9cf2c973c4d55b93e324309372750eca96ac763848bd41c15a5f5526b57c01ec
GET / HTTP/1.1
Host: nya.bz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-length: 1401
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Sun, 27 Nov 2022 18:00:47 GMT
content-security-policy: upgrade-insecure-requests;
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
X-Firefox-Spdy: h2
ibrapush.com/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ultahours.com/
Origin: https://ultahours.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 18:00:54 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://ultahours.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
ibrapush.com/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ultahours.com/
Origin: https://ultahours.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 18:00:54 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://ultahours.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
nya.bz/
91.209.70.200200 OK 1.4 kB IP 91.209.70.200:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 341a560395e4b4b31e72d5d26a631405
d46f67dd73c06863accf1e439dafcba5f773114a
9cf2c973c4d55b93e324309372750eca96ac763848bd41c15a5f5526b57c01ec
GET / HTTP/1.1
Host: nya.bz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-length: 1401
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Sun, 27 Nov 2022 18:00:47 GMT
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
ibrapush.com/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ultahours.com/
Content-Type: application/json
Origin: https://ultahours.com
Content-Length: 409
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 18:00:54 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 004e12ef2bb97577cddcf45f5f8e734e
access-control-allow-origin: https://ultahours.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ibrapush.com/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ultahours.com/
Content-Type: application/json
Origin: https://ultahours.com
Content-Length: 776
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 18:00:54 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: a64202cbb4ffb1129f2b24b1cbdb0908
access-control-allow-origin: https://ultahours.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ny4.cc/wp-content/themes/keremiya1/font/gotham/gotham.css?ver=3.1.35
91.209.70.200200 OK 206 B URL HTTP/2 ny4.cc/wp-content/themes/keremiya1/font/gotham/gotham.css?ver=3.1.35
IP 91.209.70.200:0
Hash 204f1acb4686ca3e184e9721db3b3b4c
4d44748d66ef938115a6168b3e63f2d5aa882ccd
5b5eff43a7d142bd9f0b174ecc943a7bd8b01a1f0db5307b7b77bf76c06e0e3b
GET /wp-content/themes/keremiya1/font/gotham/gotham.css?ver=3.1.35 HTTP/1.1
Host: ny4.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nya.bz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Tue, 28 Nov 2023 00:00:47 GMT
content-type: text/css
last-modified: Mon, 12 Jul 2021 23:25:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 206
date: Sun, 27 Nov 2022 18:00:47 GMT
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
ny4.cc/wp-content/themes/keremiya1/font/icon/keremiya.woff
91.209.70.200200 OK 15 kB URL HTTP/2 ny4.cc/wp-content/themes/keremiya1/font/icon/keremiya.woff
IP 91.209.70.200:0
File type Web Open Font Format, TrueType, length 15192, version 1.0\012- data
Hash 133041967cb6c3d33d2046ed10e9ebdd
88f7416e17647b341d3d14e28682bf9eca749286
42d5bfeb71f4ed036f484d18ccaaa1e408ef36b4b81d65c9f81d8b1ae26ccd52
GET /wp-content/themes/keremiya1/font/icon/keremiya.woff HTTP/1.1
Host: ny4.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nya.bz
Connection: keep-alive
Referer: https://nya.bz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Tue, 28 Nov 2023 00:00:47 GMT
content-type: font/woff
last-modified: Mon, 12 Jul 2021 23:25:14 GMT
accept-ranges: bytes
content-length: 15192
date: Sun, 27 Nov 2022 18:00:47 GMT
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
access-control-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
X-Firefox-Spdy: h2
ny4.cc/wp-content/themes/keremiya1/font/gotham/GothamPro-Medium.woff2
91.209.70.200200 OK 15 kB URL HTTP/2 ny4.cc/wp-content/themes/keremiya1/font/gotham/GothamPro-Medium.woff2
IP 91.209.70.200:0
File type Web Open Font Format (Version 2), TrueType, length 14980, version 1.0\012- data
Hash 020e7c2824fd0401c19628131f8052ef
6a026f0eb3afc186bf78944d811f50bcbb6d63a7
8629f78474c184fb377bdc250cf316f9e3a1961c3e08b8f24f613e9749c47aa3
GET /wp-content/themes/keremiya1/font/gotham/GothamPro-Medium.woff2 HTTP/1.1
Host: ny4.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nya.bz
Connection: keep-alive
Referer: https://nya.bz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Tue, 28 Nov 2023 00:00:47 GMT
