Report - connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html

Report Overview

Submitted URL
connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html
IP
199.33.112.228
ASN
#23498 CDSI
Submitted
2022-10-05 12:55:42
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
114

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
cdn.jsdelivr.net	439	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	406 B	4.9 kB	151.101.85.229
randomuser.me	165273	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.0 kB	55 kB	104.21.95.107
a0.muscache.com	13289	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	97 kB	184.31.15.233
b.tile.openstreetmap.org	14544	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	151 kB	151.101.85.91
a.tile.openstreetmap.org	14370	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	141 kB	151.101.85.91
c.tile.openstreetmap.org	14571	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	146 kB	151.101.85.91
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	338 B	944 B	108.138.212.162
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	62 kB	34.120.237.76
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	3.5 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	108.156.28.39
connect-safely.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	28 kB	2.0 MB	199.33.112.228
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	658 B	1.5 kB	93.184.220.29
ka-f.fontawesome.com	3598	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.8 kB	87 kB	172.64.203.28
ik.imagekit.io	30045	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	284 kB	18.164.68.43
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	18.165.201.17
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	7.7 kB	104.18.20.226
shavar.services.mozilla.com	3602	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	441 B	204 B	52.35.225.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	54.69.181.45

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-10-04	medium	connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html	Airbnb, Inc.

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-05	medium	connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html	Phishing
2022-10-05	medium	connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/b7d942f919.js.download	Phishing
2022-10-05	medium	connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/leaflet.js.download	Phishing
2022-10-05	medium	connect-safely.com/airbnb/static/airbnb-dls-web/build/fonts/Airbnb_Cereal-Book-9a1c9cca9bb3d65fefa2aa487617805e.woff2	Phishing
2022-10-05	medium	connect-safely.com/airbnb/static/airbnb-dls-web/build/fonts/Airbnb_Cereal-Book-aa38e86e3f98554f9f7053d7b713b4db.woff	Phishing
2022-10-05	medium	connect-safely.com/airbnb/static/airbnb-dls-web/build/fonts/Airbnb_Cereal-Book-9a1c9cca9bb3d65fefa2aa487617805e.woff2	Phishing
2022-10-05	medium	connect-safely.com/airbnb/static/airbnb-dls-web/build/fonts/Airbnb_Cereal-Book-aa38e86e3f98554f9f7053d7b713b4db.woff	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-10-05	medium	connect-safely.com	Sinkholed
2022-10-05	medium	connect-safely.com	Sinkholed
2022-10-05	medium	connect-safely.com	Sinkholed
2022-10-05	medium	connect-safely.com	Sinkholed
2022-10-05	medium	connect-safely.com	Sinkholed
2022-10-05	medium	connect-safely.com	Sinkholed
2022-10-05	medium	connect-safely.com	Sinkholed
2022-10-05	medium	connect-safely.com	Sinkholed
2022-10-05	medium	connect-safely.com	Sinkholed
2022-10-05	medium	connect-safely.com	Sinkholed
2022-10-05	medium	connect-safely.com	Sinkholed
2022-10-05	medium	connect-safely.com	Sinkholed
2022-10-05	medium	connect-safely.com	Sinkholed
2022-10-05	medium	connect-safely.com	Sinkholed
2022-10-05	medium	connect-safely.com	Sinkholed
2022-10-05	medium	connect-safely.com	Sinkholed
2022-10-05	medium	connect-safely.com	Sinkholed
2022-10-05	medium	connect-safely.com	Sinkholed
2022-10-05	medium	connect-safely.com	Sinkholed
2022-10-05	medium	connect-safely.com	Sinkholed
2022-10-05	medium	connect-safely.com	Sinkholed
2022-10-05	medium	connect-safely.com	Sinkholed
2022-10-05	medium	connect-safely.com	Sinkholed
2022-10-05	medium	connect-safely.com	Sinkholed
2022-10-05	medium	connect-safely.com	Sinkholed
2022-10-05	medium	connect-safely.com	Sinkholed
2022-10-05	medium	connect-safely.com	Sinkholed
2022-10-05	medium	connect-safely.com	Sinkholed
2022-10-05	medium	connect-safely.com	Sinkholed
2022-10-05	medium	connect-safely.com	Sinkholed
2022-10-05	medium	connect-safely.com	Sinkholed
2022-10-05	medium	connect-safely.com	Sinkholed
2022-10-05	medium	connect-safely.com	Sinkholed
2022-10-05	medium	connect-safely.com	Sinkholed
2022-10-05	medium	connect-safely.com	Sinkholed
2022-10-05	medium	connect-safely.com	Sinkholed
2022-10-05	medium	connect-safely.com	Sinkholed
2022-10-05	medium	connect-safely.com	Sinkholed
2022-10-05	medium	connect-safely.com	Sinkholed
2022-10-05	medium	connect-safely.com	Sinkholed
2022-10-05	medium	connect-safely.com	Sinkholed
2022-10-05	medium	connect-safely.com	Sinkholed
2022-10-05	medium	connect-safely.com	Sinkholed
2022-10-05	medium	connect-safely.com	Sinkholed
2022-10-05	medium	connect-safely.com	Sinkholed
2022-10-05	medium	connect-safely.com	Sinkholed
2022-10-05	medium	connect-safely.com	Sinkholed
2022-10-05	medium	connect-safely.com	Sinkholed
2022-10-05	medium	connect-safely.com	Sinkholed

JavaScript (11)

	URL	Size	First Seen	Last Seen
	connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/b7d942f919.js.download	11 kB	2023-03-08	2024-02-11
Pretty URL connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/b7d942f919.js.download IP 199.33.112.228 ASN #23498 CDSI Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:20:38 Last Seen2024-02-11 09:44:01 Times Seen1 Hash 5737b8959609789f89774af486f921e2 465c5e3d5ccb2f58d042c2a25d7aa30ba3807ba8 dcdc727d36b3f72cc2345d84db6a50559fc4b8b251b9cbd9b5b92df2ad156a09 Loading...

	connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html	735 B	2023-03-08	2023-10-16
Pretty URL connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html IP 199.33.112.228 ASN #23498 CDSI Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:04:49 Last Seen2023-10-16 01:14:16 Times Seen3 Hash d133f1c65e576412b2b4f2d9d6f8fdde 6b2cb9018a45ead6d59485a12376ac0e48fb1a2d d48474737fa9837bbbc8889657831d64ec761104fcd89de304d1d498df2ead74 Loading...

	connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/leaflet.js.download	126 kB	2023-03-07	2023-12-19
Pretty URL connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/leaflet.js.download IP 199.33.112.228 ASN #23498 CDSI Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:47:13 Last Seen2023-12-19 19:38:07 Times Seen40 Hash 591bc0cd60365b546d23fd1b85e584fa 23cdfb032b2bf0ef283d10bca361cc890442522a 6917811f3223a0cccaae9d07e179f15c89b49b0b8d1bf17ed34a4a0e216e2f12 Loading...

	connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html	929 B	2023-03-08	2023-10-16
Pretty URL connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html IP 199.33.112.228 ASN #23498 CDSI Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:04:49 Last Seen2023-10-16 01:14:16 Times Seen3 Hash 5472c88eb4e173616041062532a007b2 d24cf49beeb92a363ddf11943a68dd5d9a399a59 b86c1e8737af06c8a137a6232714b918285dfbdec2b7335d4dd9443bb3efe7f0 Loading...

	connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html	5.5 kB	2023-03-08	2023-03-08
Pretty URL connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html IP 199.33.112.228 ASN #23498 CDSI Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:20:39 Last Seen2023-03-08 06:04:49 Times Seen1 Hash b2b93952c36411ccf8d89b2712d8855b 43afa2ae3a8613ee1e6d0ae056a5010cc9859921 9737c96568240ad357e7f828fd60f1acbe98bd638cb23e8102d39d198c0e0c8a Loading...

	connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html	771 B	2023-03-08	2023-03-08
Pretty URL connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html IP 199.33.112.228 ASN #23498 CDSI Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:04:49 Last Seen2023-03-08 06:04:49 Times Seen1 Hash 12da6418b936cf4160cd2208e4b4a876 dfb3cee8909ae2a391286435d7c7c36c4ca10962 059c9d9a614c83f2d7bbdb3affd09bada6c41f9f1f16068bda99adf99e618e7d Loading...

	connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html	288 kB	2023-03-08	2023-03-08
Pretty URL connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html IP 199.33.112.228 ASN #23498 CDSI Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:20:39 Last Seen2023-03-08 06:04:49 Times Seen1 Hash 7b4719fe26eeae8009a8f5e55894b91d 5b474ee5ce348ad6d74387d06dae241e342e34be 327663505bd913fbf44a23fbb6605b3267bd0ce243f39e5a99371fec5c22249a Loading...

	connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html	585 B	2023-03-08	2023-03-08
Pretty URL connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html IP 199.33.112.228 ASN #23498 CDSI Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:04:49 Last Seen2023-03-08 06:04:49 Times Seen1 Hash 5c5776b705d14aaa60ee30cf79a94ba2 efbf35432337b6ef0cf9e460a28da7bc8f96774e 69e2e961a95a7494dffa472c561d62e6dec9e586d3fa6254188877a2385ff234 Loading...

	connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html	113 B	2023-03-08	2023-05-22
Pretty URL connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html IP 199.33.112.228 ASN #23498 CDSI Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:20:39 Last Seen2023-05-22 01:25:52 Times Seen2 Hash 128623d52ccfc272c6351fb0111155fd 93a67ef16733531b9b796cfaa8af4e369ca6b670 db9548a9359e38d54133be99484238defd83e545db7e6019e6187ae6ac2468bc Loading...

	connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html	5.8 kB	2023-03-08	2023-03-08
Pretty URL connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html IP 199.33.112.228 ASN #23498 CDSI Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:20:38 Last Seen2023-03-08 06:04:49 Times Seen1 Hash 9ca329c946cba82b552aca7d0100d445 350d18f60142686fc5faea48befe5495aad2d198 b05fd830d1cf665beccf1849dbb4326c7e9b474331924fddbb1192de65e7d0bf Loading...

	connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html	1.3 kB	2023-03-08	2023-10-16
Pretty URL connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html IP 199.33.112.228 ASN #23498 CDSI Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:20:38 Last Seen2023-10-16 01:14:17 Times Seen3 Hash 45b0f64a5ff56b698d5db91d1692e316 b7e71167e7879aa50e63e4984472e224ca2cfb16 1e821f5ebb239d52c17185e98223646f0e95031dae22d071edc6448cd47a170d Loading...

HTTP Transactions (111)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
282f6e1328452c1cb41f6a6272fff757
20b9ff1b5f4f81b645769bd4b4cf7bf7dfc16262
6a8070ebe51259cb11db68cca2c81f3c7408fad481d8c14cc1c38912442c63f4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A8070EBE51259CB11DB68CCA2C81F3C7408FAD481D8C14CC1C38912442C63F4"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15531
Expires: Wed, 05 Oct 2022 17:14:22 GMT
Date: Wed, 05 Oct 2022 12:55:31 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

18.165.201.17

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
18.165.201.17:0
ASN
#0

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 12:04:33 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 398a51ec785027c0cfb5003d3a46ab0a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: Z19urw5hziGR1s58D7JYeSellfcIpceduQp3z7nZ3QTQ2QdXTlBPpA==
Age: 3058

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

108.156.28.39

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
108.156.28.39:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 05 Oct 2022 02:28:20 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 f793ce54a443ce6e9ca85f518dd4fd36.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: ktlWdEMKJ6MdIw-IBpRZquaM0T5XFsI3heOrAvpiQtIEHB-qHSETGw==
age: 38282
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 12:55:31 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html

199.33.112.228

200 OK

203 kB

URL HTTP/2
connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html
IP
199.33.112.228:0
ASN
#23498 CDSI

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (34049)
Size
203 kB (202970 bytes)
Hash
6af0a874e536caca1feeb94ca5aa197b
3d05981c33d8582339f428cad0a9af4dfeef2d28
c57057d9424ecbe93bbe659c42e235bfd797113dae61e4b56071fa02d6cd029c

Detections

Analyzer	Verdict	Alert
openphish	Airbnb, Inc.
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html HTTP/1.1
Host: connect-safely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 04 Oct 2022 11:25:59 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 202970
date: Wed, 05 Oct 2022 12:55:31 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

18.165.201.17

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
18.165.201.17:0
ASN
#0

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Wed, 05 Oct 2022 12:33:06 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Wed, 05 Oct 2022 12:44:09 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 133321d9ca8be95a19f574700824c0e0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: oOEEQvRZfZXhZSPGbBvzy_3w9YhEAuhT8GWk5Gz2gStQ-_sBTZ9hcw==
Age: 1359

connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/b7d942f919.js.download

199.33.112.228

200 OK

11 kB

URL HTTP/2
connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/b7d942f919.js.download
IP
199.33.112.228:0
ASN
#23498 CDSI

File type
ASCII text, with very long lines (10594)
Size
11 kB (11024 bytes)
Hash
5737b8959609789f89774af486f921e2
465c5e3d5ccb2f58d042c2a25d7aa30ba3807ba8
dcdc727d36b3f72cc2345d84db6a50559fc4b8b251b9cbd9b5b92df2ad156a09

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/b7d942f919.js.download HTTP/1.1
Host: connect-safely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/octet-stream
last-modified: Tue, 04 Oct 2022 11:26:23 GMT
accept-ranges: bytes
content-length: 11024
date: Wed, 05 Oct 2022 12:55:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/lightgallery@1.6.14/dist/css/lightgallery.css

151.101.85.229

200 OK

4.2 kB

URL HTTP/2
cdn.jsdelivr.net/npm/lightgallery@1.6.14/dist/css/lightgallery.css
IP
151.101.85.229:0
ASN
#54113 FASTLY

File type
ASCII text
Size
4.2 kB (4154 bytes)
Hash
c6483888956bc06d4ef17120360b61a7
5ca74ce2da1b4343570ed732ebf991725a3f4a4c
cf71948df6004e77b50263a4df5209c943eef06d243e5eccf13025d51af0c480