content-type: font/woff2
last-modified: Mon, 12 Jul 2021 23:25:14 GMT
accept-ranges: bytes
content-length: 14980
date: Sun, 27 Nov 2022 18:00:47 GMT
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
access-control-allow-origin: *
X-Firefox-Spdy: h2
ny4.cc/wp-content/themes/keremiya1/font/gotham/GothamPro-Black.woff2
91.209.70.200200 OK 15 kB URL HTTP/2 ny4.cc/wp-content/themes/keremiya1/font/gotham/GothamPro-Black.woff2
IP 91.209.70.200:0
File type Web Open Font Format (Version 2), TrueType, length 14660, version 1.0\012- data
Hash fcc8180f99082d9a0752698178ceddb7
027684bb643a9f2d9f8fb2153601481c00c9b9a6
f0d65cd7a3355087ac5f60e1ebada9da55eb50461037f5956f778fe5f8b0cf72
GET /wp-content/themes/keremiya1/font/gotham/GothamPro-Black.woff2 HTTP/1.1
Host: ny4.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nya.bz
Connection: keep-alive
Referer: https://nya.bz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Tue, 28 Nov 2023 00:00:47 GMT
content-type: font/woff2
last-modified: Mon, 12 Jul 2021 23:25:14 GMT
accept-ranges: bytes
content-length: 14660
date: Sun, 27 Nov 2022 18:00:47 GMT
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
access-control-allow-origin: *
X-Firefox-Spdy: h2
ny4.cc/wp-content/themes/keremiya1/images/play.svg
91.209.70.200200 OK 299 B URL HTTP/2 ny4.cc/wp-content/themes/keremiya1/images/play.svg
IP 91.209.70.200:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash dde3a831bbfec1cd31ca643196d0dfd7
357b77c751f66bea79c5f718c356b16770f9b2ed
1a111e62a1692a06ea6f429201a6fd34510dea92317a5d9cbe114b2fb009eafe
GET /wp-content/themes/keremiya1/images/play.svg HTTP/1.1
Host: ny4.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nya.bz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Tue, 28 Nov 2023 00:00:47 GMT
content-type: image/svg+xml
last-modified: Mon, 12 Jul 2021 23:25:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 299
date: Sun, 27 Nov 2022 18:00:47 GMT
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
ny4.cc/bg/desktop-small.jpg
91.209.70.200200 OK 448 kB URL HTTP/2 ny4.cc/bg/desktop-small.jpg
IP 91.209.70.200:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 50", baseline, precision 8, 1366x2049, components 3\012- data
Size 448 kB (448254 bytes)
Hash c81be3f26ad3b28c2cc693472af7245e
ebf2e8aeb4e12cd8f06985d8ba9adce63f710084
df530c945d9b4f8884c7e884144e8d5392eca36c172f1c7e3efbcbb3dbc5906a
GET /bg/desktop-small.jpg HTTP/1.1
Host: ny4.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nya.bz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Tue, 28 Nov 2023 00:00:47 GMT
content-type: image/jpeg
last-modified: Fri, 01 Jul 2022 17:06:33 GMT
accept-ranges: bytes
content-length: 448254
date: Sun, 27 Nov 2022 18:00:47 GMT
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
X-Firefox-Spdy: h2
betotodilea.com/500/5425337?excludes=&oaid=34833461a6b143cba942a0c856014447&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fultahours.com%2Ffume-extra-vape-need-to-know-maintenance-tips%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 16 kB URL HTTP/2 betotodilea.com/500/5425337?excludes=&oaid=34833461a6b143cba942a0c856014447&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fultahours.com%2Ffume-extra-vape-need-to-know-maintenance-tips%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Hash da3981ec2a2768ae66f594cef7a64670
4c74c70efc496c7acf0b8118d9ea1efd10a4d4cc
2eb6c3dac19e97703df33ef61e6fa42a782631adc3371104813145db0b7ac8ae
Analyzer Verdict Alert quad9 Sinkholed
GET /500/5425337?excludes=&oaid=34833461a6b143cba942a0c856014447&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fultahours.com%2Ffume-extra-vape-need-to-know-maintenance-tips%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://ultahours.com
Connection: keep-alive
Referer: https://ultahours.com/
Cookie: OAID=9c17a9d0bb694f68a26d9379ed294c87
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 18:00:54 GMT
content-type: application/javascript
x-trace-id: 80a44a9f2abcec21abf4b5cb60793eed
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://ultahours.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=34833461a6b143cba942a0c856014447; expires=Mon, 27 Nov 2023 18:00:54 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5d8b7aacc7f6969b23d6effe8faf0b11
39b3f1730597d58651ec76dac2e05d9f98f17e22
d49f4d3e5884976f41b830d65d00325958f10ace1ab4082b0a2fe6f9c8e3a6c0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D49F4D3E5884976F41B830D65D00325958F10ACE1AB4082B0A2FE6F9C8E3A6C0"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13085
Expires: Sun, 27 Nov 2022 21:38:59 GMT
Date: Sun, 27 Nov 2022 18:00:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 136edec26e2cb79a9a4b559b92ed1a4f
576eb101d653a9cdbfa6eca46daad576d886d9f2
44dd821b17b93f90c50b95fb7fe8c2eaa06849c522a2caca63c25d0a2042c8c5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "44DD821B17B93F90C50B95FB7FE8C2EAA06849C522A2CACA63C25D0A2042C8C5"
Last-Modified: Sat, 26 Nov 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15728
Expires: Sun, 27 Nov 2022 22:23:02 GMT
Date: Sun, 27 Nov 2022 18:00:54 GMT
Connection: keep-alive
ultahours.com/wp-content/uploads/2022/04/cropped-cropped-Ulta-Hours-Icon-192x192.png
66.29.146.46200 OK 2.8 kB URL HTTP/2 ultahours.com/wp-content/uploads/2022/04/cropped-cropped-Ulta-Hours-Icon-192x192.png
IP 66.29.146.46:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash e48e90e41c2a11fd95797fe525acee95
8378902709f72e8f6639f2a4311ab785eea03f23
a8a93351c53a5fed61f2a77ab587ed0df10dacf81946642731c49d6d902b956a
GET /wp-content/uploads/2022/04/cropped-cropped-Ulta-Hours-Icon-192x192.png HTTP/1.1
Host: ultahours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultahours.com/fume-extra-vape-need-to-know-maintenance-tips/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 04 Dec 2022 18:00:54 GMT
content-type: image/png
last-modified: Sun, 17 Apr 2022 07:53:16 GMT
accept-ranges: bytes
content-length: 2779
date: Sun, 27 Nov 2022 18:00:54 GMT
server: LiteSpeed
vary: User-Agent
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ultahours.com/wp-content/uploads/2022/04/cropped-cropped-Ulta-Hours-Icon-32x32.png
66.29.146.46200 OK 358 B URL HTTP/2 ultahours.com/wp-content/uploads/2022/04/cropped-cropped-Ulta-Hours-Icon-32x32.png
IP 66.29.146.46:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash d5727dd8e0d8a299260ba1e898e7ff8d
7d595998f775908706df296ef36400df08ccb352
09fb02a0371a4dc43efe086912e31d86f22b8c198a251700ac5f26a874a719d0
GET /wp-content/uploads/2022/04/cropped-cropped-Ulta-Hours-Icon-32x32.png HTTP/1.1
Host: ultahours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultahours.com/fume-extra-vape-need-to-know-maintenance-tips/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 04 Dec 2022 18:00:54 GMT
content-type: image/png
last-modified: Sun, 17 Apr 2022 07:53:16 GMT
accept-ranges: bytes
content-length: 358
date: Sun, 27 Nov 2022 18:00:54 GMT
server: LiteSpeed
vary: User-Agent
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
mediasama.com/starharem/01/s/index_rt.html
144.217.67.42200 OK 1.5 kB URL HTTP/1.1 mediasama.com/starharem/01/s/index_rt.html
IP 144.217.67.42:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 30597b59f3cb1eadf603fcfb21952340
baca3a552764959edd4fc56947acc9a4f33822de
6ac92da5b37d94c53f231a18bb88be006ae20f1724a63151a97ed918d86cb25d
Analyzer Verdict Alert fortinet Phishing
GET /starharem/01/s/index_rt.html HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 18:00:54 GMT
Server: Apache
Last-Modified: Wed, 20 Jul 2022 09:11:51 GMT
ETag: "17a0-5e438fdce23c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1525
Content-Type: text/html
shown.io/metrics/R53alDAe02
52.186.64.46200 OK 872 B URL HTTP/2 shown.io/metrics/R53alDAe02
IP 52.186.64.46:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (1655)
Hash e4fbf387838aaa3dfa14daab8b25a5c7
28809392f65eeaa3c9b468bb66955b8425258d3a
50403b066f32b87ad6683786f1328115882c01af3f209a461e9a74fa37c3765d
GET /metrics/R53alDAe02 HTTP/1.1
Host: shown.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nya.bz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-headers: Upgrade-Insecure-Requests
cache-control: no-cache, private
content-encoding: gzip
content-type: application/x-javascript
date: Sun, 27 Nov 2022 18:00:54 GMT
feature-policy: none
referrer-policy: same-origin
server: Apache/2.4.52 (Ubuntu)
set-cookie: XSRF-TOKEN=eyJpdiI6IlN4YUFMZTgzbmxxTEtWWnZRV2hzYVE9PSIsInZhbHVlIjoidWlkYUIxZ0w0ZlAwcFVVWVNxMWJpVWczWDNsdmdzSFZnV3gvUnYwNld5TVRJTUpIRGxseFhTOWVKS0FyNDVxWDNqVW5DZXZmclNnNHAxVUNUQTVJSXgzbVUrS2VFM2hRN3k1eXRkRDZ2dCtxZ0owcFEwTmRPM080eDJVM054VlEiLCJtYWMiOiJlOGU3ODNjYmJlNWM1ZTVjNzRjOGEzYzk3MGJmMjk5NGI3OWZmYjJhMDUwNmRiN2RlZjQ5YmNiZjUwOGNiZDM3IiwidGFnIjoiIn0%3D; expires=Fri, 04-Aug-2023 18:00:54 GMT; Max-Age=21600000; path=/
shown_session=eyJpdiI6InNJVklBdm9zbmVTaDcvd0M5OGx6UGc9PSIsInZhbHVlIjoiWlpGd2RYTWNScXVWTHJDSGIyTHlPVFg1RFJUNElkVlROMTY1RXR3S00yMVRNclRhU05tTmJFM0thYmdKb2M1UEpjMjVXYTlMT3J6eXhVZThIUFQ1ZkNDbUNHYUgwL0JXYUFiclFZSW1PTGFRd1lZNXE2ZWttTTJ3UitTUjlHL0giLCJtYWMiOiI4ZjU2MzM1ODQ5OTIwNTlhY2EyYWI1NWYwNWRmZGZhODg3YjY0NzY4N2YxODVlZjI1ODMyNzUyOTY5ODc1N2I0IiwidGFnIjoiIn0%3D; expires=Fri, 04-Aug-2023 18:00:54 GMT; Max-Age=21600000; path=/; httponly
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-id: b6ce2f20-8979-49f5-b45d-af5e49fa6bc3
x-xss-protection: 1; mode=block