HTTP Headers

GET /npm/lightgallery@1.6.14/dist/css/lightgallery.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 1.6.14
x-jsd-version-type: version
etag: W/"611d-Lfv4kLAD2VL9lB2pzlbXcFBj6Ig"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 05 Oct 2022 12:55:32 GMT
age: 2459623
x-served-by: cache-fra19136-FRA, cache-bma1676-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4154
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
1561c6be7c89d1357a80d12de47b6e74
9a705277922ecca583c867af58b3efce099f83bd
e33dc034dbf4b3b627cd3c1af2d942e2ca5704ec9a4aad5c46ad39eb070e82ab

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4558
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 12:55:32 GMT
Last-Modified: Wed, 05 Oct 2022 11:39:34 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

randomuser.me/api/portraits/women/9.jpg

104.21.95.107

200 OK

5.5 kB

URL HTTP/2
randomuser.me/api/portraits/women/9.jpg
IP
104.21.95.107:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Size
5.5 kB (5522 bytes)
Hash
536bf7d19c5646166fb4f8bf572ee703
7b6f1d4c2ef8183efff786991ae260ade228596c
f22764f3355bb916a04e578d85b3078c4efcd804fe83018ec6ac97ab56e82b5f

HTTP Headers

GET /api/portraits/women/9.jpg HTTP/1.1
Host: randomuser.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 12:55:32 GMT
content-type: image/jpeg
content-length: 5522
last-modified: Tue, 05 Jul 2022 00:27:53 GMT
etag: "62c38589-1592"
expires: Thu, 27 Oct 2022 21:18:54 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 30933
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pxh58BSL%2BGhDeVBOADKkxCDIELoECC41HnAAyGlQZHMueoAz4HDr5Jaa3zuVlkOubD1Ycu%2FVc5u4KebbJpzd8FzUVtOb9DJMgKxsyxJWT9ZbYKqZeIFlKi01JLgEIoWa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75564fea88310b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/a.jpg

199.33.112.228

200 OK

77 kB

URL HTTP/2
connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/a.jpg
IP
199.33.112.228:0
ASN
#23498 CDSI

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1200x900, components 3\012- data
Size
77 kB (76835 bytes)
Hash
0eeba04b03dbff549fec97d2984ea398
a5b30cb2a53a4776eda1dc280aed6bb7588e1a3e
d3f75010f660d0161f33b768e3a3342a4806288fe06a123f2f403bee7ae6d8be

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/a.jpg HTTP/1.1
Host: connect-safely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 12:55:32 GMT
content-type: image/jpeg
last-modified: Tue, 04 Oct 2022 11:26:22 GMT
accept-ranges: bytes
content-length: 76835
date: Wed, 05 Oct 2022 12:55:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

randomuser.me/api/portraits/women/64.jpg

104.21.95.107

200 OK

7.5 kB

URL HTTP/2
randomuser.me/api/portraits/women/64.jpg
IP
104.21.95.107:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Size
7.5 kB (7522 bytes)
Hash
19432dc4752c193452f4c963e25e0a1d
e82e86ad85299ddd756c2bbf2ba8ac8217b59ba5
6930aba1069b5a5c6491a4ea3017bcace154cde3028cd62b1a6f75677f454456

HTTP Headers

GET /api/portraits/women/64.jpg HTTP/1.1
Host: randomuser.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 12:55:32 GMT
content-type: image/jpeg
content-length: 7522
last-modified: Tue, 05 Jul 2022 00:27:53 GMT
etag: "62c38589-1d62"
expires: Sat, 15 Oct 2022 00:58:46 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 7532
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xnOM3M0odEsbkCjHlkpjnldavROgsnG9rgCoDlJ9V06AVAAnCDMQx4xc%2F7wI5bv3D%2FAmNscqi2JLziuIO5O8toI3%2BuoC9o0lWIPDmIW2y2tab9%2Fmv1FXdrXWHvuzx%2BOr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75564fea88390b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

randomuser.me/api/portraits/women/54.jpg

104.21.95.107

200 OK

5.9 kB

URL HTTP/2
randomuser.me/api/portraits/women/54.jpg
IP
104.21.95.107:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Size
5.9 kB (5907 bytes)
Hash
ba3a7a02107e8655d89eb6ed3fbf2398
fb8858080a6e7510da4538f237f27dfd9812c6d4
d4885b6c62fec6a9ddc0450843dbf6e81ee9d8b412c1b8f74b8edae87c3304cf

HTTP Headers

GET /api/portraits/women/54.jpg HTTP/1.1
Host: randomuser.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 12:55:32 GMT
content-type: image/jpeg
content-length: 5907
last-modified: Tue, 05 Jul 2022 00:27:53 GMT
etag: "62c38589-1713"
expires: Sat, 15 Oct 2022 01:39:03 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 592419
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hz9LqCka7u4JhJjr%2BqF5D%2F76CrQWCdFNSPLy%2FMm5rI5eF3KXaSUiiTeZz1vdHTflauN4EQhCPVwNo4ntOLvIFVmBfpsQ7OHN4XtuiiirzGuyGbEtsi8CR7dPkx%2FdPq0v"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75564fea883b0b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/b.jpg

199.33.112.228

200 OK

126 kB

URL HTTP/2
connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/b.jpg
IP
199.33.112.228:0
ASN
#23498 CDSI

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1200x900, components 3\012- data
Size
126 kB (125617 bytes)
Hash
1f50d258ba4f5a6fe501549f085352de
294820e9963077ca3b96bb397840f43e4c81c951
7d88f31ebe6a1e7b938951199195835544b986fe5726d0b7585fee14bf92f5c4

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/b.jpg HTTP/1.1
Host: connect-safely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 12:55:32 GMT
content-type: image/jpeg
last-modified: Tue, 04 Oct 2022 11:26:22 GMT
accept-ranges: bytes
content-length: 125617
date: Wed, 05 Oct 2022 12:55:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

randomuser.me/api/portraits/women/44.jpg

104.21.95.107

200 OK

3.5 kB

URL HTTP/2
randomuser.me/api/portraits/women/44.jpg
IP
104.21.95.107:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Size
3.5 kB (3539 bytes)
Hash
ee7f23d6cb6677f1dcc534bc67752105
283eb87612ab35dc4aff349a8c27a98250415d23
d8dab29a5736d5c2b0084d720d3db02c785560071609be501541922928fdf831

HTTP Headers

GET /api/portraits/women/44.jpg HTTP/1.1
Host: randomuser.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 12:55:32 GMT
content-type: image/jpeg
content-length: 3539
last-modified: Tue, 05 Jul 2022 00:27:53 GMT
etag: "62c38589-dd3"
expires: Sat, 15 Oct 2022 00:01:11 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 44233
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=30cmcVx7wJjO7Oq3yD4kqU%2BHFWVkqtsHcnYddEYXCT1y9P1c%2FkrWanuylAM14VFiyE6LYgk%2BdL6zucZ2POcDJQJOsDr7b0xdlIIqro6fDKvtcUFrZ9ikMCsph46HWM9t"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75564fea883d0b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

randomuser.me/api/portraits/men/65.jpg

104.21.95.107

200 OK

3.3 kB

URL HTTP/2
randomuser.me/api/portraits/men/65.jpg
IP
104.21.95.107:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Size
3.3 kB (3295 bytes)
Hash
b707dddf35a0b0c6c0ada5b2b6d860b4
06e7ddc0486eda7a1f3ca35c76ebea752b9e5fa0
ba37ba21b03d91a2693745e751834250b404a7c2c6e06e33ae7cb38c0f687a4d

HTTP Headers

GET /api/portraits/men/65.jpg HTTP/1.1
Host: randomuser.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 12:55:32 GMT
content-type: image/jpeg
content-length: 3295
last-modified: Tue, 05 Jul 2022 00:27:53 GMT
etag: "62c38589-cdf"
expires: Mon, 24 Oct 2022 17:43:32 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 714196
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MgZWxijWfzVejFj2MYxtIQVWInsMgO9j5mLxLHZf0yRgoogIKVa9XKZffele4hh0FkLNkNBQk%2FYZtcexIof%2FRLrL%2Fj4aBJv%2BKKquXa7PfZgr9cZwx1nVhqi4MDVqZfr5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75564fea88340b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

randomuser.me/api/portraits/women/89.jpg

104.21.95.107

200 OK

4.4 kB

URL HTTP/2
randomuser.me/api/portraits/women/89.jpg
IP
104.21.95.107:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Size
4.4 kB (4440 bytes)
Hash
1969da0d3fda3aa29c5f883db4ce670c
733eb61b43d010cac0d4f0165d53314f3c767d6f
8d0417f0910586650f889adf5f72fb8ad336f07247cbfd9da9dd6db02546dd00

HTTP Headers

GET /api/portraits/women/89.jpg HTTP/1.1
Host: randomuser.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 12:55:32 GMT
content-type: image/jpeg
content-length: 4440
last-modified: Tue, 05 Jul 2022 00:27:53 GMT
etag: "62c38589-1158"
expires: Fri, 14 Oct 2022 23:36:31 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 714131
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L6Lt2O4BKzeYgiaxpo7ctviNdUCxPvZnF2fWo%2B2caG42eXY5m0TKhzSvykTK53k1r6Aa53h0Hu%2BMI852%2B%2B2h76Mp9O9Yk%2FSknt4lNdzysthOXy4gdCBBUlGKWwM%2BA3px"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75564fea88370b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

randomuser.me/api/portraits/women/51.jpg

104.21.95.107

200 OK

3.8 kB

URL HTTP/2
randomuser.me/api/portraits/women/51.jpg
IP
104.21.95.107:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Size
3.8 kB (3767 bytes)
Hash
a7a84d5e4d090723fe7ab59e45d387cd
7dbfe519d334d518b6f8c8e3afcafec5e758112e
ac4b943b43fea60f3a33c1069444b3e287daac2a9d435b2b58206a805b6ceb4a

HTTP Headers

GET /api/portraits/women/51.jpg HTTP/1.1
Host: randomuser.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 12:55:32 GMT
content-type: image/jpeg
content-length: 3767
last-modified: Tue, 05 Jul 2022 00:27:53 GMT
etag: "62c38589-eb7"
expires: Sat, 15 Oct 2022 00:46:53 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 194836
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=goocUL%2FaHQASkui3t%2BWx2NHsnC%2FQBZ8T2jUv1%2BgKV5ZrjKYaC%2BLmTJx120bztVVgCf4FSWhekR26IE9XgzQXhnZ8cWoVltotmzpd6n66QJSKoH1lx2ieCgI2XoKekUV0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75564fea883a0b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

randomuser.me/api/portraits/women/48.jpg

104.21.95.107

200 OK

3.8 kB

URL HTTP/2
randomuser.me/api/portraits/women/48.jpg
IP
104.21.95.107:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Size
3.8 kB (3767 bytes)
Hash
a7a84d5e4d090723fe7ab59e45d387cd
7dbfe519d334d518b6f8c8e3afcafec5e758112e
ac4b943b43fea60f3a33c1069444b3e287daac2a9d435b2b58206a805b6ceb4a

HTTP Headers

GET /api/portraits/women/48.jpg HTTP/1.1
Host: randomuser.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 12:55:32 GMT
content-type: image/jpeg
content-length: 3767
last-modified: Tue, 05 Jul 2022 00:27:53 GMT
etag: "62c38589-eb7"
expires: Sat, 15 Oct 2022 01:39:11 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 612919
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7WhGdmpAU32JfceDMyZ4nZot5lXrzYtu4HfhLnqzmyoSYyvBIBIKEpPm4A2LGeVUHt2Q%2BJXe%2Fe6%2FXyLg7LLuUDG11aJ4JEdAo8MFkYbYI86RIzrYUel5ihtXBZYGYGZi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75564fea88350b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

randomuser.me/api/portraits/women/92.jpg

104.21.95.107

200 OK

4.9 kB

URL HTTP/2
randomuser.me/api/portraits/women/92.jpg
IP
104.21.95.107:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Size
4.9 kB (4874 bytes)
Hash
aedcbd4e6540dccb40dfc5f50605cad4
f934102ba4e079a766ef171c388c570301a42707
8178de29996fce077cf1eb890438d08fcc75ce24738c9610d6dcb136c82d91b7

HTTP Headers

GET /api/portraits/women/92.jpg HTTP/1.1
Host: randomuser.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 12:55:32 GMT
content-type: image/jpeg
content-length: 4874
last-modified: Tue, 05 Jul 2022 00:27:53 GMT
etag: "62c38589-130a"
expires: Sat, 15 Oct 2022 03:00:34 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 1052363
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OJeqpbOBRzn1IeNgvx4%2BnzBLXNpL9DUPaLlSg2vtj%2BLKhxSr1bjO%2BEs%2BDoaOk6cAjvff7W5cV7IBxjVATBE%2FMNXujIM7GpO3TW78rYA%2FDw5wP4udkeA6YhlE6Ar%2BfxXf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75564fea883f0b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

randomuser.me/api/portraits/men/18.jpg

104.21.95.107

200 OK

4.3 kB

URL HTTP/2
randomuser.me/api/portraits/men/18.jpg
IP
104.21.95.107:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Size
4.3 kB (4344 bytes)
Hash
68b158d3d8866abd40c97bffc18a1305
c3c6a26666f191fc49eefbaeaebc8e9dc7c66a9f
6cff624a3918ef93fa859e2c4cdb4634ceca702242654071804da9fbf0b617bc

HTTP Headers

GET /api/portraits/men/18.jpg HTTP/1.1
Host: randomuser.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 12:55:32 GMT
content-type: image/jpeg
content-length: 4344
last-modified: Tue, 05 Jul 2022 00:27:53 GMT
etag: "62c38589-10f8"
expires: Fri, 14 Oct 2022 23:54:16 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 47668
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BqlJ1ifEm%2Bt086tk9cb3kJzugxiNgKlX1xdl7NxCe%2F46H4up4DHIelJvTamhlwgWKhEi1zYUpZNcKw6nWj%2BhnH0YzsoVjYia3A9eEfBwuRhkqdfiACQ7%2BoKNbk3FmtT%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75564fea88330b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1

104.18.20.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
2e18d262e4b128b8e5629105e4c7718b
8cf5c08ca75c2d5a6c6db193e17dfde39222093e
ec29103cf3454b1d1e3f828051bcb7d60e815217e214069cf67b8de7eccd22c2

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:55:32 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "3B931B82FA1422186CB1D45B4C8889D5926E1268"
Expires: Wed, 05 Oct 2022 23:00:00 GMT
Last-Modified: Wed, 05 Oct 2022 11:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3383
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75564feb2e790b41-OSL

connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/c.jpg

199.33.112.228

200 OK

87 kB

URL HTTP/2
connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/c.jpg
IP
199.33.112.228:0
ASN
#23498 CDSI