content-length: 872
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5af61422c4eaa1b995ec63e463abda26
db75634681ed688840773ce828c169ac9da7d131
506791493bb08d458008ad072ac34a26c2170c1e775b83f55f20cd8af97aa895
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 18:00:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
142.250.74.42200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP 142.250.74.42:0
File type ASCII text, with very long lines (65451)
Hash 0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 06:32:03 GMT
expires: Thu, 23 Nov 2023 06:32:03 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 386931
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5af61422c4eaa1b995ec63e463abda26
db75634681ed688840773ce828c169ac9da7d131
506791493bb08d458008ad072ac34a26c2170c1e775b83f55f20cd8af97aa895
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 18:00:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mediasama.com/starharem/01/s/styles.css
144.217.67.42200 OK 2.4 kB URL HTTP/1.1 mediasama.com/starharem/01/s/styles.css
IP 144.217.67.42:0
File type ASCII text, with very long lines (420)
Hash 8e7117f5f47cb6cde0a8e8eb38b16dbb
617fd3f0d3f420ee1967a20fb0b0af4ac34eca03
794f8aa66b6afcf9b7d9bfe5952860436dcfee6bf82e4368af6bc838ce89be98
GET /starharem/01/s/styles.css HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 18:00:55 GMT
Server: Apache
Last-Modified: Thu, 07 Apr 2022 08:02:29 GMT
ETag: "2638-5dc0be6400e82-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2406
Content-Type: text/css
shown.io/metrics/R53alDAe02
52.186.64.46200 OK 872 B URL HTTP/2 shown.io/metrics/R53alDAe02
IP 52.186.64.46:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (1655)
Hash e4fbf387838aaa3dfa14daab8b25a5c7
28809392f65eeaa3c9b468bb66955b8425258d3a
50403b066f32b87ad6683786f1328115882c01af3f209a461e9a74fa37c3765d
GET /metrics/R53alDAe02 HTTP/1.1
Host: shown.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nya.bz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-headers: Upgrade-Insecure-Requests
cache-control: no-cache, private
content-encoding: gzip
content-type: application/x-javascript
date: Sun, 27 Nov 2022 18:00:55 GMT
feature-policy: none
referrer-policy: same-origin
server: Apache/2.4.52 (Ubuntu)
set-cookie: XSRF-TOKEN=eyJpdiI6IlhWS2d5alFBL0NCRnAxK1pkbnhGYlE9PSIsInZhbHVlIjoiZEhHNDFtSmZPcEVmQ1ljcENqTVQ3WStmN1ZLR2M3SXU1MUlwLzI3RnB0a0c4SnZGcldqdlN1UDZaOWZqcFR4UmVwRGZySlVsVyt5eExIM0tXTUVKWlVqTXpneHJUSGJ2bzZ5N0YvYUNqb0tCbE51RHZXclhZc3NlZVhsNTRJT2IiLCJtYWMiOiIwZmMyYTliMTYzNTljOGE0YTUxOTJiMWY3MzM1ZDQ3OGNhZWQ1ZWNlZTE2MzEyNjcxNGI3MWFhNDA4ZDM1NmVjIiwidGFnIjoiIn0%3D; expires=Fri, 04-Aug-2023 18:00:55 GMT; Max-Age=21600000; path=/
shown_session=eyJpdiI6InZMLzJXaVcvcHR6djRMOXEwME1taVE9PSIsInZhbHVlIjoiYXg4TWFaMTFWQnpXMTdjQWlCV0E0U2QwL1RZeEl6WElMUlA3RHhHekhqVXhoWTBMQzhSKzhRY2trVmNMS1l1SHJNYk9hY0VFN1M3QzFpMHppL3E2dUxBZ0hNSWpUWWRwSS95NWxiTDR3WXQ2aHdkT3RKQkEvSVRKZGRIS1UxZzUiLCJtYWMiOiI5YjBhZmY2MDA0OGZmMDVhMjM3Mzg2ZmI0NmQyNTM2MzFmMjU3NDA5YWU3Njg5NDJjYThhMzY4MmNhM2UzOTM0IiwidGFnIjoiIn0%3D; expires=Fri, 04-Aug-2023 18:00:55 GMT; Max-Age=21600000; path=/; httponly
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-id: 2474e7ab-f817-4b3c-ab88-67c392199bff
x-xss-protection: 1; mode=block
content-length: 872
X-Firefox-Spdy: h2
mediasama.com/starharem/01/s/js/main.js
144.217.67.42200 OK 549 B URL HTTP/1.1 mediasama.com/starharem/01/s/js/main.js
IP 144.217.67.42:0
Hash d8fa8e233a4db9fbce0c20d9a57a06fe
2366b2969771aa164bfdca6b5baf916806f6758a
f496e19ead804367daa801860cd95a7ec6854965a7c5cf2c49dda71532c19932
Analyzer Verdict Alert fortinet Phishing
GET /starharem/01/s/js/main.js HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 18:00:55 GMT
Server: Apache
Last-Modified: Thu, 07 Apr 2022 08:02:50 GMT
ETag: "516-5dc0be78000b5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 549
Content-Type: application/javascript
mediasama.com/starharem/01/s/audio/btn_1.mp3
144.217.67.42206 Partial Content 20 kB URL HTTP/1.1 mediasama.com/starharem/01/s/audio/btn_1.mp3
IP 144.217.67.42:0
File type Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 192 kbps, 44.1 kHz, JntStereo\012- data
Hash d857acaef2cdf5ec88ea6128c1ceb7b3
5f67419243f34232a4da8cb1a1eaecfc192ff1a7
df83bc888086ae84b5d532a39023b0db17e8f3ccd3ffdcd6f35c8d4f39558d24
Analyzer Verdict Alert fortinet Phishing
GET /starharem/01/s/audio/btn_1.mp3 HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 206 Partial Content
Date: Sun, 27 Nov 2022 18:00:55 GMT
Server: Apache
Last-Modified: Thu, 07 Apr 2022 08:02:31 GMT
ETag: "4f61-5dc0be65fcb81"
Accept-Ranges: bytes
Content-Length: 20321
Content-Range: bytes 0-20320/20321
Content-Type: audio/mpeg
mediasama.com/starharem/01/s/img/2.jpg
144.217.67.42200 OK 369 kB URL HTTP/1.1 mediasama.com/starharem/01/s/img/2.jpg
IP 144.217.67.42:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size 369 kB (369239 bytes)
Hash b7d3bd4ae3d5f8477e040e6410517866
2b255c9583c47e5da4069d9c055d3430a0c1e03a
7bb68d5a9a92a500956397e156beb117a0ef605b6747800cacf9c9440b6fc7e4
GET /starharem/01/s/img/2.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 18:00:55 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:41 GMT
ETag: "5a257-5dc622e1424eb"
Accept-Ranges: bytes
Content-Length: 369239
Content-Type: image/jpeg
mediasama.com/starharem/01/s/img/4.jpg
144.217.67.42200 OK 325 kB URL HTTP/1.1 mediasama.com/starharem/01/s/img/4.jpg
IP 144.217.67.42:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size 325 kB (325446 bytes)
Hash ec18d276822ab5772f3458da7dbedfbc
f7a38f944aaba3e6b848f496bf4b8fee50b58161
da6b7082767f0ddffbec031c7f84b859c7a1f20624445bb26aa93895b75d7c09
GET /starharem/01/s/img/4.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 18:00:55 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:43 GMT
ETag: "4f746-5dc622e2da82e"
Accept-Ranges: bytes
Content-Length: 325446
Content-Type: image/jpeg
fonts.googleapis.com/css2?family=Luckiest+Guy&family=Roboto:wght@400;700&display=swap
142.250.74.10200 OK 398 kB URL HTTP/2 fonts.googleapis.com/css2?family=Luckiest+Guy&family=Roboto:wght@400;700&display=swap
IP 142.250.74.10:0
Size 398 kB (397761 bytes)
Hash 426e688f4ccc94a0ca7dd86b65a807de
b20226ad01f832724a09b3fb5ad720c7555379e6
5e28f31192ed17c9bcd62fb9d2bfc14d306886c1a0b463c1007015d54d459ce6
GET /css2?family=Luckiest+Guy&family=Roboto:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 27 Nov 2022 18:00:55 GMT
date: Sun, 27 Nov 2022 18:00:55 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mediasama.com/starharem/01/s/img/3.jpg
144.217.67.42200 OK 375 kB URL HTTP/1.1 mediasama.com/starharem/01/s/img/3.jpg
IP 144.217.67.42:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size 375 kB (375159 bytes)
Hash 84c5f704120f28ad7bcde2ebab7442a0
fd2745300ba7ad59ff8044c7e9f76b1326ddd120
6227de9cf2198a85639d3808c134b85dc1e6a5ee5ee5709189c5e58d1b91b7c2
GET /starharem/01/s/img/3.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 18:00:55 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:41 GMT
ETag: "5b977-5dc622e17edac"
Accept-Ranges: bytes
Content-Length: 375159
Content-Type: image/jpeg
mediasama.com/starharem/01/s/img/10.jpg
144.217.67.42200 OK 237 kB URL HTTP/1.1 mediasama.com/starharem/01/s/img/10.jpg
IP 144.217.67.42:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size 237 kB (236974 bytes)
Hash e0046cc1f34ff0701ec4874a0a8c5d43
c6a46db14dfc50d67307a9855f4dd2688d576a01
8589d73053f4bb258d888488403564bdcc94fb2d87c7388f943bf06fb85865a1
GET /starharem/01/s/img/10.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 18:00:56 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:39 GMT
ETag: "39dae-5dc622df755e8"
Accept-Ranges: bytes
Content-Length: 236974
Content-Type: image/jpeg
mediasama.com/starharem/01/s/img/5.jpg
144.217.67.42200 OK 461 kB URL HTTP/1.1 mediasama.com/starharem/01/s/img/5.jpg
IP 144.217.67.42:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size 461 kB (461412 bytes)
Hash 42ad3cffde2e4081df94ded8a30a1dc5
7b064f0fcb96e5b5c498c0c03bcbb9ab15e999b0
be788428faee6157125228734e5510d4f49212766eff23a1a1b178e456f153d1
GET /starharem/01/s/img/5.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 18:00:55 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:43 GMT
ETag: "70a64-5dc622e35f52f"
Accept-Ranges: bytes
Content-Length: 461412
Content-Type: image/jpeg
mediasama.com/starharem/01/s/img/6.jpg
144.217.67.42200 OK 261 kB URL HTTP/1.1 mediasama.com/starharem/01/s/img/6.jpg
IP 144.217.67.42:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size 261 kB (261364 bytes)
Hash 4b7cf78d93f3f009f850bedb6829d7f6
cc55cad898df47a2f089946aee9398fea7fa2ae6
44d0a6f8e7f7fe0354c05417445137070431686d671c51e9f3d3869867f2448f
GET /starharem/01/s/img/6.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 18:00:56 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:44 GMT
ETag: "3fcf4-5dc622e471bd1"
Accept-Ranges: bytes
Content-Length: 261364
Content-Type: image/jpeg
mediasama.com/starharem/01/s/img/8.jpg
144.217.67.42200 OK 682 kB URL HTTP/1.1 mediasama.com/starharem/01/s/img/8.jpg
IP 144.217.67.42:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 0-3584, spot sensor temperature 0.000000, unit celsius, color scheme 0, calibration: offset 0.000000, slope 211035008.000000\012- data
Size 682 kB (682050 bytes)
Hash cedcd46e956dee6a28f87198962b0477
7b38f1de654971e436983fb6a34a71540ba526c9