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x853, components 3\012- data
Size
87 kB (86725 bytes)
Hash
4920b632fc0db200f6d05baf8ffe3355
af59baa7bbf03e2175abb176eb3b52a6fbf58317
4f835b7636133a888f07f3236d4a02a5d5dd9655a6e9387e4036f31a4b13ab1f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/c.jpg HTTP/1.1
Host: connect-safely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 12:55:32 GMT
content-type: image/jpeg
last-modified: Tue, 04 Oct 2022 11:26:24 GMT
accept-ranges: bytes
content-length: 86725
date: Wed, 05 Oct 2022 12:55:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/d.jpg

199.33.112.228

200 OK

90 kB

URL HTTP/2
connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/d.jpg
IP
199.33.112.228:0
ASN
#23498 CDSI

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x532, components 3\012- data
Size
90 kB (89980 bytes)
Hash
0038285ef266797337deb476dab824f5
7b5d4712a42de5f2c5d597372a5d206bbc9ee4a4
dd853b715e3bd31f9b3507f687761d43c5a2bbc079e9c117d76dadca1731cb05

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/d.jpg HTTP/1.1
Host: connect-safely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 12:55:32 GMT
content-type: image/jpeg
last-modified: Tue, 04 Oct 2022 11:26:24 GMT
accept-ranges: bytes
content-length: 89980
date: Wed, 05 Oct 2022 12:55:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/e.jpg

199.33.112.228

200 OK

53 kB

URL HTTP/2
connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/e.jpg
IP
199.33.112.228:0
ASN
#23498 CDSI

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 811x900, components 3\012- data
Size
53 kB (52573 bytes)
Hash
1904a4d667b9042a763885969769c5ec
d70d77508a184d57f597f5423cdf241c1563c4a8
c0f9a3709397fac165ef37f3e0ca61edc8f63a8ff4c020771030f0821524e01b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/e.jpg HTTP/1.1
Host: connect-safely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 12:55:32 GMT
content-type: image/jpeg
last-modified: Tue, 04 Oct 2022 11:26:25 GMT
accept-ranges: bytes
content-length: 52573
date: Wed, 05 Oct 2022 12:55:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-solid-900.woff2

172.64.203.28

200 OK

78 kB

URL HTTP/2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-solid-900.woff2
IP
172.64.203.28:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 78168, version 331.-31196\012- data
Size
78 kB (78168 bytes)
Hash
a9fd1225fb2cd32320e2b931dca01089
44ec5c6a868b4ce62350d9f040ed8e18f7a1d128
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7

HTTP Headers

GET /releases/v5.15.4/webfonts/free-fa-solid-900.woff2 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://connect-safely.com
Connection: keep-alive
Referer: https://connect-safely.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 05 Oct 2022 12:55:32 GMT
content-type: font/woff2
content-length: 78168
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:58:24 GMT
etag: "a9fd1225fb2cd32320e2b931dca01089"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
x-cache: Hit from cloudfront
via: 1.1 cdd8daeefcf66738f6e908663e79c33e.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: m-p4EF26meVNNBCGQozNF53jUWjTH36lxJdJdMMsOKtIRxu52DM6tw==
age: 51789
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pbi0oSswf4Ri7gc4T%2F71%2Bgwxe1jH2XkWUo46G5lu%2BD0yqmlXoCcLC7lfWGl9hPwRqjM2%2FD7KiQLYTZn4aikUaOXUEaRPUjxjL3Au9hZEdTU9aDcg%2BJxuN18X4YmFFcVyt3ah9OU0Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75564febac177324-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

a0.muscache.com/airbnb/static/airbnb-dls-web/build/fonts/airmojix-Regular-368a4dfb2060306905d934709d7356f8.woff2

184.31.15.233

200 OK

22 kB

URL HTTP/2
a0.muscache.com/airbnb/static/airbnb-dls-web/build/fonts/airmojix-Regular-368a4dfb2060306905d934709d7356f8.woff2
IP
184.31.15.233:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format (Version 2), TrueType, length 21528, version 54.0\012- data
Size
22 kB (21528 bytes)
Hash
29d93a63f1e030b20b1c1cf99573c9e4
2bf3789418aeaf04af3a8d0464b10b2428f9a4e0
472e2073920d6f23e7822edd6b17483bd2afe2a5e846b797fd5ac4f8db73df1a

HTTP Headers

GET /airbnb/static/airbnb-dls-web/build/fonts/airmojix-Regular-368a4dfb2060306905d934709d7356f8.woff2 HTTP/1.1
Host: a0.muscache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://connect-safely.com
Connection: keep-alive
Referer: https://connect-safely.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: O/WHOnO0gyPbnt3pm5zGTprUB+DL06/fJmtzgq05328FxkxlbYCgWUrwdkvdC8a72lXOjW41A875JBoHXp73vw==
x-amz-request-id: 3P78DGZN2FPZZ8AK
x-amz-replication-status: COMPLETED
last-modified: Tue, 16 Aug 2022 08:17:27 GMT
etag: "29d93a63f1e030b20b1c1cf99573c9e4"
x-amz-server-side-encryption: AES256
x-amz-version-id: H98d4SxOSkk2tQuOyzwzRpdiCc5BKifW
accept-ranges: bytes
content-type: binary/octet-stream
server: AmazonS3
content-length: 21528
x-edgeconnect-cache-status: 1
cache-control: public, max-age=31536000
expires: Thu, 05 Oct 2023 12:55:32 GMT
date: Wed, 05 Oct 2022 12:55:32 GMT
alt-svc: h3=":443"; ma=93600
strict-transport-security: max-age=10886400; includeSubDomains
x-content-type-options: nosniff
accept-ch-lifetime: 2592000
accept-ch: device-memory, ect
access-control-allow-methods: GET
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/i.jpg

199.33.112.228

200 OK

54 kB

URL HTTP/2
connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/i.jpg
IP
199.33.112.228:0
ASN
#23498 CDSI

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 900x900, components 3\012- data
Size
54 kB (53551 bytes)
Hash
417fb516681578209ed8f22de5c320f5
4b6a3c5a67d3bd3e8c70351bd434100b9364c49b
785c8d749f9866cf2541376fa0dbf517d4a319c576c2bfd06d0f9d3b067487c6

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/i.jpg HTTP/1.1
Host: connect-safely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 12:55:32 GMT
content-type: image/jpeg
last-modified: Tue, 04 Oct 2022 11:26:27 GMT
accept-ranges: bytes
content-length: 53551
date: Wed, 05 Oct 2022 12:55:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/f.jpg

199.33.112.228

200 OK

101 kB

URL HTTP/2
connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/f.jpg
IP
199.33.112.228:0
ASN
#23498 CDSI

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x852, components 3\012- data
Size
101 kB (100554 bytes)
Hash
5bd450ca1fe94cd57b56570ff5d3b5fa
45315c941ff19fc427b16dfe16d8442f37acb0af
4762fc4fc28ebb32f1764265e4b1867926bba138c09ad9048f9936c5ad26c0c6

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/f.jpg HTTP/1.1
Host: connect-safely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 12:55:32 GMT
content-type: image/jpeg
last-modified: Tue, 04 Oct 2022 11:26:26 GMT
accept-ranges: bytes
content-length: 100554
date: Wed, 05 Oct 2022 12:55:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

a0.muscache.com/airbnb/static/airbnb-dls-web/build/fonts/Airbnb_Cereal-Book-9a1c9cca9bb3d65fefa2aa487617805e.woff2

184.31.15.233

200 OK

24 kB

URL HTTP/2
a0.muscache.com/airbnb/static/airbnb-dls-web/build/fonts/Airbnb_Cereal-Book-9a1c9cca9bb3d65fefa2aa487617805e.woff2
IP
184.31.15.233:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format (Version 2), TrueType, length 24304, version 1.131\012- data
Size
24 kB (24304 bytes)
Hash
e849748a22ab45f0052876d59d0b3300
6b5e1f37e62238b2f04107dc51ac97a9c3573a51
b11f01105c8b416bc49025877708638fc1955dc31d2a3fa7904d4e0b0f4ac4b4

HTTP Headers

GET /airbnb/static/airbnb-dls-web/build/fonts/Airbnb_Cereal-Book-9a1c9cca9bb3d65fefa2aa487617805e.woff2 HTTP/1.1
Host: a0.muscache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://connect-safely.com
Connection: keep-alive
Referer: https://connect-safely.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: fAr459sBttC3zlXym0X3VH71Zf8+oGEs4BZUY6YWqR98f72IYn+VCTuA08xwpojXnfK7xcQaQBg=
x-amz-request-id: ZY7A38JD4JB5V8V1
x-amz-replication-status: COMPLETED
last-modified: Sat, 03 Sep 2022 01:12:59 GMT
etag: "e849748a22ab45f0052876d59d0b3300"
x-amz-server-side-encryption: AES256
x-amz-version-id: II7dQZzXDroyjnKzUROJ2sciIjMya9hd
accept-ranges: bytes
content-type: binary/octet-stream
server: AmazonS3
content-length: 24304
x-edgeconnect-cache-status: 1
cache-control: public, max-age=31536000
expires: Thu, 05 Oct 2023 12:55:32 GMT
date: Wed, 05 Oct 2022 12:55:32 GMT
alt-svc: h3=":443"; ma=93600
strict-transport-security: max-age=10886400; includeSubDomains
x-content-type-options: nosniff
accept-ch-lifetime: 2592000
accept-ch: device-memory, ect
access-control-allow-methods: GET
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/g.jpg

199.33.112.228

200 OK

94 kB

URL HTTP/2
connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/g.jpg
IP
199.33.112.228:0
ASN
#23498 CDSI

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x853, components 3\012- data
Size
94 kB (94199 bytes)
Hash
4bc736d652caea5d09aad94fe5f779ab
b44cbfb06b19a61bb359a9605b1c123a28ae42b3
a9ea0ba7e6ae495765b5e74312f4222e513851ebab108135ec975988fb4cc558

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/g.jpg HTTP/1.1
Host: connect-safely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 12:55:32 GMT
content-type: image/jpeg
last-modified: Tue, 04 Oct 2022 11:26:26 GMT
accept-ranges: bytes
content-length: 94199
date: Wed, 05 Oct 2022 12:55:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/h.jpg

199.33.112.228

200 OK

99 kB

URL HTTP/2
connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/h.jpg
IP
199.33.112.228:0
ASN
#23498 CDSI

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x663, components 3\012- data
Size
99 kB (99400 bytes)
Hash
9f584f0fa21d63e1ca2b7bb705c595ad
f8a0236acbc7d6ceb0ae258c003d41ef03b72802
1115dd20ab2bddd5f6a9333671cae810e327d524422ae4563678e2b29f7a8499

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/h.jpg HTTP/1.1
Host: connect-safely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 12:55:32 GMT
content-type: image/jpeg
last-modified: Tue, 04 Oct 2022 11:26:27 GMT
accept-ranges: bytes
content-length: 99400
date: Wed, 05 Oct 2022 12:55:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/j.jpg

199.33.112.228

200 OK

74 kB

URL HTTP/2
connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/j.jpg
IP
199.33.112.228:0
ASN
#23498 CDSI

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 900x900, components 3\012- data
Size
74 kB (74056 bytes)
Hash
7b481aac4f546bca20a04cb9586b95e5
1af4eb4d9efe8645e0391617e263bdbd3f9a38fe
2131e32b4ff936eec18b59d18141a230a38a27008fcccea83625b78043a3d1f2

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/j.jpg HTTP/1.1
Host: connect-safely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 12:55:32 GMT
content-type: image/jpeg
last-modified: Tue, 04 Oct 2022 11:26:28 GMT
accept-ranges: bytes
content-length: 74056
date: Wed, 05 Oct 2022 12:55:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

a0.muscache.com/airbnb/static/airbnb-dls-web/build/fonts/Airbnb_Cereal-Medium-50fc004b3082375f12ff0cfb67bf8e56.woff2

184.31.15.233

200 OK

24 kB

URL HTTP/2
a0.muscache.com/airbnb/static/airbnb-dls-web/build/fonts/Airbnb_Cereal-Medium-50fc004b3082375f12ff0cfb67bf8e56.woff2
IP
184.31.15.233:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format (Version 2), TrueType, length 24072, version 1.131\012- data
Size
24 kB (24072 bytes)
Hash
aa2d47eb2546474277f786c491deb100
fc292176397077811188c0a885a6cb882b40b9e4
b06428a4009f63f0edb5c8cf89ffb84ea978a2b559cc4c14c8e7a0e130ceefc4

HTTP Headers

GET /airbnb/static/airbnb-dls-web/build/fonts/Airbnb_Cereal-Medium-50fc004b3082375f12ff0cfb67bf8e56.woff2 HTTP/1.1
Host: a0.muscache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://connect-safely.com
Connection: keep-alive
Referer: https://connect-safely.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: zJA6eqETMzo1/O7TIfcGWgsv97IsjJVKGYENEck7A1K2HlXRe+OrFeKGHyYuFzLZu92TT84gS4c=
x-amz-request-id: C9539M8ZPPFRV0PG
access-control-max-age: 0
x-amz-replication-status: COMPLETED
last-modified: Mon, 20 Jun 2022 08:03:42 GMT
etag: "aa2d47eb2546474277f786c491deb100"
x-amz-server-side-encryption: AES256
x-amz-version-id: Pui3E4QRNKHiALByA3nvzTehfKMxkdkS
accept-ranges: bytes
content-type: binary/octet-stream
server: AmazonS3
content-length: 24072
cache-control: public, max-age=31536000
expires: Thu, 05 Oct 2023 12:55:32 GMT
date: Wed, 05 Oct 2022 12:55:32 GMT
alt-svc: h3=":443"; ma=93600
strict-transport-security: max-age=10886400; includeSubDomains
x-content-type-options: nosniff
accept-ch-lifetime: 2592000
accept-ch: device-memory, ect
access-control-allow-methods: GET
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/23265.png

199.33.112.228

200 OK

24 kB

URL HTTP/2
connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/23265.png
IP
199.33.112.228:0
ASN
#23498 CDSI

File type
PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Size
24 kB (23590 bytes)
Hash
00663309c6bd26c80f140019982e5bb6
e676d8382f7a873a4f02e7f2aef9574653970da6
b9c07100e9c3aab85b931d5f16861a8b23b21e35c15b026ec8a9fbe6d4c78806