08c08ef6f1ed9da65259719bbcc97e9aec700d3b486a9f0a741cb5800be34db5
GET /starharem/01/s/img/8.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 18:00:56 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:47 GMT
ETag: "a6842-5dc622e757ed6"
Accept-Ranges: bytes
Content-Length: 682050
Content-Type: image/jpeg
mediasama.com/starharem/01/s/img/7.jpg
144.217.67.42200 OK 327 kB URL HTTP/1.1 mediasama.com/starharem/01/s/img/7.jpg
IP 144.217.67.42:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size 327 kB (326553 bytes)
Hash c67c9fb0268eea7d188c4c9bc54a0bf4
216b83374ba6f011041b31dd381f22e99ea7a8c1
95ae6eba3fad2ff05cadc95b27fc79a198a9e873371ab5fb7bb97c1661cd4654
GET /starharem/01/s/img/7.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 18:00:56 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:45 GMT
ETag: "4fb99-5dc622e5033f2"
Accept-Ranges: bytes
Content-Length: 326553
Content-Type: image/jpeg
mediasama.com/starharem/01/s/img/9.jpg
144.217.67.42200 OK 342 kB URL HTTP/1.1 mediasama.com/starharem/01/s/img/9.jpg
IP 144.217.67.42:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size 342 kB (341673 bytes)
Hash a3a888cf217de9be2aa727dd1cc64757
b7bd361dfdceecfc5775d0ed32e5798abd271d5e
2fd4025336ad8a5edd704651a216cf6b9739089ad1c204bd1ea8e114d11770b9
GET /starharem/01/s/img/9.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 18:00:56 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:47 GMT
ETag: "536a9-5dc622e6fb276"
Accept-Ranges: bytes
Content-Length: 341673
Content-Type: image/jpeg
mediasama.com/starharem/01/s/img/11.jpg
144.217.67.42200 OK 403 kB URL HTTP/1.1 mediasama.com/starharem/01/s/img/11.jpg
IP 144.217.67.42:0
File type JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Size 403 kB (402740 bytes)
Hash c10654a068f849e614885c983ac9ab02
8d69da78045560f1c2de7bafc47b2c8a12e86424
3a864743d27da3ef1cea10d293532f84f9d564a98b34afef2a8f4b380472dfc2
GET /starharem/01/s/img/11.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 18:00:56 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 09:18:06 GMT
ETag: "62534-5dc5d6c134c3d"
Accept-Ranges: bytes
Content-Length: 402740
Content-Type: image/jpeg
betotodilea.com/impression/g2oS7cFHeFnigrePvUIOPiLq6_74wWRNuy6nstYCXxoImmKyH7GBWbI4jHWjoWHYA41wu8u_kiI2t0vL63iyi9WBxWIFfDCwjQ4OWcXLSsvTM_nbiuW-DrtBDEAOOIVEj2nmXujYV-8vs8AzKL8E7wvgsfKblQwDmX5e398ZIuz5uG1aqgOKNJqcKudTy-RivMgaNizjQ4ifa0OUbFFxjeNU-qeRJn-22OfZXH8Yu34zC358kMPmptNoz1Am7EB1lXFOFzC60q1qOyLKybsBPqESsiSbfrl_YJ14tRwG_qwZmFwSezFl8UZIR3Hl0Lb-yWM21TTYSUeWj61mleOMSbnECQwC-CXV04GbH6Hvwqsq2JH-lKXzQ0qC_LHchdt3WVZ4PmAQt1gHAADLC1BL-nJjwydMa6darUrE32rT1lq7fuZzExLLo0bUpnwZw_e9ajou91dYTVkw9z9JZWx312CFIKvffQiY9ykN2vZUO7WxyRa45hQrxSPfVfgb6eooloDT0ny3DMRQFL70zdaNRhEaT5zI19wfRA2OUgZHhXklp8Hh8s0SdyQ7WYA-2QMkMv0nz2ruXQk5a-YDH7kRU5txBCXg2llyGYXVSH9GuNW4WH1D2KiX5D8s1Ua6TW2ImIjpkAU6oi8kttWC6VsHWZRrrj59kkJFkUoYtXNod-McP79VxEUad52ldGOUeGWdSm-HW5bTNJq8IUBxkTO1iPqNompV4_DYWqyY_yAPePN-k2OXFDabDvP80zd9vdY9YsPPGFu3uJEuD490aaoS5QIIGespCqt8w3h0jzsVQCifVizsfecFRA665KU=?_z=5425337&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fultahours.com%2Ffume-extra-vape-need-to-know-maintenance-tips%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 43 B URL HTTP/2 betotodilea.com/impression/g2oS7cFHeFnigrePvUIOPiLq6_74wWRNuy6nstYCXxoImmKyH7GBWbI4jHWjoWHYA41wu8u_kiI2t0vL63iyi9WBxWIFfDCwjQ4OWcXLSsvTM_nbiuW-DrtBDEAOOIVEj2nmXujYV-8vs8AzKL8E7wvgsfKblQwDmX5e398ZIuz5uG1aqgOKNJqcKudTy-RivMgaNizjQ4ifa0OUbFFxjeNU-qeRJn-22OfZXH8Yu34zC358kMPmptNoz1Am7EB1lXFOFzC60q1qOyLKybsBPqESsiSbfrl_YJ14tRwG_qwZmFwSezFl8UZIR3Hl0Lb-yWM21TTYSUeWj61mleOMSbnECQwC-CXV04GbH6Hvwqsq2JH-lKXzQ0qC_LHchdt3WVZ4PmAQt1gHAADLC1BL-nJjwydMa6darUrE32rT1lq7fuZzExLLo0bUpnwZw_e9ajou91dYTVkw9z9JZWx312CFIKvffQiY9ykN2vZUO7WxyRa45hQrxSPfVfgb6eooloDT0ny3DMRQFL70zdaNRhEaT5zI19wfRA2OUgZHhXklp8Hh8s0SdyQ7WYA-2QMkMv0nz2ruXQk5a-YDH7kRU5txBCXg2llyGYXVSH9GuNW4WH1D2KiX5D8s1Ua6TW2ImIjpkAU6oi8kttWC6VsHWZRrrj59kkJFkUoYtXNod-McP79VxEUad52ldGOUeGWdSm-HW5bTNJq8IUBxkTO1iPqNompV4_DYWqyY_yAPePN-k2OXFDabDvP80zd9vdY9YsPPGFu3uJEuD490aaoS5QIIGespCqt8w3h0jzsVQCifVizsfecFRA665KU=?_z=5425337&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fultahours.com%2Ffume-extra-vape-need-to-know-maintenance-tips%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Analyzer Verdict Alert quad9 Sinkholed