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/23265.png HTTP/1.1
Host: connect-safely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 12:55:32 GMT
content-type: image/png
last-modified: Tue, 04 Oct 2022 11:26:09 GMT
accept-ranges: bytes
content-length: 23590
date: Wed, 05 Oct 2022 12:55:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/23264.png

199.33.112.228

200 OK

25 kB

URL HTTP/2
connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/23264.png
IP
199.33.112.228:0
ASN
#23498 CDSI

File type
PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Size
25 kB (24755 bytes)
Hash
d3fcfe76e9b5d55a8102361004cbd7ef
7980b67874cc5339f52538ba00ab528822883491
d8fd506143cb9553c179ef212107e0c363b93efd1de3eac408a5b854d8c5dad8

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/23264.png HTTP/1.1
Host: connect-safely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 12:55:32 GMT
content-type: image/png
last-modified: Tue, 04 Oct 2022 11:26:06 GMT
accept-ranges: bytes
content-length: 24755
date: Wed, 05 Oct 2022 12:55:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/23265(1).png

199.33.112.228

200 OK

28 kB

URL HTTP/2
connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/23265(1).png
IP
199.33.112.228:0
ASN
#23498 CDSI

File type
PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Size
28 kB (28525 bytes)
Hash
7fd023c8fe4248179d84a4b6546be197
300ac545dab0f000b30a76fdfdf13892fdd5411a
e8ed26317352c3b0c99ed683d122352b0ed65cb16deafd237d03378b56015382

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/23265(1).png HTTP/1.1
Host: connect-safely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 12:55:32 GMT
content-type: image/png
last-modified: Tue, 04 Oct 2022 11:26:06 GMT
accept-ranges: bytes
content-length: 28525
date: Wed, 05 Oct 2022 12:55:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/23265(2).png

199.33.112.228

200 OK

28 kB

URL HTTP/2
connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/23265(2).png
IP
199.33.112.228:0
ASN
#23498 CDSI

File type
PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Size
28 kB (28541 bytes)
Hash
c95d6514b19bb3966c52f0f81cd5075e
739f5d8308254a4d8d765e30052e6e5d63783039
e064b571ad00672b1286e34ad3126c65b26e990cd5cae485f3535a10b4a76886

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/23265(2).png HTTP/1.1
Host: connect-safely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 12:55:32 GMT
content-type: image/png
last-modified: Tue, 04 Oct 2022 11:26:08 GMT
accept-ranges: bytes
content-length: 28541
date: Wed, 05 Oct 2022 12:55:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/23266.png

199.33.112.228

200 OK

26 kB

URL HTTP/2
connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/23266.png
IP
199.33.112.228:0
ASN
#23498 CDSI

File type
PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Size
26 kB (26093 bytes)
Hash
4967d05f3ed416f5455ea104e99afdb4
85c028b9475548b07c1898933fb1151fd2267146
2e37779bb05e47ede457ac89e3133c12f008a2ae2a652baa729ff6b0246acb08

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/23266.png HTTP/1.1
Host: connect-safely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 12:55:32 GMT
content-type: image/png
last-modified: Tue, 04 Oct 2022 11:26:15 GMT
accept-ranges: bytes
content-length: 26093
date: Wed, 05 Oct 2022 12:55:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/23264(1).png

199.33.112.228

200 OK

30 kB

URL HTTP/2
connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/23264(1).png
IP
199.33.112.228:0
ASN
#23498 CDSI

File type
PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Size
30 kB (30015 bytes)
Hash
bccf616531e3079a9db9a3258c4f1c05
d964006a96f9575c0b37aac403fd00dd5a9ba094
ad3eec30281be1a1a2f1a0116f422ae71017615fcbe976ece4194495106d27f0

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/23264(1).png HTTP/1.1
Host: connect-safely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 12:55:32 GMT
content-type: image/png
last-modified: Tue, 04 Oct 2022 11:26:02 GMT
accept-ranges: bytes
content-length: 30015
date: Wed, 05 Oct 2022 12:55:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/k.jpg

199.33.112.228

200 OK

81 kB

URL HTTP/2
connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/k.jpg
IP
199.33.112.228:0
ASN
#23498 CDSI

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1200x900, components 3\012- data
Size
81 kB (81095 bytes)
Hash
e90d95ee854d58447c66211420c72ea2
c25a22e164984dc64b414f7868dc86fd00355afb
acf655d9fd4b27fc857c23d08f898c377ab9dc65f06eebaa8077326d0c4398c4

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/k.jpg HTTP/1.1
Host: connect-safely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 12:55:32 GMT
content-type: image/jpeg
last-modified: Tue, 04 Oct 2022 11:26:29 GMT
accept-ranges: bytes
content-length: 81095
date: Wed, 05 Oct 2022 12:55:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/yolanda.jpg

199.33.112.228

200 OK

76 kB

URL HTTP/2
connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/yolanda.jpg
IP
199.33.112.228:0
ASN
#23498 CDSI

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 720x720, components 3\012- data
Size
76 kB (76453 bytes)
Hash
d5cfb3af85f3a5bb9e073a9a221bef4d
8040a8f7f4307200750e24f13a349bc5b1c47431
eb8a0c420c6754d534d844ef4eb4a951db385a93feeea174f6ba3a2500de5589

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/yolanda.jpg HTTP/1.1
Host: connect-safely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 12:55:32 GMT
content-type: image/jpeg
last-modified: Tue, 04 Oct 2022 11:26:44 GMT
accept-ranges: bytes
content-length: 76453
date: Wed, 05 Oct 2022 12:55:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/23264(2).png

199.33.112.228

200 OK

25 kB

URL HTTP/2
connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/23264(2).png
IP
199.33.112.228:0
ASN
#23498 CDSI

File type
PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Size
25 kB (25033 bytes)
Hash
40edfc844cc9b30822aa9b5537577544
88877e581f9251dfcba42d57af91ce6e3fd3721c
68b78b33b09aa713f607a83697e357ec905c326c4e5394f157802b201550f9bb

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/23264(2).png HTTP/1.1
Host: connect-safely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 12:55:32 GMT
content-type: image/png
last-modified: Tue, 04 Oct 2022 11:26:02 GMT
accept-ranges: bytes
content-length: 25033
date: Wed, 05 Oct 2022 12:55:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/23266(1).png

199.33.112.228

200 OK

28 kB

URL HTTP/2
connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/23266(1).png
IP
199.33.112.228:0
ASN
#23498 CDSI

File type
PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Size
28 kB (27886 bytes)
Hash
de4256b5d8f4af189cb502f11253b9d5
27190de501c274a11e9d0d239ec8e0db0725eefd
8c7c26cc4a3a2b8cc69bb3459aa01dfea35a4c4a6e1eafc8c665bc59af927f5a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/23266(1).png HTTP/1.1
Host: connect-safely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 12:55:32 GMT
content-type: image/png
last-modified: Tue, 04 Oct 2022 11:26:10 GMT
accept-ranges: bytes
content-length: 27886
date: Wed, 05 Oct 2022 12:55:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/23266(2).png

199.33.112.228

200 OK

25 kB

URL HTTP/2
connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/23266(2).png
IP
199.33.112.228:0
ASN
#23498 CDSI

File type
PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Size
25 kB (25017 bytes)
Hash
3fb4cc45d93584d068f0a79366aa093a
f8568df8300b8e6d8013aca7c30e33c2cd16c4fb
600b6781d90c2ee64721aaf540f9a05b6267f575080ec835ce4d18e07eda723a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/23266(2).png HTTP/1.1
Host: connect-safely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 12:55:32 GMT
content-type: image/png
last-modified: Tue, 04 Oct 2022 11:26:10 GMT
accept-ranges: bytes
content-length: 25017
date: Wed, 05 Oct 2022 12:55:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/23265(3).png

199.33.112.228

200 OK

31 kB

URL HTTP/2
connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/23265(3).png
IP
199.33.112.228:0
ASN
#23498 CDSI

File type
PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Size
31 kB (30979 bytes)
Hash
e9a3bc2c2988ba237d95ae6df7c06ee4
83b141eb9003f764367247c97339c562b7e92cbc
75e249955446d59a666bc43fa37a81291bfdf31879af3c2fa82d59c575603b3b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/23265(3).png HTTP/1.1
Host: connect-safely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 12:55:32 GMT
content-type: image/png
last-modified: Tue, 04 Oct 2022 11:26:08 GMT
accept-ranges: bytes
content-length: 30979
date: Wed, 05 Oct 2022 12:55:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/23265(4).png

199.33.112.228

200 OK

30 kB

URL HTTP/2
connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/23265(4).png
IP
199.33.112.228:0
ASN
#23498 CDSI

File type
PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Size
30 kB (29557 bytes)
Hash
f9786ede85219072a194d29d6a4fe338
d70a9ed844b83aa8c867b57e765133cbba6e684c
dd3171b7e5816e306977363852ca11e89c522e65b47560cd3aef352d0170bd9a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/23265(4).png HTTP/1.1
Host: connect-safely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 12:55:32 GMT
content-type: image/png
last-modified: Tue, 04 Oct 2022 11:26:09 GMT
accept-ranges: bytes
content-length: 29557
date: Wed, 05 Oct 2022 12:55:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/23264(3).png

199.33.112.228

200 OK

35 kB

URL HTTP/2
connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/23264(3).png
IP
199.33.112.228:0
ASN
#23498 CDSI

File type
PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Size
35 kB (35383 bytes)
Hash
4c41813170d6b480b7837cea08b9ae0a
91ccd8f486b1a86e491eb32d17e16be5ee2af13b
d6e639024ef8b12998b67083051b4f01fc5cecae852f3563c0ffefa9d4d89177

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/23264(3).png HTTP/1.1
Host: connect-safely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 12:55:32 GMT
content-type: image/png
last-modified: Tue, 04 Oct 2022 11:26:04 GMT
accept-ranges: bytes
content-length: 35383
date: Wed, 05 Oct 2022 12:55:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/23264(4).png

199.33.112.228

200 OK

24 kB

URL HTTP/2
connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/23264(4).png
IP
199.33.112.228:0
ASN
#23498 CDSI

File type
PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Size
24 kB (24223 bytes)
Hash
2671b29a4a7621b738cbc6397a1ae4f9
65d608b26036d8fa1890fb917a35d77b962148d0
a4b18287c8084a6c56c3d1dd32f3e4bd8de6912e7d3e2b2d5ff23197816a7086

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/23264(4).png HTTP/1.1
Host: connect-safely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 12:55:32 GMT
content-type: image/png
last-modified: Tue, 04 Oct 2022 11:26:05 GMT
accept-ranges: bytes
content-length: 24223
date: Wed, 05 Oct 2022 12:55:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/23266(3).png

199.33.112.228

200 OK

27 kB

URL HTTP/2
connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/23266(3).png
IP
199.33.112.228:0
ASN
#23498 CDSI

File type
PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Size
27 kB (27443 bytes)
Hash
2355458fb000bf592941c73d9f85de8e
48ad13e87702df28418d1a10af4273b60637bd30
f600392a05be450fc26d4e33798a7c6dc73e6f489bc5e1fbbe70583a8d2397db

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/23266(3).png HTTP/1.1
Host: connect-safely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 12:55:32 GMT
content-type: image/png
last-modified: Tue, 04 Oct 2022 11:26:13 GMT
accept-ranges: bytes
content-length: 27443
date: Wed, 05 Oct 2022 12:55:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/23266(4).png

199.33.112.228

200 OK

32 kB

URL HTTP/2
connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/23266(4).png
IP
199.33.112.228:0
ASN
#23498 CDSI

File type
PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Size
32 kB (32220 bytes)
Hash
a9d6ce7ed7e63e063042665555d1b0ba
e5d1974be6bb2eec4fbb8630c869b459e5a53cea
987561b3545a72ded2e3492f34e52236cb5db9d35e3410fbba1a04d26fe88177

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/23266(4).png HTTP/1.1
Host: connect-safely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 12:55:32 GMT
content-type: image/png
last-modified: Tue, 04 Oct 2022 11:26:13 GMT
accept-ranges: bytes
content-length: 32220
date: Wed, 05 Oct 2022 12:55:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/leaflet.css

199.33.112.228

200 OK

2.2 kB

URL HTTP/2
connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/leaflet.css
IP
199.33.112.228:0
ASN
#23498 CDSI

File type
ASCII text
Size
2.2 kB (2217 bytes)
Hash
6dd1eed97e489d9995061f99e121edc4
a4e186984cdc9e3e37571fbee0334fc6fecd3c1a
66fc5db5086a51c16973e2d237b029b25223763ae14c1103bb6040fb79196244

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/leaflet.css HTTP/1.1
Host: connect-safely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 12:55:32 GMT
content-type: text/css
last-modified: Tue, 04 Oct 2022 11:26:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2217
date: Wed, 05 Oct 2022 12:55:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

push.services.mozilla.com/

54.69.181.45

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.69.181.45:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: OeI5ZkHTjYtPsTLBIGDnRw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: bz+6ZR4/OMtK6SjnNek4SR/1J4g=

connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/leaflet.js.download

199.33.112.228

200 OK

126 kB

URL HTTP/2
connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/leaflet.js.download
IP
199.33.112.228:0
ASN
#23498 CDSI

File type
ASCII text, with very long lines (32022)
Size
126 kB (125709 bytes)
Hash
591bc0cd60365b546d23fd1b85e584fa
23cdfb032b2bf0ef283d10bca361cc890442522a
6917811f3223a0cccaae9d07e179f15c89b49b0b8d1bf17ed34a4a0e216e2f12

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/leaflet.js.download HTTP/1.1
Host: connect-safely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/octet-stream
last-modified: Tue, 04 Oct 2022 11:26:31 GMT
accept-ranges: bytes
content-length: 125709
date: Wed, 05 Oct 2022 12:55:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

connect-safely.com/airbnb/static/airbnb-dls-web/build/fonts/Airbnb_Cereal-Book-9a1c9cca9bb3d65fefa2aa487617805e.woff2

199.33.112.228

404 Not Found

1.2 kB

URL HTTP/2
connect-safely.com/airbnb/static/airbnb-dls-web/build/fonts/Airbnb_Cereal-Book-9a1c9cca9bb3d65fefa2aa487617805e.woff2
IP
199.33.112.228:0
ASN
#23498 CDSI