GET /impression/g2oS7cFHeFnigrePvUIOPiLq6_74wWRNuy6nstYCXxoImmKyH7GBWbI4jHWjoWHYA41wu8u_kiI2t0vL63iyi9WBxWIFfDCwjQ4OWcXLSsvTM_nbiuW-DrtBDEAOOIVEj2nmXujYV-8vs8AzKL8E7wvgsfKblQwDmX5e398ZIuz5uG1aqgOKNJqcKudTy-RivMgaNizjQ4ifa0OUbFFxjeNU-qeRJn-22OfZXH8Yu34zC358kMPmptNoz1Am7EB1lXFOFzC60q1qOyLKybsBPqESsiSbfrl_YJ14tRwG_qwZmFwSezFl8UZIR3Hl0Lb-yWM21TTYSUeWj61mleOMSbnECQwC-CXV04GbH6Hvwqsq2JH-lKXzQ0qC_LHchdt3WVZ4PmAQt1gHAADLC1BL-nJjwydMa6darUrE32rT1lq7fuZzExLLo0bUpnwZw_e9ajou91dYTVkw9z9JZWx312CFIKvffQiY9ykN2vZUO7WxyRa45hQrxSPfVfgb6eooloDT0ny3DMRQFL70zdaNRhEaT5zI19wfRA2OUgZHhXklp8Hh8s0SdyQ7WYA-2QMkMv0nz2ruXQk5a-YDH7kRU5txBCXg2llyGYXVSH9GuNW4WH1D2KiX5D8s1Ua6TW2ImIjpkAU6oi8kttWC6VsHWZRrrj59kkJFkUoYtXNod-McP79VxEUad52ldGOUeGWdSm-HW5bTNJq8IUBxkTO1iPqNompV4_DYWqyY_yAPePN-k2OXFDabDvP80zd9vdY9YsPPGFu3uJEuD490aaoS5QIIGespCqt8w3h0jzsVQCifVizsfecFRA665KU=?_z=5425337&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fultahours.com%2Ffume-extra-vape-need-to-know-maintenance-tips%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultahours.com/
Cookie: OAID=34833461a6b143cba942a0c856014447
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 18:00:58 GMT
content-type: image/gif
content-length: 43
x-trace-id: abb9368a5ea7d30273e6f8a046fcb420
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
betotodilea.com/500/5425337?excludes=15867746&oaid=34833461a6b143cba942a0c856014447&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fultahours.com%2Ffume-extra-vape-need-to-know-maintenance-tips%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL HTTP/2 betotodilea.com/500/5425337?excludes=15867746&oaid=34833461a6b143cba942a0c856014447&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fultahours.com%2Ffume-extra-vape-need-to-know-maintenance-tips%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/5425337?excludes=15867746&oaid=34833461a6b143cba942a0c856014447&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fultahours.com%2Ffume-extra-vape-need-to-know-maintenance-tips%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://ultahours.com/
Origin: https://ultahours.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 18:00:59 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://ultahours.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
offerimage.com/www/images/bb6ee966fa882a0b586332a80eedaeb5.png
104.22.32.172200 OK 37 kB URL HTTP/2 offerimage.com/www/images/bb6ee966fa882a0b586332a80eedaeb5.png
IP 104.22.32.172:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash bb6ee966fa882a0b586332a80eedaeb5
556eebc491e99672f18da637f0e138d80add49cf
69fb6d2912ff792a8beb7f2cc5a8aece88ad5d42f823f5b67e17d689cadaf957
GET /www/images/bb6ee966fa882a0b586332a80eedaeb5.png HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultahours.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 18:00:59 GMT
content-type: image/png
content-length: 36768
last-modified: Fri, 20 May 2022 13:33:01 GMT
etag: "6287988d-8fa0"
expires: Mon, 28 Nov 2022 11:11:38 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 24561
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 770cc43a391e0a37-ARN
X-Firefox-Spdy: h2
ibrapush.com/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ultahours.com/
Content-Type: application/json
Origin: https://ultahours.com
Content-Length: 417
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 18:01:00 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 2e81ba84878945fc85cf59739eefa048
access-control-allow-origin: https://ultahours.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ultahours.com/fume-extra-vape-need-to-know-maintenance-tips/
66.29.146.46404 Not Found 0 B URL HTTP/2 ultahours.com/fume-extra-vape-need-to-know-maintenance-tips/
IP 66.29.146.46:0
GET /fume-extra-vape-need-to-know-maintenance-tips/ HTTP/1.1
Host: ultahours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://ultahours.com/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Sun, 27 Nov 2022 18:00:51 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
nanouwho.com/9?z=5425338&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fultahours.com%2Ffume-extra-vape-need-to-know-maintenance-tips%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=34833461a6b143cba942a0c856014447
139.45.197.242200 OK 0 B URL HTTP/2 nanouwho.com/9?z=5425338&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fultahours.com%2Ffume-extra-vape-need-to-know-maintenance-tips%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=34833461a6b143cba942a0c856014447
IP 139.45.197.242:0
Analyzer Verdict Alert quad9 Sinkholed
POST /9?z=5425338&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fultahours.com%2Ffume-extra-vape-need-to-know-maintenance-tips%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=34833461a6b143cba942a0c856014447 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 70
Origin: https://ultahours.com
Connection: keep-alive
Referer: https://ultahours.com/
Cookie: scm=1; OAID=438e582bdec248be85ca09fad5da7b56; oaidts=1669572053