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /airbnb/static/airbnb-dls-web/build/fonts/Airbnb_Cereal-Book-9a1c9cca9bb3d65fefa2aa487617805e.woff2 HTTP/1.1
Host: connect-safely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Wed, 05 Oct 2022 12:55:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

a0.muscache.com/airbnb/static/airbnb-dls-web/build/fonts/Airbnb_Cereal-Bold-bdfb98485e7836ba31b456f65cded088.woff2

184.31.15.233

200 OK

24 kB

URL HTTP/2
a0.muscache.com/airbnb/static/airbnb-dls-web/build/fonts/Airbnb_Cereal-Bold-bdfb98485e7836ba31b456f65cded088.woff2
IP
184.31.15.233:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format (Version 2), TrueType, length 23880, version 1.131\012- data
Size
24 kB (23880 bytes)
Hash
b422e783c9b85cdee883ec8923ac12e3
fa541ade7e974f8f249d490f9d501f5160ca6335
b848d7113c5d21f463bd7b248115b78ae386d1628459bfcdb154f82f083bfc97

HTTP Headers

GET /airbnb/static/airbnb-dls-web/build/fonts/Airbnb_Cereal-Bold-bdfb98485e7836ba31b456f65cded088.woff2 HTTP/1.1
Host: a0.muscache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://connect-safely.com
Connection: keep-alive
Referer: https://connect-safely.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: kv87ar1x/YQlHJtkZUOUyqmNfGW3YfC/9RVQe++wEyF7RYPjU9U+OdymugT/AGfsYB0vG0SqPtI=
x-amz-request-id: NB2S1F2ZWCVYVSTX
access-control-max-age: 0
x-amz-replication-status: COMPLETED
last-modified: Fri, 24 Jun 2022 23:53:13 GMT
etag: "b422e783c9b85cdee883ec8923ac12e3"
x-amz-server-side-encryption: AES256
x-amz-version-id: Iq1ng7HLdWQ0HY2pOeDo4X6wrQmvEXFk
accept-ranges: bytes
content-type: binary/octet-stream
server: AmazonS3
content-length: 23880
cache-control: public, max-age=31536000
expires: Thu, 05 Oct 2023 12:55:32 GMT
date: Wed, 05 Oct 2022 12:55:32 GMT
alt-svc: h3=":443"; ma=93600
strict-transport-security: max-age=10886400; includeSubDomains
x-content-type-options: nosniff
accept-ch-lifetime: 2592000
accept-ch: device-memory, ect
access-control-allow-methods: GET
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2

b.tile.openstreetmap.org/16/33881/23264.png

151.101.85.91

200 OK

36 kB

URL HTTP/2
b.tile.openstreetmap.org/16/33881/23264.png
IP
151.101.85.91:0
ASN
#54113 FASTLY

File type
PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Size
36 kB (35654 bytes)
Hash
adc4874827dd5efdb92367579716e72f
fecef0cce0ef28d43a1ec54ef7b5101de7556da6
170263bf304f1bdee60c6d1e8d1426b447bbebb919e065e5156f8081e06a41ef

HTTP Headers

GET /16/33881/23264.png HTTP/1.1
Host: b.tile.openstreetmap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Apache/2.4.54 (Ubuntu)
strict-transport-security: max-age=31536000; includeSubDomains; preload
expect-ct: max-age=0
etag: "adc4874827dd5efdb92367579716e72f"
cache-control: max-age=16479, stale-while-revalidate=604800, stale-if-error=604800
expires: Wed, 05 Oct 2022 02:21:51 GMT
access-control-allow-origin: *
x-tilerender: culebre.openstreetmap.org
content-type: image/png
accept-ranges: bytes
date: Wed, 05 Oct 2022 12:55:32 GMT
via: 1.1 varnish
age: 27691
x-served-by: cache-bma1657-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1664974533.789821,VS0,VE2
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 35654
X-Firefox-Spdy: h2

b.tile.openstreetmap.org/16/33885/23266.png

151.101.85.91

200 OK

34 kB

URL HTTP/2
b.tile.openstreetmap.org/16/33885/23266.png
IP
151.101.85.91:0
ASN
#54113 FASTLY

File type
PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Size
34 kB (34175 bytes)
Hash
631f810e36b87449b8087ea8adeda898
cd175b9bc6719dab60f354c07b13caa26cf8bac1
e61a2f24dea6412f5c96315df89eae8cd528a05b2d579379e2cf3aec7d9e5f44

HTTP Headers

GET /16/33885/23266.png HTTP/1.1
Host: b.tile.openstreetmap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Apache/2.4.54 (Ubuntu)
strict-transport-security: max-age=31536000; includeSubDomains; preload
expect-ct: max-age=0
etag: "631f810e36b87449b8087ea8adeda898"
cache-control: max-age=11364, stale-while-revalidate=604800, stale-if-error=604800
expires: Wed, 05 Oct 2022 00:56:36 GMT
access-control-allow-origin: *
x-tilerender: culebre.openstreetmap.org
content-type: image/png
accept-ranges: bytes
date: Wed, 05 Oct 2022 12:55:32 GMT
via: 1.1 varnish
age: 27691
x-served-by: cache-bma1657-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1664974533.793007,VS0,VE1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 34175
X-Firefox-Spdy: h2

a.tile.openstreetmap.org/16/33885/23265.png

151.101.85.91

200 OK

30 kB

URL HTTP/2
a.tile.openstreetmap.org/16/33885/23265.png
IP
151.101.85.91:0
ASN
#54113 FASTLY

File type
PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Size
30 kB (30305 bytes)
Hash
06278634ba0a58079fac3d35014ac0af
ba8636474caf68798d8a3f3633873cf40501b014
df20c107df32783dd8c667e9ec326d0a2913c58a8f76dec09dc6a03f109e4997

HTTP Headers

GET /16/33885/23265.png HTTP/1.1
Host: a.tile.openstreetmap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Apache/2.4.54 (Ubuntu)
strict-transport-security: max-age=31536000; includeSubDomains; preload
expect-ct: max-age=0
etag: "06278634ba0a58079fac3d35014ac0af"
cache-control: max-age=20609, stale-while-revalidate=604800, stale-if-error=604800
expires: Wed, 05 Oct 2022 06:21:49 GMT
access-control-allow-origin: *
x-tilerender: culebre.openstreetmap.org
content-type: image/png
accept-ranges: bytes
date: Wed, 05 Oct 2022 12:55:32 GMT
via: 1.1 varnish
age: 44232
x-served-by: cache-bma1682-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1664974533.801581,VS0,VE1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30305
X-Firefox-Spdy: h2

a.tile.openstreetmap.org/16/33881/23266.png

151.101.85.91

200 OK

28 kB

URL HTTP/2
a.tile.openstreetmap.org/16/33881/23266.png
IP
151.101.85.91:0
ASN
#54113 FASTLY

File type
PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Size
28 kB (27728 bytes)
Hash
d748cb617c86d7c07c933225ec6c2ee5
c68d256595be2d7cd34722c501c397a6132e4fbd
a2147087108e511b81c5e5d189ff64889692a87024d3fb2d4b0ac16891389b81

HTTP Headers

GET /16/33881/23266.png HTTP/1.1
Host: a.tile.openstreetmap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Apache/2.4.54 (Ubuntu)
strict-transport-security: max-age=31536000; includeSubDomains; preload
expect-ct: max-age=0
etag: "d748cb617c86d7c07c933225ec6c2ee5"
cache-control: max-age=12503, stale-while-revalidate=604800, stale-if-error=604800
expires: Wed, 05 Oct 2022 03:33:19 GMT
access-control-allow-origin: *
x-tilerender: culebre.openstreetmap.org
content-type: image/png
accept-ranges: bytes
date: Wed, 05 Oct 2022 12:55:32 GMT
via: 1.1 varnish
age: 27691
x-served-by: cache-bma1682-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1664974533.809691,VS0,VE2
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 27728
X-Firefox-Spdy: h2

b.tile.openstreetmap.org/16/33884/23264.png

151.101.85.91

200 OK

26 kB

URL HTTP/2
b.tile.openstreetmap.org/16/33884/23264.png
IP
151.101.85.91:0
ASN
#54113 FASTLY

File type
PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Size
26 kB (25562 bytes)
Hash
0016fad0388ae57e5f1e4581f9951395
beb8a16dcffc9bee4824b83d6629169503165728
02760bf104290ea94578dd4a1ae6c51f0b18d120ce9bdb0b44a03546c8063091

HTTP Headers

GET /16/33884/23264.png HTTP/1.1
Host: b.tile.openstreetmap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Apache/2.4.54 (Ubuntu)
strict-transport-security: max-age=31536000; includeSubDomains; preload
expect-ct: max-age=0
etag: "0016fad0388ae57e5f1e4581f9951395"
cache-control: max-age=12310, stale-while-revalidate=604800, stale-if-error=604800
expires: Tue, 04 Oct 2022 16:45:43 GMT
access-control-allow-origin: *
x-tilerender: culebre.openstreetmap.org
content-type: image/png
accept-ranges: bytes
date: Wed, 05 Oct 2022 12:55:32 GMT
via: 1.1 varnish
age: 27691
x-served-by: cache-bma1657-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1664974533.797144,VS0,VE1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25562
X-Firefox-Spdy: h2

b.tile.openstreetmap.org/16/33882/23266.png

151.101.85.91

200 OK

29 kB

URL HTTP/2
b.tile.openstreetmap.org/16/33882/23266.png
IP
151.101.85.91:0
ASN
#54113 FASTLY

File type
PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Size
29 kB (28642 bytes)
Hash
16511d741a7573b9397e19ff51a22429
afb4aba0615b688f6681d865329b247067c14a81
892d05a4ac1e1f782b1309163ed196fb7770e2b477fc2d86be7dbe83d9315bb8

HTTP Headers

GET /16/33882/23266.png HTTP/1.1
Host: b.tile.openstreetmap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Apache/2.4.54 (Ubuntu)
strict-transport-security: max-age=31536000; includeSubDomains; preload
expect-ct: max-age=0
etag: "16511d741a7573b9397e19ff51a22429"
cache-control: max-age=16117, stale-while-revalidate=604800, stale-if-error=604800
expires: Wed, 05 Oct 2022 02:15:49 GMT
access-control-allow-origin: *
x-tilerender: culebre.openstreetmap.org
content-type: image/png
accept-ranges: bytes
date: Wed, 05 Oct 2022 12:55:32 GMT
via: 1.1 varnish
age: 27691
x-served-by: cache-bma1657-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1664974533.796563,VS0,VE7
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 28642
X-Firefox-Spdy: h2

c.tile.openstreetmap.org/16/33885/23264.png

151.101.85.91

200 OK

25 kB

URL HTTP/2
c.tile.openstreetmap.org/16/33885/23264.png
IP
151.101.85.91:0
ASN
#54113 FASTLY

File type
PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Size
25 kB (25182 bytes)
Hash
2b838c7b2934fd5695a1e4a1c9896068
8a8ff5c233e18b1995982053eb0ae94977b8a044
916b74589a52ba642f4fdea98db76a7711c1e9f92f57b1e61c17a4bf804bf839

HTTP Headers

GET /16/33885/23264.png HTTP/1.1
Host: c.tile.openstreetmap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Apache/2.4.54 (Ubuntu)
strict-transport-security: max-age=31536000; includeSubDomains; preload
expect-ct: max-age=0
etag: "2b838c7b2934fd5695a1e4a1c9896068"
cache-control: max-age=8191, stale-while-revalidate=604800, stale-if-error=604800
expires: Tue, 04 Oct 2022 15:37:06 GMT
access-control-allow-origin: *
x-tilerender: culebre.openstreetmap.org
content-type: image/png
accept-ranges: bytes
date: Wed, 05 Oct 2022 12:55:32 GMT
via: 1.1 varnish
age: 27691
x-served-by: cache-bma1657-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1664974533.818949,VS0,VE1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25182
X-Firefox-Spdy: h2

a.tile.openstreetmap.org/16/33884/23266.png

151.101.85.91

200 OK

26 kB

URL HTTP/2
a.tile.openstreetmap.org/16/33884/23266.png
IP
151.101.85.91:0
ASN
#54113 FASTLY

File type
PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Size
26 kB (25507 bytes)
Hash
8fde5c24801343e71e7f8083ad100486
93f4c220d9134afa4b1d4fd0ca2389dcd455649b
3c7660dace0c0e349cbfe1bb1372c8c1c65c5b8838d99c30ee314a4266fe67d2

HTTP Headers

GET /16/33884/23266.png HTTP/1.1
Host: a.tile.openstreetmap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Apache/2.4.54 (Ubuntu)
strict-transport-security: max-age=31536000; includeSubDomains; preload
expect-ct: max-age=0
etag: "8fde5c24801343e71e7f8083ad100486"
cache-control: max-age=18594, stale-while-revalidate=604800, stale-if-error=604800
expires: Wed, 05 Oct 2022 02:57:06 GMT
access-control-allow-origin: *
x-tilerender: culebre.openstreetmap.org
content-type: image/png
accept-ranges: bytes
date: Wed, 05 Oct 2022 12:55:32 GMT
via: 1.1 varnish
age: 27691
x-served-by: cache-bma1682-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1664974533.813407,VS0,VE1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25507
X-Firefox-Spdy: h2

c.tile.openstreetmap.org/16/33881/23265.png

151.101.85.91

200 OK

32 kB

URL HTTP/2
c.tile.openstreetmap.org/16/33881/23265.png
IP
151.101.85.91:0
ASN
#54113 FASTLY

File type
PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Size
32 kB (31767 bytes)
Hash
8b23d0d17673d399ebdde9bf9522244f
390802f55eeb1a1ccac3696794e950426efb42c9
cdc28eb271e584fb90b94b2dfc818bda6a4d2629f9ff531ff9325444cc76b4e0

HTTP Headers

GET /16/33881/23265.png HTTP/1.1
Host: c.tile.openstreetmap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Apache/2.4.54 (Ubuntu)
strict-transport-security: max-age=31536000; includeSubDomains; preload
expect-ct: max-age=0
etag: "8b23d0d17673d399ebdde9bf9522244f"
cache-control: max-age=12598, stale-while-revalidate=604800, stale-if-error=604800
expires: Wed, 05 Oct 2022 01:17:10 GMT
access-control-allow-origin: *
x-tilerender: culebre.openstreetmap.org
content-type: image/png
accept-ranges: bytes
date: Wed, 05 Oct 2022 12:55:32 GMT
via: 1.1 varnish
age: 27691
x-served-by: cache-bma1657-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1664974533.819468,VS0,VE1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 31767
X-Firefox-Spdy: h2

a.tile.openstreetmap.org/16/33883/23264.png

151.101.85.91

200 OK

25 kB

URL HTTP/2
a.tile.openstreetmap.org/16/33883/23264.png
IP
151.101.85.91:0
ASN
#54113 FASTLY

File type
PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Size
25 kB (24962 bytes)
Hash
42fad045a61617978415792e679dec34
9f2307220200d1342ebed4bf8f6b29aff5d28344
f187b5dc07a39fda7ee78d83e83b3e109d3b01e307bfcc1d004c2fe9adc8690f

HTTP Headers

GET /16/33883/23264.png HTTP/1.1
Host: a.tile.openstreetmap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Apache/2.4.54 (Ubuntu)
strict-transport-security: max-age=31536000; includeSubDomains; preload
expect-ct: max-age=0
etag: "42fad045a61617978415792e679dec34"
cache-control: max-age=14252, stale-while-revalidate=604800, stale-if-error=604800
expires: Wed, 05 Oct 2022 01:44:44 GMT
access-control-allow-origin: *
x-tilerender: culebre.openstreetmap.org
content-type: image/png
accept-ranges: bytes
date: Wed, 05 Oct 2022 12:55:32 GMT
via: 1.1 varnish
age: 27691
x-served-by: cache-bma1682-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1664974533.814058,VS0,VE1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 24962
X-Firefox-Spdy: h2

b.tile.openstreetmap.org/16/33883/23265.png

151.101.85.91

200 OK

24 kB

URL HTTP/2
b.tile.openstreetmap.org/16/33883/23265.png
IP
151.101.85.91:0
ASN
#54113 FASTLY

File type
PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Size
24 kB (23648 bytes)
Hash
8d32f756ea10160a2237be8be64d0d3e
24e6065841f7b053b5299a3634a07f5f88a56575
da6224eb5d45594455554d3784e65bf29e421a13ca75a16e8b49ac61c17725e5

HTTP Headers

GET /16/33883/23265.png HTTP/1.1
Host: b.tile.openstreetmap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Apache/2.4.54 (Ubuntu)
strict-transport-security: max-age=31536000; includeSubDomains; preload
expect-ct: max-age=0
etag: "8d32f756ea10160a2237be8be64d0d3e"
cache-control: max-age=12518, stale-while-revalidate=604800, stale-if-error=604800
expires: Wed, 05 Oct 2022 04:06:58 GMT
access-control-allow-origin: *
x-tilerender: culebre.openstreetmap.org
content-type: image/png
accept-ranges: bytes
date: Wed, 05 Oct 2022 12:55:32 GMT
via: 1.1 varnish
age: 27691
x-served-by: cache-bma1657-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1664974533.818428,VS0,VE2
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23648
X-Firefox-Spdy: h2

a.tile.openstreetmap.org/16/33882/23265.png

151.101.85.91

200 OK

29 kB

URL HTTP/2
a.tile.openstreetmap.org/16/33882/23265.png
IP
151.101.85.91:0
ASN
#54113 FASTLY

File type
PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Size
29 kB (29112 bytes)
Hash
e6d473e88bf87fa56e5afc6be3c18a33
879f6db0aedd3345dae6d80cfa9861ee9451c5a1
351c8c6a5356db02db2e8a9eb5ab93002b87abe699546d6af081bfc8735c3473

HTTP Headers

GET /16/33882/23265.png HTTP/1.1
Host: a.tile.openstreetmap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Apache/2.4.54 (Ubuntu)
strict-transport-security: max-age=31536000; includeSubDomains; preload
expect-ct: max-age=0
etag: "e6d473e88bf87fa56e5afc6be3c18a33"
cache-control: max-age=15695, stale-while-revalidate=604800, stale-if-error=604800
expires: Wed, 05 Oct 2022 02:08:47 GMT
access-control-allow-origin: *
x-tilerender: culebre.openstreetmap.org
content-type: image/png
accept-ranges: bytes
date: Wed, 05 Oct 2022 12:55:32 GMT
via: 1.1 varnish
age: 27691
x-served-by: cache-bma1682-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1664974533.830394,VS0,VE1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 29112
X-Firefox-Spdy: h2

c.tile.openstreetmap.org/16/33884/23265.png

151.101.85.91

200 OK

29 kB

URL HTTP/2
c.tile.openstreetmap.org/16/33884/23265.png
IP
151.101.85.91:0
ASN
#54113 FASTLY

File type
PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Size
29 kB (29312 bytes)
Hash
dcda08f13dc9dcd8675f00a9b4d21c0b
c1d1cea32d9da31285f7a946b21115f85d7816f1
ce2f0ebc16b3a0c141868d2e66de8e3186beefa2d46b591660290875ac7f961b

HTTP Headers

GET /16/33884/23265.png HTTP/1.1
Host: c.tile.openstreetmap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Apache/2.4.54 (Ubuntu)
strict-transport-security: max-age=31536000; includeSubDomains; preload
expect-ct: max-age=0
etag: "dcda08f13dc9dcd8675f00a9b4d21c0b"
cache-control: max-age=11120, stale-while-revalidate=604800, stale-if-error=604800
expires: Tue, 04 Oct 2022 16:25:55 GMT
access-control-allow-origin: *
x-tilerender: culebre.openstreetmap.org
content-type: image/png
accept-ranges: bytes
date: Wed, 05 Oct 2022 12:55:32 GMT
via: 1.1 varnish
age: 27691
x-served-by: cache-bma1657-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1664974533.821848,VS0,VE1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 29312
X-Firefox-Spdy: h2

c.tile.openstreetmap.org/16/33883/23266.png

151.101.85.91

200 OK

26 kB

URL HTTP/2
c.tile.openstreetmap.org/16/33883/23266.png
IP
151.101.85.91:0
ASN
#54113 FASTLY

File type
PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Size
26 kB (26543 bytes)
Hash
09341dc4392cf520ffed019b12b18df4
d119a04a0b4692ea16a77f415463e2032b92a0eb
21a25d809a3f733a623fda10feb43d27113c4152308b3c1b4d328d94f3cb4a67

HTTP Headers

GET /16/33883/23266.png HTTP/1.1
Host: c.tile.openstreetmap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Apache/2.4.54 (Ubuntu)
strict-transport-security: max-age=31536000; includeSubDomains; preload
expect-ct: max-age=0
etag: "09341dc4392cf520ffed019b12b18df4"
cache-control: max-age=13307, stale-while-revalidate=604800, stale-if-error=604800
expires: Wed, 05 Oct 2022 01:28:59 GMT
access-control-allow-origin: *
x-tilerender: culebre.openstreetmap.org
content-type: image/png
accept-ranges: bytes
date: Wed, 05 Oct 2022 12:55:32 GMT
via: 1.1 varnish
age: 27691
x-served-by: cache-bma1657-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1664974533.827516,VS0,VE1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26543
X-Firefox-Spdy: h2

c.tile.openstreetmap.org/16/33882/23264.png

151.101.85.91

200 OK

30 kB

URL HTTP/2
c.tile.openstreetmap.org/16/33882/23264.png
IP
151.101.85.91:0
ASN
#54113 FASTLY

File type
PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Size
30 kB (30189 bytes)
Hash
f303e31c003fd4ba001815f69bb39af9
817713d261797b0b0854ee90be172a8ec68cef5b
4dce7650e95b58e8a1adeb3cf5bc59d685b75e7006d5afe1085f9be840277b62

HTTP Headers

GET /16/33882/23264.png HTTP/1.1
Host: c.tile.openstreetmap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Apache/2.4.54 (Ubuntu)
strict-transport-security: max-age=31536000; includeSubDomains; preload
expect-ct: max-age=0
etag: "f303e31c003fd4ba001815f69bb39af9"
cache-control: max-age=12730, stale-while-revalidate=604800, stale-if-error=604800
expires: Wed, 05 Oct 2022 01:19:22 GMT
access-control-allow-origin: *
x-tilerender: culebre.openstreetmap.org
content-type: image/png
accept-ranges: bytes
date: Wed, 05 Oct 2022 12:55:32 GMT
via: 1.1 varnish
age: 27691
x-served-by: cache-bma1657-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1664974533.827632,VS0,VE2
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30189
X-Firefox-Spdy: h2

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3

104.18.20.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
2f06315c07b430603c2eab5216241069
16f3c97637ce59df3c3ac3a9c4c4341b11e76cf6
a02fdf2bcab61aec07406cecd0477bd6a3327dd294a01fb701dedb83d83111d8

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q3 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:55:32 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "66D30BB1C7D3E83D2FA82488DF30E86AD302FE31"
Expires: Wed, 05 Oct 2022 23:00:00 GMT
Last-Modified: Wed, 05 Oct 2022 11:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3288
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75564fee49e10b41-OSL

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3

104.18.20.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
2f06315c07b430603c2eab5216241069
16f3c97637ce59df3c3ac3a9c4c4341b11e76cf6
a02fdf2bcab61aec07406cecd0477bd6a3327dd294a01fb701dedb83d83111d8

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q3 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:55:32 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "66D30BB1C7D3E83D2FA82488DF30E86AD302FE31"
Expires: Wed, 05 Oct 2022 23:00:00 GMT
Last-Modified: Wed, 05 Oct 2022 11:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3288
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75564fee5896b524-OSL

ik.imagekit.io/buudphu9p36/pic3827_E66lPf_VR

18.164.68.43

200 OK

31 kB

URL HTTP/2
ik.imagekit.io/buudphu9p36/pic3827_E66lPf_VR
IP
18.164.68.43:0
ASN
#0

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 811x900, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
31 kB (30658 bytes)
Hash
8c9e0b91f874722e0213b00de9311d39
b0767ce602357ae9c2d46b51bae4b3271c46da42
0ec5d88cda7cbc73f11407da618ed671f744f9b5eccc4f69e8acafbbc0c579c4

HTTP Headers

GET /buudphu9p36/pic3827_E66lPf_VR HTTP/1.1
Host: ik.imagekit.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/webp
content-length: 30658
x-request-id: a8d4535e-ea84-4c44-ba83-2a4d84bfcd82
x-server: ImageKit.io
access-control-allow-origin: *
timing-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
server-timing: transformation;dur=107,download;dur=41
etag: W/"77c2-sHZ85gI1eunC1GtRuuSzJxxG2kI"
date: Wed, 05 Oct 2022 12:55:32 GMT
via: 1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront), 1.1 fb211c90e9ef3584bea8fd177f57995a.cloudfront.net (CloudFront)
vary: Accept
x-cache: Miss from cloudfront
x-amz-cf-pop: LHR50-P4
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Y_vOqiHjvAizXZ5p29WCg29pQkjtWYUF2850m5oqkPWyxJHhLIopag==
X-Firefox-Spdy: h2

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3

104.18.20.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
2f06315c07b430603c2eab5216241069
16f3c97637ce59df3c3ac3a9c4c4341b11e76cf6
a02fdf2bcab61aec07406cecd0477bd6a3327dd294a01fb701dedb83d83111d8

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q3 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 12:55:32 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "66D30BB1C7D3E83D2FA82488DF30E86AD302FE31"
Expires: Wed, 05 Oct 2022 23:00:00 GMT
Last-Modified: Wed, 05 Oct 2022 11:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3288
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75564fee5a050b41-OSL

ik.imagekit.io/buudphu9p36/pic2075_mp-THqfqn

18.164.68.43

200 OK

90 kB

URL HTTP/2
ik.imagekit.io/buudphu9p36/pic2075_mp-THqfqn
IP
18.164.68.43:0
ASN
#0

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1200x900, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
90 kB (89854 bytes)
Hash
d4a797247cfec85273c4ff35ed2a41c8
b8997f90e8ad0b8829d37d6c99b73fec1d63d962
2b7d338b97269b11ecb1cc02219669c526cafc5e1599b5252a93529a9766ff14

HTTP Headers

GET /buudphu9p36/pic2075_mp-THqfqn HTTP/1.1
Host: ik.imagekit.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/webp
content-length: 89854
x-request-id: 30fb4824-5419-4762-9e05-7d313f65731b
x-server: ImageKit.io
access-control-allow-origin: *
timing-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
server-timing: download;dur=0
etag: W/"15efe-uJl/kOitC4gp031smbc/7B1j2WI"
date: Wed, 05 Oct 2022 12:55:32 GMT
via: 1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront), 1.1 fb211c90e9ef3584bea8fd177f57995a.cloudfront.net (CloudFront)
vary: Accept
x-cache: Miss from cloudfront
x-amz-cf-pop: LHR50-P4
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: MOGZJvbGrnJ7S8VNylNPpIzQDmR2L5yHwUbC-vg_PQg9IP-KDf4IRQ==
X-Firefox-Spdy: h2

ik.imagekit.io/buudphu9p36/pic7838_IIz0wRXcT

18.164.68.43

200 OK

40 kB

URL HTTP/2
ik.imagekit.io/buudphu9p36/pic7838_IIz0wRXcT
IP
18.164.68.43:0
ASN
#0

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1200x900, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
40 kB (40264 bytes)
Hash
8962bb44a546baeac88e783586de8a7b
39e1dec5f96ea70800299975ed5c74e4310e7789
e26c0f5fb3822c37fa1672ba4942da2e03782cedfd161b2a526ef3416a1fbadb

HTTP Headers

GET /buudphu9p36/pic7838_IIz0wRXcT HTTP/1.1
Host: ik.imagekit.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/webp
content-length: 40264
x-request-id: a786d69c-11ce-4b6e-9f51-eb65164ce486
x-server: ImageKit.io
access-control-allow-origin: *
timing-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
server-timing: transformation;dur=159,download;dur=54
etag: W/"9d48-OeHexflupwgAKZl17Vx05DEOd4k"
date: Wed, 05 Oct 2022 12:55:32 GMT
via: 1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront), 1.1 fb211c90e9ef3584bea8fd177f57995a.cloudfront.net (CloudFront)
vary: Accept
x-cache: Miss from cloudfront
x-amz-cf-pop: LHR50-P4
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: QP6ZikvU56lXqFSicCfKWrSfxPUDMCaQcQZ8JaclURdtfJJzZKTKjw==
X-Firefox-Spdy: h2

ik.imagekit.io/buudphu9p36/pic5816_y2s2ffj1F

18.164.68.43

200 OK

65 kB

URL HTTP/2
ik.imagekit.io/buudphu9p36/pic5816_y2s2ffj1F
IP
18.164.68.43:0
ASN
#0

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x532, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
65 kB (65430 bytes)
Hash
41c8cd70409c98eef6a98b6efd007453
4c3bbae818bd6fdbd5fb1b4362e6d129bed3b85b
2b263ff1ecfa3a9337a19f9f02652ff54e05ec52d965d09e767957807743d317