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 18:00:54 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://ultahours.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: f0bdd265c3e69e099f308d3886b179cf
access-control-expose-headers: X-Sc
set-cookie: OAID=34833461a6b143cba942a0c856014447; expires=Mon, 27 Nov 2023 18:00:54 GMT; secure; SameSite=None
oaidts=1669572053; expires=Mon, 27 Nov 2023 18:00:54 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
arsnivyr.com/27/22b0ff6d446d45dfe24f0ae457b1c7db
139.45.197.242200 OK 0 B URL HTTP/2 arsnivyr.com/27/22b0ff6d446d45dfe24f0ae457b1c7db
IP 139.45.197.242:0
Analyzer Verdict Alert quad9 Sinkholed
GET /27/22b0ff6d446d45dfe24f0ae457b1c7db HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultahours.com/
Cookie: scm=1; OAID=779cfdd14cfd4841b84ba227dc8543f3; oaidts=1669572052
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 18:00:53 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Fri, 25 Nov 2022 08:14:39 GMT
expires: Fri, 25 Dec 2082 08:14:39 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
betotodilea.com/400/5425337
139.45.197.237200 OK 0 B URL HTTP/2 betotodilea.com/400/5425337
IP 139.45.197.237:0
Analyzer Verdict Alert quad9 Sinkholed
GET /400/5425337 HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultahours.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 18:00:53 GMT
content-type: application/javascript
x-trace-id: 4636f44ff342ecdac150626dc7005783
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=9c17a9d0bb694f68a26d9379ed294c87; expires=Mon, 27 Nov 2023 18:00:53 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
ultahours.com/sw.js
66.29.146.46404 Not Found 0 B IP 66.29.146.46:0
GET /sw.js HTTP/1.1
Host: ultahours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ultahours.com/fume-extra-vape-need-to-know-maintenance-tips/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://ultahours.com/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache-control: public,max-age=3600
x-litespeed-tag: a24_HTTP.404,a24_404,a24_URL.530e02806fd3a83d21ee1fbad74920ac,a24_
x-litespeed-cache: miss
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Sun, 27 Nov 2022 18:00:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
nanouwho.com/27/22b0ff6d446d45dfe24f0ae457b1c7db
139.45.197.242200 OK 0 B URL HTTP/2 nanouwho.com/27/22b0ff6d446d45dfe24f0ae457b1c7db
IP 139.45.197.242:0
Analyzer Verdict Alert quad9 Sinkholed
GET /27/22b0ff6d446d45dfe24f0ae457b1c7db HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultahours.com/
Cookie: scm=1; OAID=438e582bdec248be85ca09fad5da7b56; oaidts=1669572053
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 18:00:53 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Fri, 25 Nov 2022 08:14:39 GMT
expires: Fri, 25 Dec 2082 08:14:39 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
betotodilea.com/500/5425337?excludes=15867746&oaid=34833461a6b143cba942a0c856014447&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fultahours.com%2Ffume-extra-vape-need-to-know-maintenance-tips%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL HTTP/2 betotodilea.com/500/5425337?excludes=15867746&oaid=34833461a6b143cba942a0c856014447&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fultahours.com%2Ffume-extra-vape-need-to-know-maintenance-tips%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Analyzer Verdict Alert quad9 Sinkholed
GET /500/5425337?excludes=15867746&oaid=34833461a6b143cba942a0c856014447&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fultahours.com%2Ffume-extra-vape-need-to-know-maintenance-tips%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://ultahours.com
Connection: keep-alive
Referer: https://ultahours.com/
Cookie: OAID=34833461a6b143cba942a0c856014447
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 18:00:59 GMT
content-type: application/javascript
x-trace-id: 533184de019c7e0f9c0cb08cdb4ad142
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://ultahours.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=34833461a6b143cba942a0c856014447; expires=Mon, 27 Nov 2023 18:00:59 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
ibrapush.com/pfe/current/tag.min.js?z=5425339
139.45.197.250200 OK 0 B URL HTTP/2 ibrapush.com/pfe/current/tag.min.js?z=5425339
IP 139.45.197.250:0
GET /pfe/current/tag.min.js?z=5425339 HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ultahours.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 18:00:53 GMT
content-type: application/javascript
last-modified: Thu, 24 Nov 2022 15:53:54 GMT
etag: W/"637f9392-39be"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
link: <https://my.rtmark.net>; rel=dns-prefetch;, <https://my.rtmark.net>; rel=preconnect
content-encoding: gzip
X-Firefox-Spdy: h2