HTTP Headers

GET /buudphu9p36/pic5816_y2s2ffj1F HTTP/1.1
Host: ik.imagekit.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/webp
content-length: 65430
x-request-id: 93b298d4-5bfb-4cab-a67e-c147f7befaad
x-server: ImageKit.io
access-control-allow-origin: *
timing-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
server-timing: transformation;dur=128,download;dur=56
etag: W/"ff96-TDu66Bi9b9vV+xtDYubRKb7TuFs"
date: Wed, 05 Oct 2022 12:55:32 GMT
via: 1.1 ab68583a58d574d6a9e5fca1fb1e6316.cloudfront.net (CloudFront), 1.1 fb211c90e9ef3584bea8fd177f57995a.cloudfront.net (CloudFront)
vary: Accept
x-cache: Miss from cloudfront
x-amz-cf-pop: LHR50-P4
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: YH3UjFKRYaYuPvB_FOMhh1Q6IfBC20xpH9ysKyXjHRVQ-e8hdO6KSw==
X-Firefox-Spdy: h2

connect-safely.com/airbnb/static/airbnb-dls-web/build/fonts/Airbnb_Cereal-Book-aa38e86e3f98554f9f7053d7b713b4db.woff

199.33.112.228

404 Not Found

1.2 kB

URL HTTP/2
connect-safely.com/airbnb/static/airbnb-dls-web/build/fonts/Airbnb_Cereal-Book-aa38e86e3f98554f9f7053d7b713b4db.woff
IP
199.33.112.228:0
ASN
#23498 CDSI

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /airbnb/static/airbnb-dls-web/build/fonts/Airbnb_Cereal-Book-aa38e86e3f98554f9f7053d7b713b4db.woff HTTP/1.1
Host: connect-safely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Wed, 05 Oct 2022 12:55:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

108.138.212.162

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
108.138.212.162:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
2262a1578bdb96a747b31fbf4e8d9b80
a0fb470cb31e2813df25a3a921570f8bca8e6ac2
92c7484304017d2060aa4c110c0a326738b45a45086e92887b3c9dae771209f3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 05 Oct 2022 12:55:32 GMT
Last-Modified: Wed, 05 Oct 2022 12:12:50 GMT
Server: ECS (nyb/1D29)
X-Cache: Miss from cloudfront
Via: 1.1 74b852b2cc37f65a489023e039126b5c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-P3
X-Amz-Cf-Id: Gq-T-3GSrIY42NigfbQoiIJ8LOmjgDEnUrD7EzNfhuuXFhpejudxeQ==
Age: 2562

ik.imagekit.io/buudphu9p36/pic6976_hv9oq6sac

18.164.68.43

200 OK

55 kB

URL HTTP/2
ik.imagekit.io/buudphu9p36/pic6976_hv9oq6sac
IP
18.164.68.43:0
ASN
#0

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x853, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
55 kB (54606 bytes)
Hash
524e4a549260158ac7c613c9aa817838
62698778068b402848ee25cbc0349306b1fca48c
23f229fd809ef8c0b3844c3765871224bc32111d93963d0b35f735892492af68

HTTP Headers

GET /buudphu9p36/pic6976_hv9oq6sac HTTP/1.1
Host: ik.imagekit.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/webp
content-length: 54606
x-request-id: 2cf206f3-19ad-40af-9c56-b4b8b019badd
x-server: ImageKit.io
access-control-allow-origin: *
timing-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
server-timing: transformation;dur=158,download;dur=49
etag: W/"d54e-YmmHeAaLQChI7iXLwDSTBrH8pIw"
date: Wed, 05 Oct 2022 12:55:32 GMT
via: 1.1 c3fc8d1fb362a6655af993732c376dc4.cloudfront.net (CloudFront), 1.1 fb211c90e9ef3584bea8fd177f57995a.cloudfront.net (CloudFront)
vary: Accept
x-cache: Miss from cloudfront
x-amz-cf-pop: LHR50-P4
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: fNV2_jdBvJYHHYdxAVz--_dL9l2wQAHZmG0reuFIMeiIsI2htHRIUg==
X-Firefox-Spdy: h2

connect-safely.com/airbnb/static/airbnb-dls-web/build/fonts/Airbnb_Cereal-Book-9a1c9cca9bb3d65fefa2aa487617805e.woff2

199.33.112.228

404 Not Found

1.2 kB

URL HTTP/2
connect-safely.com/airbnb/static/airbnb-dls-web/build/fonts/Airbnb_Cereal-Book-9a1c9cca9bb3d65fefa2aa487617805e.woff2
IP
199.33.112.228:0
ASN
#23498 CDSI

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /airbnb/static/airbnb-dls-web/build/fonts/Airbnb_Cereal-Book-9a1c9cca9bb3d65fefa2aa487617805e.woff2 HTTP/1.1
Host: connect-safely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Wed, 05 Oct 2022 12:55:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

connect-safely.com/airbnb/static/airbnb-dls-web/build/fonts/Airbnb_Cereal-Book-aa38e86e3f98554f9f7053d7b713b4db.woff

199.33.112.228

404 Not Found

1.2 kB

URL HTTP/2
connect-safely.com/airbnb/static/airbnb-dls-web/build/fonts/Airbnb_Cereal-Book-aa38e86e3f98554f9f7053d7b713b4db.woff
IP
199.33.112.228:0
ASN
#23498 CDSI

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /airbnb/static/airbnb-dls-web/build/fonts/Airbnb_Cereal-Book-aa38e86e3f98554f9f7053d7b713b4db.woff HTTP/1.1
Host: connect-safely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Wed, 05 Oct 2022 12:55:33 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/thumb_adebbfef77479cfae95d5dd10a7d04a7-cathedrale-st-pierre.jpg

199.33.112.228

200 OK

14 kB

URL HTTP/2
connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/thumb_adebbfef77479cfae95d5dd10a7d04a7-cathedrale-st-pierre.jpg
IP
199.33.112.228:0
ASN
#23498 CDSI

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 170x226, components 3\012- data
Size
14 kB (14016 bytes)
Hash
32de0fffca298a44b41d12222fa39707
8842a76869f9b051c866ce8ed30b0b5a872d9a41
a9bbb0485dd49e163dd07a06b0b7b896e85779d39d1c73ccf073071da0862182

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/thumb_adebbfef77479cfae95d5dd10a7d04a7-cathedrale-st-pierre.jpg HTTP/1.1
Host: connect-safely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 12:55:33 GMT
content-type: image/jpeg
last-modified: Tue, 04 Oct 2022 11:26:41 GMT
accept-ranges: bytes
content-length: 14016
date: Wed, 05 Oct 2022 12:55:33 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/thumb_cdfb66c7bf3d26fd35c17d0cf63e8ec1-jet-d-eau.jpg

199.33.112.228

200 OK

18 kB

URL HTTP/2
connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/thumb_cdfb66c7bf3d26fd35c17d0cf63e8ec1-jet-d-eau.jpg
IP
199.33.112.228:0
ASN
#23498 CDSI

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 170x226, components 3\012- data
Size
18 kB (17955 bytes)
Hash
dfead901e4b0a61645e4cdb5b203829a
7ac1a9ea5281d4d718c397fb5ad6feae57be737f
a9bff4c6c4819b0e21960c9f5e9ca6eac8ebf6b55961d47986f7252a0b054605

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/thumb_cdfb66c7bf3d26fd35c17d0cf63e8ec1-jet-d-eau.jpg HTTP/1.1
Host: connect-safely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 12:55:33 GMT
content-type: image/jpeg
last-modified: Tue, 04 Oct 2022 11:26:42 GMT
accept-ranges: bytes
content-length: 17955
date: Wed, 05 Oct 2022 12:55:33 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/thumb_c5d4ead2fff1757e819e308c3e771167-palais-des-nations.jpg

199.33.112.228

200 OK

12 kB

URL HTTP/2
connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/thumb_c5d4ead2fff1757e819e308c3e771167-palais-des-nations.jpg
IP
199.33.112.228:0
ASN
#23498 CDSI

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 170x226, components 3\012- data
Size
12 kB (12487 bytes)
Hash
fd5451dea89daccae3c8ca7af37899fc
5df6c7e48c3229b732f81a6dbcce1d80d421d91f
eec13052a6e3ba8d5f4e805920bdab9ae5ead09979e2269262fe421ca715117e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/thumb_c5d4ead2fff1757e819e308c3e771167-palais-des-nations.jpg HTTP/1.1
Host: connect-safely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 12:55:33 GMT
content-type: image/jpeg
last-modified: Tue, 04 Oct 2022 11:26:42 GMT
accept-ranges: bytes
content-length: 12487
date: Wed, 05 Oct 2022 12:55:33 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/thumb_905185bc3e36c33bea2244efcc3d6699-cern.jpg

199.33.112.228

200 OK

24 kB

URL HTTP/2
connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/thumb_905185bc3e36c33bea2244efcc3d6699-cern.jpg
IP
199.33.112.228:0
ASN
#23498 CDSI

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 170x226, components 3\012- data
Size
24 kB (24474 bytes)
Hash
83b4b0ea94e532915891c8c8c854de6f
4aef3020941f4a6010a458c25fc5193c76045368
7fea5e4c728a432884885084f2f4520a52da888b2eb6b685b4df115043aeaf30

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/thumb_905185bc3e36c33bea2244efcc3d6699-cern.jpg HTTP/1.1
Host: connect-safely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 12:55:33 GMT
content-type: image/jpeg
last-modified: Tue, 04 Oct 2022 11:26:41 GMT
accept-ranges: bytes
content-length: 24474
date: Wed, 05 Oct 2022 12:55:33 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/thumb_174809140_high.jpg

199.33.112.228

200 OK

23 kB

URL HTTP/2
connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/thumb_174809140_high.jpg
IP
199.33.112.228:0
ASN
#23498 CDSI

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 170x226, components 3\012- data
Size
23 kB (22675 bytes)
Hash
91ca21199aa4e06ab5cb60b0b49b7c64
7b4ae5f701738c507c59f9a1c057ffc0f45e5697
f201c8a31d6b0137a6262422d142cfa47e018b07958d97e908fe54b6f7b3c1bd

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/thumb_174809140_high.jpg HTTP/1.1
Host: connect-safely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 12:55:33 GMT
content-type: image/jpeg
last-modified: Tue, 04 Oct 2022 11:26:40 GMT
accept-ranges: bytes
content-length: 22675
date: Wed, 05 Oct 2022 12:55:33 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/thumb_76572201.jpg

199.33.112.228

200 OK

20 kB

URL HTTP/2
connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/thumb_76572201.jpg
IP
199.33.112.228:0
ASN
#23498 CDSI

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 170x226, components 3\012- data
Size
20 kB (20213 bytes)
Hash
4254f473951e4f8764ca09b07f91cb1b
5371e6c419269eb9b1272f6656a4a8fe57c1434f
5e5a4bba3eb206f2b979a473030d16d5203af6d3746365451da81ec72e3f9ce9

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/thumb_76572201.jpg HTTP/1.1
Host: connect-safely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 12:55:33 GMT
content-type: image/jpeg
last-modified: Tue, 04 Oct 2022 11:26:41 GMT
accept-ranges: bytes
content-length: 20213
date: Wed, 05 Oct 2022 12:55:33 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/thumb_GettyImages-457297564_master.jpg

199.33.112.228

200 OK

11 kB

URL HTTP/2
connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/thumb_GettyImages-457297564_master.jpg
IP
199.33.112.228:0
ASN
#23498 CDSI

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 170x226, components 3\012- data
Size
11 kB (11418 bytes)
Hash
4ab8582fcd00b02664d17c2c7a3cb679
55c68ed0af85ae4face37c28caabb114f5c9e183
1e1f04c5b1dd732fe938e7d023be5ca7eb46b835391503ae4736a17b746bc8d5

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/thumb_GettyImages-457297564_master.jpg HTTP/1.1
Host: connect-safely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 12:55:33 GMT
content-type: image/jpeg
last-modified: Tue, 04 Oct 2022 11:26:43 GMT
accept-ranges: bytes
content-length: 11418
date: Wed, 05 Oct 2022 12:55:33 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/thumb_033ca7972862a534c8b1d8959947ada1-musee-suisse-du-jeu.jpg

199.33.112.228

200 OK

23 kB

URL HTTP/2
connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/thumb_033ca7972862a534c8b1d8959947ada1-musee-suisse-du-jeu.jpg
IP
199.33.112.228:0
ASN
#23498 CDSI

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 170x226, components 3\012- data
Size
23 kB (23430 bytes)
Hash
912e0f2aa533a4201b041b9f35d01c3a
d7e233cff2a45993e4f97bb67a669de4d7523cf5
eb586b53e551b8b7bc690e99e861652b00347e4efc5da48f17d2c2772ccb7d5a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/thumb_033ca7972862a534c8b1d8959947ada1-musee-suisse-du-jeu.jpg HTTP/1.1
Host: connect-safely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 12:55:33 GMT
content-type: image/jpeg
last-modified: Tue, 04 Oct 2022 11:26:39 GMT
accept-ranges: bytes
content-length: 23430
date: Wed, 05 Oct 2022 12:55:33 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/thumb_69650a41c76763a6777698ae2f02b083-mont-pelerin.jpg

199.33.112.228

200 OK

23 kB

URL HTTP/2
connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/thumb_69650a41c76763a6777698ae2f02b083-mont-pelerin.jpg
IP
199.33.112.228:0
ASN
#23498 CDSI

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 170x226, components 3\012- data
Size
23 kB (22877 bytes)
Hash
2adbfde697dac272415c4568242135be
49cd73c7d1a8c3e6b580d387e3b468fa10552d40
3345a666a4e23da5c20055172f3a57065a2ceae20883ae62a302acfece69d390

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/thumb_69650a41c76763a6777698ae2f02b083-mont-pelerin.jpg HTTP/1.1
Host: connect-safely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 12:55:33 GMT
content-type: image/jpeg
last-modified: Tue, 04 Oct 2022 11:26:40 GMT
accept-ranges: bytes
content-length: 22877
date: Wed, 05 Oct 2022 12:55:33 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/thumb_e177730f2650770bd6ff0ae460f7c0ad-chaplin-s-world.jpg

199.33.112.228

200 OK

17 kB

URL HTTP/2
connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/thumb_e177730f2650770bd6ff0ae460f7c0ad-chaplin-s-world.jpg
IP
199.33.112.228:0
ASN
#23498 CDSI

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 170x226, components 3\012- data
Size
17 kB (16885 bytes)
Hash
827b410c22498b3293e48e32a0838f52
523727c049568876884b573710b02de5177ddb15
eb06f8ffbbb1abe0459ef97c9c2902afc298506ea21f409fbd9f94ae9ac6911b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/thumb_e177730f2650770bd6ff0ae460f7c0ad-chaplin-s-world.jpg HTTP/1.1
Host: connect-safely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 12:55:33 GMT
content-type: image/jpeg
last-modified: Tue, 04 Oct 2022 11:26:43 GMT
accept-ranges: bytes
content-length: 16885
date: Wed, 05 Oct 2022 12:55:33 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/thumb_114832813.jpg

199.33.112.228

200 OK

13 kB

URL HTTP/2
connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/thumb_114832813.jpg
IP
199.33.112.228:0
ASN
#23498 CDSI

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 170x226, components 3\012- data
Size
13 kB (13137 bytes)
Hash
793385e8302f6137b87327c688e2b86f
e506476448800fde9de68152cba5c75b7ed944d8
d3b7ab16f72b0893f16c160232533ac340d92782e6c0d4e1a8145b561e5f68ea

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/thumb_114832813.jpg HTTP/1.1
Host: connect-safely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 12:55:33 GMT
content-type: image/jpeg
last-modified: Tue, 04 Oct 2022 11:26:39 GMT
accept-ranges: bytes
content-length: 13137
date: Wed, 05 Oct 2022 12:55:33 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/thumb_GettyImages-542705997_super.jpg

199.33.112.228

200 OK

13 kB

URL HTTP/2
connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/thumb_GettyImages-542705997_super.jpg
IP
199.33.112.228:0
ASN
#23498 CDSI

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 170x226, components 3\012- data
Size
13 kB (13426 bytes)
Hash
4fde41714af1b285f7cf524bdb0f57b0
1dcaddf77b54863bb29632fd4d0fa0bd0e0ef3cc
c425d6f767592099893258926b289feb54f7bdb3c3c99ea7f45f37afaef79f96

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/thumb_GettyImages-542705997_super.jpg HTTP/1.1
Host: connect-safely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 12:55:33 GMT
content-type: image/jpeg
last-modified: Tue, 04 Oct 2022 11:26:43 GMT
accept-ranges: bytes
content-length: 13426
date: Wed, 05 Oct 2022 12:55:33 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/icon-uc-diamond.296a9c25.gif

199.33.112.228

200 OK

17 kB

URL HTTP/2
connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/icon-uc-diamond.296a9c25.gif
IP
199.33.112.228:0
ASN
#23498 CDSI

File type
GIF image data, version 89a, 80 x 80\012- data
Size
17 kB (17080 bytes)
Hash
296a9c250dc9ee3d995629f834798cb1
2ba2be13d334999b680e36f7aa98a4ea2c7a942c
f8841ce151aecf042fb317ca4954981bca1ba5405333815a82967bea0fd50321

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/icon-uc-diamond.296a9c25.gif HTTP/1.1
Host: connect-safely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 12:55:33 GMT
content-type: image/gif
last-modified: Tue, 04 Oct 2022 11:26:28 GMT
accept-ranges: bytes
content-length: 17080
date: Wed, 05 Oct 2022 12:55:33 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/zeKbcWK.gif

199.33.112.228

200 OK

2.5 kB

URL HTTP/2
connect-safely.com/airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/zeKbcWK.gif
IP
199.33.112.228:0
ASN
#23498 CDSI

File type
GIF image data, version 89a, 32 x 25\012- data
Size
2.5 kB (2536 bytes)
Hash
5b2a902a99922b3e280df65dd4173bde
58514a88d27a3df3f84f119a337908c74cd5fff2
85be262f07da3ff519720dd386a0df0f8d9ffba8e0fadbaf6ff0e0180cead338

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /airbnbcom-geneva-samir/Apartment%20for%20rent%20in%20Geneva%20-%20Yasmin%20Yolanda%20Biden%20%E2%80%A2%20Airbnb_files/zeKbcWK.gif HTTP/1.1
Host: connect-safely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect-safely.com/airbnbcom-geneva-samir/Apartment-for-rent-in-Geneva-Airbnb.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 12:55:33 GMT
content-type: image/gif
last-modified: Tue, 04 Oct 2022 11:26:44 GMT
accept-ranges: bytes
content-length: 2536
date: Wed, 05 Oct 2022 12:55:33 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14519
Expires: Wed, 05 Oct 2022 16:57:33 GMT
Date: Wed, 05 Oct 2022 12:55:34 GMT
Connection: keep-alive

ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=b7d942f919

172.64.203.28

200 OK

4.7 kB

URL HTTP/2
ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=b7d942f919
IP
172.64.203.28:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (26500)
Size
4.7 kB (4683 bytes)
Hash
93d1d92a36f5bb908026645916061c16
aee19147fd9c0c9d3c69c5580d053e454120542b
ac51fb7c4841e1d19769b7813f337dff4b1fa83b586b3e6b0f6e526276861d10

HTTP Headers

GET /releases/v5.15.4/css/free-v4-shims.min.css?token=b7d942f919 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://connect-safely.com/
Origin: https://connect-safely.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 05 Oct 2022 12:55:32 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8d36edc1ce736c158ddedbd7365e2a8e.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR3-C1
x-amz-cf-id: idt3oGoMxppDe8634_K3gqDpy2TrSK1L7XhcT6DHyWWQktZHBqEoEA==
age: 51790
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DjDudl82%2FM0cwIwTwq4WScmlB1%2BbggKL3FC1TdOEGiO5Cy0zEP%2F4hm3lcGQr%2FSAFlRX2oyv7Lw7wF0%2BAoW9RrGAOtCB2JCbVp07RgIYFwvl7DznwUMyGRoffZV6jelQbQuX6yr6lig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75564feb4b267324-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14519
Expires: Wed, 05 Oct 2022 16:57:33 GMT
Date: Wed, 05 Oct 2022 12:55:34 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14519
Expires: Wed, 05 Oct 2022 16:57:33 GMT
Date: Wed, 05 Oct 2022 12:55:34 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10158 bytes)
Hash
4fc2ddd86450d64d3fb659ab4e78be58
bbe71936b78a8c34d03ab87948dc840b35c6948f
84a760397a5912bd05f61bc8a953c13a88a677e2d17fbbf74bdf7d7ff4d3942f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10158
x-amzn-requestid: def1fc7e-8008-466f-9271-20fa1ab0fa5a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaqZCH7doAMFcPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a8aa0-7fd2fb1249366f2277d719d6;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 07:09:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: szhtD9f4RuQaDKXe7LElSR0yOKo9cYa1i2YMeG3eSpBXP8ePcdzQig==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 07:29:32 GMT
age: 19562
etag: "bbe71936b78a8c34d03ab87948dc840b35c6948f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F727060c5-cdba-4c73-92c7-eb01c35aff59.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9907 bytes)
Hash
1bc04f249ff8da1e71ebd8bc5dfda85d
da3f9add6816af819df6aac08796dc7478dd0517
9f4a02cde38c7d61352f390a8d91cf9028652395ad55a3a49966df4a63642a85

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F727060c5-cdba-4c73-92c7-eb01c35aff59.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9907
x-amzn-requestid: b1b9a896-c745-496a-89df-b253d458f903
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWRm_EkKoAMF4cQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338c95f-3330e14379849de85eb3dda4;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:12:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DkZ7D4ZQQ9VTWjHqGhSVAFfIsn2mpzB8ZVCSBE1zvytS96oJAmDL2w==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 22:42:26 GMT
age: 51188
etag: "da3f9add6816af819df6aac08796dc7478dd0517"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb178720-854c-4c9e-85c1-58cb5419ca69.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.6 kB (3585 bytes)
Hash
5d7d7df8d4c440f9db445c3d99e818d6
612b6dbd4ba895c167964ff7e6d9263013b52b0a
bf527a814c78f9e010cce4ba593c9146d54a2137d1f147f7a6250fbad81956ac

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb178720-854c-4c9e-85c1-58cb5419ca69.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3585
x-amzn-requestid: ccb6f0c8-4d9b-48b8-aaf6-16781dc4c86b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaHFlEcFoAMFS3g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a5223-5c9276c873efee993ba54667;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 03:08:19 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: T8m1q2L45TWDVRBa-R2W70yq9BauBK3G4IX54AGIxdRhG736T974kg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 04:05:29 GMT
age: 31805
etag: "612b6dbd4ba895c167964ff7e6d9263013b52b0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23595c4d-609a-48f3-a52f-e88e478d7653.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.8 kB (5832 bytes)
Hash
3257b782efae9b64e6e18a547866ec50
4daf0c001e86af8477fb097e8ca932edb8e5f981
899f9692e86405aa288d88dd285a6fe26bedab1a2ca4693212476063890b01a5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23595c4d-609a-48f3-a52f-e88e478d7653.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5832
x-amzn-requestid: c4427edd-3d71-47d0-a2d3-b3bfed089535
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8s1FuUoAMFhBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7eb-46ddff150da4141d23fc0d8a;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:38:51 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: WWClzLGprno--c75q63i1TFi8oBEdAYW-J4lCk9V8IELQXe6q0A05A==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 21:42:34 GMT
age: 54780
etag: "4daf0c001e86af8477fb097e8ca932edb8e5f981"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5704624d-eb81-4a5b-bcb7-08db5681c677.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8926 bytes)
Hash
1de7c17a0ba9295135e7f8b490b6a8d3
70e8d1589f3daf71378965dd197934e220fb6aa4
ee559ce3166479e2b930be7d18525f5c2d164aed8ca005302ddaf3bfe37eec24

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5704624d-eb81-4a5b-bcb7-08db5681c677.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8926
x-amzn-requestid: 27fc8976-af8d-40a3-b701-0642fa135ec4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8s1GSbIAMFTiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7eb-4d4c7837576e0fdb5828fe3b;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:38:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YzVofPSJC-YVU1Q1V9AnjNeQTa1BQEh6ZiH2HjSeeX5RygysFP7oAA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 21:42:34 GMT
age: 54780
etag: "70e8d1589f3daf71378965dd197934e220fb6aa4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

17 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07ed6d4e-f8d6-4fa4-a7da-a497e3667e10.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
17 kB (17279 bytes)
Hash
420f8420af76fa258690bb842ff38db7
a37e39e4429d869abcf95cf3cb2c74675e174040
1d45d4f188ff54b5f66cd3c828affdd5d90b621c875c58a9fa6cd265f456d622

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07ed6d4e-f8d6-4fa4-a7da-a497e3667e10.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 17279
x-amzn-requestid: 381c1622-0b7a-407a-a98e-ad5e10b67a33
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8s1ExxoAMFsAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7eb-4ed02978326aebf338ccd998;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:38:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CIZCBfsULoj_hm3G56Um57QTYuGUjN63x_H1Bb3xPKeacmsrTLqLYw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 21:42:34 GMT
age: 54780
etag: "a37e39e4429d869abcf95cf3cb2c74675e174040"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
363705d8582b6d728abfb988755806f0
4493704b29687839bf50a9333e31baecfd579c24
4cf0c601c73b7d578d4eafca70cd24e44babc3390cddbd048959d04828d29f05

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3449
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 12:55:36 GMT
Last-Modified: Wed, 05 Oct 2022 11:58:07 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2

52.35.225.239

200 OK

8 B

URL HTTP/1.1
shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
IP
52.35.225.239:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
8 B (8 bytes)
Hash
29fc57841962e407cb50c1be60284bf7
ce968a77e2996da5eee8925182318f171ccdce47
ae7e7075247dcfad763f1e131aeac3d2e756bb03d48b0d315a50c69636e5dc8b

HTTP Headers

POST /downloads?client=Firefox&appver=96.0a&pver=2.2 HTTP/1.1
Host: shavar.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 773
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/octet-stream
Date: Wed, 05 Oct 2022 12:55:36 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 8
Connection: Close

ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=b7d942f919

172.64.203.28

200 OK

0 B

URL HTTP/2
ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=b7d942f919
IP
172.64.203.28:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/v5.15.4/css/free.min.css?token=b7d942f919 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://connect-safely.com/
Origin: https://connect-safely.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 05 Oct 2022 12:55:32 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ce738519b722f3350531751d4205f8f4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: SGNz2exsFuWCQn_-EHeTv30yO1VsGCk2Vr1BrhSKiHeRPLCKySBGdA==
age: 51790
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8TbdS%2Fcgret7zVac5pLgFXtIOg4lA7%2B19UMHs11N2hARmN%2BSjKZ8yDd0xQ%2FNHZhHEaYxY%2Fzyb8n3RBHvh%2Bf%2Bao9O0DLAa1QluBbKUZbu0vJS%2BWsJGJfl7YIGZMFF0Dd9qcQMDvLnYA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75564feb4b297324-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=b7d942f919

172.64.203.28

200 OK

0 B

URL HTTP/2
ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=b7d942f919
IP
172.64.203.28:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/v5.15.4/css/free-v4-font-face.min.css?token=b7d942f919 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://connect-safely.com/
Origin: https://connect-safely.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 05 Oct 2022 12:55:32 GMT
content-type: text/css
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
cache-control: max-age=31556926
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: fa-kit-token
access-control-max-age: 3000
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c58391b07051938ceda6615614fbabb0.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: SOdq3454VTh2Ietze42qrwPqeyQ94m3KoPPRht3_-jm7wG8d-3tcMg==
age: 51790
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GvcLEs7eh%2Fu%2Fclimu0HVWbIb5If1gYO4aGm%2Fm2ueeG4QDGNVgULCUf4rgVCxk15DssjStMjJdTB%2BVxL7NlUrtWFWD4x2vlRixzJ%2F5E%2FpV4TIW0XU1ORlThC6qAaAfDxpaG6QJemeGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75564feb3b207324-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations