r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2d2e7649ce9e9ba6fc8b68aa89352e3c
0153d1d3d830a457043e16bb40d48a0b9ddef4b8
8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3187
Expires: Tue, 29 Nov 2022 04:36:01 GMT
Date: Tue, 29 Nov 2022 03:42:54 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9408cc0694fcbea57966c3a3ba906092
fddcee1fdcf3209298e41a4b1b5560357fa165f0
6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6407
Cache-Control: max-age=117314
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 03:42:54 GMT
Etag: "63848df9-1d7"
Expires: Wed, 30 Nov 2022 12:18:08 GMT
Last-Modified: Mon, 28 Nov 2022 10:31:21 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6d9d34c96b9a826ae5676640c966469c
8052a16d41a637e420478b7de1ff5a2dc951fccd
f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5471
Expires: Tue, 29 Nov 2022 05:14:05 GMT
Date: Tue, 29 Nov 2022 03:42:54 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 03:19:35 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1399
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: jkrqTxpkz4nChcHIRFxtjngabOlYF14AxN/UQUNJA3ke0ZOXL3vrD0ji6YMYjV5FFdzpCDJ2ZsE=
x-amz-request-id: XZE1SG39HEJXZTJM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 03:42:21 GMT
age: 33
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
mycoffeekiss.com/
172.67.214.180301 Moved Permanently 707 B IP 172.67.214.180:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: mycoffeekiss.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 29 Nov 2022 03:42:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
location: https://mycoffeekiss.com/
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BFf4EZbRY7TM4%2FgSLBh%2BHWMQPiWU7TdXcA%2B541PIbgyOT3qfLcYbbMU04iWRLQ5wfGgahPrHLCvErbICMPPSsVEE8VPCJZX2lLWL64eFRCrrTPfpz7xJVfGc3joN72Bx7s7p"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 771856042dbe0b65-OSL
alt-svc: h2=":443"; ma=60
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 03:42:54 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 7d20f460fba91b014e617f4312559cdc
c73d285fb55919db85a5e86305caa6caefa0de75
ad66e678fd7b899ff1478b82cd5c9a01ad8321bbb98fc65b53db7d1ff9578937
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=93937
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 03:42:54 GMT
Etag: "63844baf-118"
Expires: Wed, 30 Nov 2022 05:48:31 GMT
Last-Modified: Mon, 28 Nov 2022 05:48:31 GMT
Server: nginx
Content-Length: 280
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 03:11:13 GMT
cache-control: public,max-age=3600
age: 1901
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7ab2ef968cb6a3078f4b9cb2dda813d4
e669116047ca058a2c1b2999ff0ea8682719162c
6ddecf0b21c44f3851da8efeb6ecdc6c8e9b83d7681153c31952b4ec8c23c940
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6449
Cache-Control: max-age=112289
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 03:42:55 GMT
Etag: "63847a2f-1d7"
Expires: Wed, 30 Nov 2022 10:54:24 GMT
Last-Modified: Mon, 28 Nov 2022 09:06:55 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 7d20f460fba91b014e617f4312559cdc
c73d285fb55919db85a5e86305caa6caefa0de75
ad66e678fd7b899ff1478b82cd5c9a01ad8321bbb98fc65b53db7d1ff9578937
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=93937
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 03:42:55 GMT
Etag: "63844baf-118"
Expires: Wed, 30 Nov 2022 05:48:32 GMT
Last-Modified: Mon, 28 Nov 2022 05:48:31 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 280
c0.wp.com/c/6.1.1/wp-includes/css/classic-themes.min.css
192.0.77.37200 OK 217 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/css/classic-themes.min.css
IP 192.0.77.37:0
Hash 95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
GET /c/6.1.1/wp-includes/css/classic-themes.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycoffeekiss.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 03:42:55 GMT
content-type: text/css
content-length: 217
last-modified: Tue, 25 Oct 2022 13:45:16 GMT
expires: Wed, 29 Nov 2023 03:42:55 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 03:42:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.wp.com/e-202247.js
192.0.76.3200 OK 3.5 kB IP 192.0.76.3:0
File type ASCII text, with very long lines (2690)
Hash c449fe62a0fa87c4239fe86ffcef5620
dbd29ebd9d8c80442dc64360b65738975f745cfb
ddacd7f6a64b7118c9f1f018001969441e78b4ea9ddcfb7759bf2dcd4658bb13
GET /e-202247.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycoffeekiss.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 03:42:55 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-3508"
content-encoding: br
expires: Mon, 13 Nov 2023 09:17:34 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.163.49.154101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.163.49.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 6kdMi8+4zsd83GeBdKaDzw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: woTjjA6okWJgrL2cOcx41zzbjGk=
r3.o.lencr.org/
23.36.76.226200 OK 4.9 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a1f666f0955bc745f6086b26d045c648
7bd6116dc608e05659c693958843ecb53d501f86
c4dd3b2a9af74962a681a196ef610807692f09f6fcb0d9ab076aa7dd155888b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1133EF4B639F7013F885832480233EA5B005FE3E4AD3D965C2475D0C8EF4568F"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3295
Expires: Tue, 29 Nov 2022 04:37:50 GMT
Date: Tue, 29 Nov 2022 03:42:55 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 03:42:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i0.wp.com/mycoffeekiss.com/wp-content/uploads/2022/09/download-2022-09-17T011536.738_11zon_11zon-1.jpg?resize=650%2C400&ssl=1
192.0.77.2200 OK 16 kB URL HTTP/2 i0.wp.com/mycoffeekiss.com/wp-content/uploads/2022/09/download-2022-09-17T011536.738_11zon_11zon-1.jpg?resize=650%2C400&ssl=1
IP 192.0.77.2:0
Hash c6756e32dcf46c2340a0fb5329198868
2f63bfb4465f381ea48387abc143282730355750
40aae75c73476fcf619c4c2a9428a7c38bd6deae6f0a3ab85a5b0cda9c3c524f
GET /mycoffeekiss.com/wp-content/uploads/2022/09/download-2022-09-17T011536.738_11zon_11zon-1.jpg?resize=650%2C400&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycoffeekiss.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 03:42:55 GMT
content-type: image/webp
content-length: 12756
last-modified: Sat, 26 Nov 2022 13:34:56 GMT
expires: Tue, 26 Nov 2024 01:34:56 GMT
cache-control: public, max-age=63115200
link: <https://mycoffeekiss.com/wp-content/uploads/2022/09/download-2022-09-17T011536.738_11zon_11zon-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "a619915e735c4945"
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 03:42:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i0.wp.com/mycoffeekiss.com/wp-content/uploads/2022/09/download-2022-09-16T091548.542_11zon.jpg?resize=530%2C415&ssl=1
192.0.77.2200 OK 7.3 kB URL HTTP/2 i0.wp.com/mycoffeekiss.com/wp-content/uploads/2022/09/download-2022-09-16T091548.542_11zon.jpg?resize=530%2C415&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 530x415, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash aab96cb849ca3f52820ace17faa65019
d70184bcaeb412546075d2dbb7ac1f0483ccb9dc
48b0a0b395382ec279fc1bb9757157d95ea43fd7ca955d860fec5875b379ac24
GET /mycoffeekiss.com/wp-content/uploads/2022/09/download-2022-09-16T091548.542_11zon.jpg?resize=530%2C415&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycoffeekiss.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 03:42:55 GMT
content-type: image/webp
content-length: 7312
last-modified: Sat, 26 Nov 2022 13:34:56 GMT
expires: Tue, 26 Nov 2024 01:34:56 GMT
cache-control: public, max-age=63115200
link: <https://mycoffeekiss.com/wp-content/uploads/2022/09/download-2022-09-16T091548.542_11zon.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "deab7cd37127bc7c"
vary: Accept
x-nc: MISS arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/mycoffeekiss.com/wp-content/uploads/2022/09/download-2022-09-17T012653.925_11zon_11zon.jpg?resize=650%2C600&ssl=1
192.0.77.2200 OK 24 kB URL HTTP/2 i0.wp.com/mycoffeekiss.com/wp-content/uploads/2022/09/download-2022-09-17T012653.925_11zon_11zon.jpg?resize=650%2C600&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 650x600, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 25d44635dbc4cfafc40276edb6f0fb99
1d0026e326fda6dadb1623c9d8ef9387baa6db9c
a6017a6d0e16ed2c4279ad7e750893a7ac052699d0d21fff5d4de7329c3dee9f
GET /mycoffeekiss.com/wp-content/uploads/2022/09/download-2022-09-17T012653.925_11zon_11zon.jpg?resize=650%2C600&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycoffeekiss.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 03:42:55 GMT
content-type: image/webp
content-length: 23554
last-modified: Sat, 26 Nov 2022 13:34:57 GMT
expires: Tue, 26 Nov 2024 01:34:57 GMT
cache-control: public, max-age=63115200
link: <https://mycoffeekiss.com/wp-content/uploads/2022/09/download-2022-09-17T012653.925_11zon_11zon.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "459f9f142102603d"
vary: Accept
x-nc: MISS arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2
216.58.207.195200 OK 34 kB URL HTTP/2 fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 33580, version 1.0\012- data
Hash 848cd2ecd011428969dc6b90431bc482
6b1a7b562a56bd54510e0f6f95e26babca331a1b
981307dcbbd348f6fb4e3eab184077392f9ee15097ea868f630debefad9044e9
GET /s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mycoffeekiss.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 21:38:57 GMT
expires: Fri, 24 Nov 2023 21:38:57 GMT
cache-control: public, max-age=31536000
age: 367438
last-modified: Mon, 18 Jul 2022 19:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
216.58.207.195200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 216.58.207.195:0
Hash 814c8983ca68be993bc178dcc616acc4
65c0b347a9439161f0bb8cf30f5d182a021538b6
0ae40a1c4c5e8dc93c10d69bb9a71e355194f637ddcb03dd0f6595dd5f31d17f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mycoffeekiss.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 21:48:50 GMT
expires: Thu, 23 Nov 2023 21:48:50 GMT
cache-control: public, max-age=31536000
age: 453245
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery.min.js
192.0.77.37200 OK 39 kB URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery.min.js
IP 192.0.77.37:0
File type ASCII text, with very long lines (65447)
Hash 553479005bd4768a8c054ddc0d85eeb9
4b830ab8b5021f78588f26f93f069b2474f405b3
d76bafdeca6db0d6cad734a328e2fdc158fde7f5ad39c8e6e6e48f1e623bbee5
GET /c/6.1.1/wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycoffeekiss.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 03:42:55 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 19 Sep 2022 14:16:24 GMT
content-encoding: br
expires: Wed, 29 Nov 2023 03:42:55 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/mycoffeekiss.com/wp-content/uploads/2022/09/download-2022-09-16T235700.054_11zon.jpg?resize=414%2C467&ssl=1
192.0.77.2200 OK 9.3 kB URL HTTP/2 i0.wp.com/mycoffeekiss.com/wp-content/uploads/2022/09/download-2022-09-16T235700.054_11zon.jpg?resize=414%2C467&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 414x467, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fe39f225c3479914407c2b60d1161d22
e2e379473612c59ee38da6f9f5dbd069da29cc5e
82014c68fe976b3524fb1bc550ca88ce6bff65831e600412eb8b57594147fc88
GET /mycoffeekiss.com/wp-content/uploads/2022/09/download-2022-09-16T235700.054_11zon.jpg?resize=414%2C467&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycoffeekiss.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 03:42:55 GMT
content-type: image/webp
content-length: 9338
last-modified: Sat, 26 Nov 2022 13:34:56 GMT
expires: Tue, 26 Nov 2024 01:34:56 GMT
cache-control: public, max-age=63115200
link: <https://mycoffeekiss.com/wp-content/uploads/2022/09/download-2022-09-16T235700.054_11zon.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "6dfd2138f36d8919"
vary: Accept
x-nc: MISS arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/mycoffeekiss.com/wp-content/uploads/2022/09/download-2022-09-17T001532.802_11zon.jpg?resize=420%2C462&ssl=1
192.0.77.2200 OK 17 kB URL HTTP/2 i0.wp.com/mycoffeekiss.com/wp-content/uploads/2022/09/download-2022-09-17T001532.802_11zon.jpg?resize=420%2C462&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 420x462, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 648fef978c01cefa480f454008426708
0f0438370d93065aea65480baae5c5b96d5f6aea
d0891c4dc29891cfceeb349b3d0cd4c4f30ab99d608aab2944b92f63438d962c
GET /mycoffeekiss.com/wp-content/uploads/2022/09/download-2022-09-17T001532.802_11zon.jpg?resize=420%2C462&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycoffeekiss.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 03:42:55 GMT
content-type: image/webp
content-length: 16602
last-modified: Sat, 26 Nov 2022 13:34:56 GMT
expires: Tue, 26 Nov 2024 01:34:56 GMT
cache-control: public, max-age=63115200
link: <https://mycoffeekiss.com/wp-content/uploads/2022/09/download-2022-09-17T001532.802_11zon.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "0cf4a16157c82dff"
vary: Accept
x-nc: MISS arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
216.58.207.195200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mycoffeekiss.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:30:59 GMT
expires: Thu, 23 Nov 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 461516
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i0.wp.com/mycoffeekiss.com/wp-content/uploads/2022/09/download-2022-09-17T003301.268_11zon.jpg?resize=513%2C413&ssl=1
192.0.77.2200 OK 14 kB URL HTTP/2 i0.wp.com/mycoffeekiss.com/wp-content/uploads/2022/09/download-2022-09-17T003301.268_11zon.jpg?resize=513%2C413&ssl=1
IP 192.0.77.2:0
Hash 1c5c08d5ca047e2d99ec8b1b6b8a256e
c72b086167f7cf017de0d78d1ad9a716ef90e908
1287a74058c6109034a2b0738a9e8627429efa7db303d7f9c7c14f4d1babda0b
GET /mycoffeekiss.com/wp-content/uploads/2022/09/download-2022-09-17T003301.268_11zon.jpg?resize=513%2C413&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycoffeekiss.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 03:42:55 GMT
content-type: image/webp
content-length: 8268
last-modified: Sat, 26 Nov 2022 13:34:56 GMT
expires: Tue, 26 Nov 2024 01:34:56 GMT
cache-control: public, max-age=63115200
link: <https://mycoffeekiss.com/wp-content/uploads/2022/09/download-2022-09-17T003301.268_11zon.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "4bca967e67cc57f6"
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/mycoffeekiss.com/wp-content/uploads/2022/09/download-2022-09-17T005820.936_11zon_11zon.jpg?resize=650%2C400&ssl=1
192.0.77.2200 OK 11 kB URL HTTP/2 i0.wp.com/mycoffeekiss.com/wp-content/uploads/2022/09/download-2022-09-17T005820.936_11zon_11zon.jpg?resize=650%2C400&ssl=1
IP 192.0.77.2:0
Hash fabfc64e23eb2aa8186f6956500328e4
21e6dfae607536727b2c2d7662b2f82df733d185
1743700cfcd99920f83da09b84f34bf8bf7963853ab176a9352c8962afaa8837
GET /mycoffeekiss.com/wp-content/uploads/2022/09/download-2022-09-17T005820.936_11zon_11zon.jpg?resize=650%2C400&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycoffeekiss.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 03:42:55 GMT
content-type: image/webp
content-length: 6960
last-modified: Sat, 26 Nov 2022 13:34:56 GMT
expires: Tue, 26 Nov 2024 01:34:56 GMT
cache-control: public, max-age=63115200
link: <https://mycoffeekiss.com/wp-content/uploads/2022/09/download-2022-09-17T005820.936_11zon_11zon.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "5b20cb40d878c144"
vary: Accept
x-nc: MISS arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/mycoffeekiss.com/wp-content/uploads/2022/09/download-2022-09-17T013934.968_11zon_11zon.jpg?resize=650%2C600&ssl=1
192.0.77.2200 OK 16 kB URL HTTP/2 i0.wp.com/mycoffeekiss.com/wp-content/uploads/2022/09/download-2022-09-17T013934.968_11zon_11zon.jpg?resize=650%2C600&ssl=1
IP 192.0.77.2:0
Hash a6ca8113749635e92e5b3d8e4139f41f
b632331859ef28d61d96432105618de1abcb005f
753c1caf591828b402c7352277ec39ffb61060f70f7676169422f54983ea80b6
GET /mycoffeekiss.com/wp-content/uploads/2022/09/download-2022-09-17T013934.968_11zon_11zon.jpg?resize=650%2C600&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycoffeekiss.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 03:42:55 GMT
content-type: image/webp
content-length: 13932
last-modified: Sat, 26 Nov 2022 13:34:56 GMT
expires: Tue, 26 Nov 2024 01:34:56 GMT
cache-control: public, max-age=63115200
link: <https://mycoffeekiss.com/wp-content/uploads/2022/09/download-2022-09-17T013934.968_11zon_11zon.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "62cace171247ee0e"
vary: Accept
x-nc: MISS arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 03:42:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pl17666130.profitablegatetocontent.com/2c/24/ac/2c24ac8e242dd31675f9930f571685cc.js
192.243.61.227200 OK 13 kB URL HTTP/1.1 pl17666130.profitablegatetocontent.com/2c/24/ac/2c24ac8e242dd31675f9930f571685cc.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37131), with no line terminators
Hash ac5b8513c46cbf4a1cb33ae2b65ab641
be836bda9fb0b824f73730f73cf94ad28008e59b
640e840625376508602cdef3a63146e7d6454d4f7e37f1e91608b8a8a9b191d7
Analyzer Verdict Alert quad9 Sinkholed
GET /2c/24/ac/2c24ac8e242dd31675f9930f571685cc.js HTTP/1.1
Host: pl17666130.profitablegatetocontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycoffeekiss.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 29 Nov 2022 03:42:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8ec29410202fb61e7a1fba0de9a11a03
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
pixel.wp.com/g.gif?v=ext&blog=200479007&post=0&tz=0&srv=mycoffeekiss.com&j=1%3A11.5.1&host=mycoffeekiss.com&ref=&fcp=1843&rand=0.4916191535541439
192.0.76.3200 OK 50 B URL HTTP/2 pixel.wp.com/g.gif?v=ext&blog=200479007&post=0&tz=0&srv=mycoffeekiss.com&j=1%3A11.5.1&host=mycoffeekiss.com&ref=&fcp=1843&rand=0.4916191535541439
IP 192.0.76.3:0
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&blog=200479007&post=0&tz=0&srv=mycoffeekiss.com&j=1%3A11.5.1&host=mycoffeekiss.com&ref=&fcp=1843&rand=0.4916191535541439 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycoffeekiss.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 03:42:56 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 635eba2ec841f80118a858a94bb84ff5
591895548f1f166a16c790740656cb194d0f7760
d2e62fd34b70872cb8f68cd1fdae7f1476019968f63accab24e4d822933c07ff
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "D2E62FD34B70872CB8F68CD1FDAE7F1476019968F63ACCAB24E4D822933C07FF"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4354
Expires: Tue, 29 Nov 2022 04:55:30 GMT
Date: Tue, 29 Nov 2022 03:42:56 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 94d394d6beaad25971b7f1e02d93b841
07359fac8e3e5c10dee86bdb0d2a468ab90d8f9a
06c4f25efd09668ee6bc8cc7b4d278841c5abb5d31c0e029cda8b43c4ee4a489
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=127409
Date: Tue, 29 Nov 2022 03:42:56 GMT
Etag: "6384b816-1d7"
Expires: Wed, 30 Nov 2022 15:06:25 GMT
Last-Modified: Mon, 28 Nov 2022 13:31:02 GMT
Server: ECS (dcb/7FA7)
X-Cache: Miss from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Y3UZVRsqj_019qY3s_889gSi6s2eSWyKiXiuoMsix10BRRoVHo1BgQ==
Age: 5723
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 3892952e2aa30fd99aa8b38af94576eb
4ad7565d257ecaec1257e83973f4797c15df55a0
e28ab35fb6ec8ae099dbdf6f7d91582ad8d24cf4e912ff43a65b4ac0d818f223
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mycoffeekiss.com
Connection: keep-alive
Referer: https://mycoffeekiss.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 03:42:56 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://mycoffeekiss.com
access-control-allow-credentials: true
set-cookie: uid_id2=01d27615-e4d1-4c4a-a562-26443d03aeaf:1:1; expires=Fri, 26 Nov 2032 03:42:56 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 635eba2ec841f80118a858a94bb84ff5
591895548f1f166a16c790740656cb194d0f7760
d2e62fd34b70872cb8f68cd1fdae7f1476019968f63accab24e4d822933c07ff
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "D2E62FD34B70872CB8F68CD1FDAE7F1476019968F63ACCAB24E4D822933C07FF"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4354
Expires: Tue, 29 Nov 2022 04:55:30 GMT
Date: Tue, 29 Nov 2022 03:42:56 GMT
Connection: keep-alive
i0.wp.com/mycoffeekiss.com/wp-content/uploads/2022/09/cropped-quadrat-kasten-oder-wurfel-des-buchstaben-s-negativer-raum-logo-design-element-102296264-1.jpg?fit=32%2C32&ssl=1
192.0.77.2200 OK 372 B URL HTTP/2 i0.wp.com/mycoffeekiss.com/wp-content/uploads/2022/09/cropped-quadrat-kasten-oder-wurfel-des-buchstaben-s-negativer-raum-logo-design-element-102296264-1.jpg?fit=32%2C32&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 32x32, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f156d1451bc0128cb53cc608dfa91993
0f2af58ad94d2d8b40b92968e0ad362a4d745721
b97ffea04265c795e66aa8d832789c01997d113b1bdda3dd0b67d2ae2ddd996e
GET /mycoffeekiss.com/wp-content/uploads/2022/09/cropped-quadrat-kasten-oder-wurfel-des-buchstaben-s-negativer-raum-logo-design-element-102296264-1.jpg?fit=32%2C32&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycoffeekiss.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 03:42:56 GMT
content-type: image/webp
content-length: 372
last-modified: Fri, 25 Nov 2022 10:24:48 GMT
expires: Sun, 24 Nov 2024 22:24:48 GMT
cache-control: public, max-age=63115200
link: <https://mycoffeekiss.com/wp-content/uploads/2022/09/cropped-quadrat-kasten-oder-wurfel-des-buchstaben-s-negativer-raum-logo-design-element-102296264-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "1f613359d281212f"
vary: Accept
x-nc: MISS arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/mycoffeekiss.com/wp-content/uploads/2022/09/cropped-quadrat-kasten-oder-wurfel-des-buchstaben-s-negativer-raum-logo-design-element-102296264-1.jpg?fit=192%2C192&ssl=1
192.0.77.2200 OK 3.0 kB URL HTTP/2 i0.wp.com/mycoffeekiss.com/wp-content/uploads/2022/09/cropped-quadrat-kasten-oder-wurfel-des-buchstaben-s-negativer-raum-logo-design-element-102296264-1.jpg?fit=192%2C192&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 192x192, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash da649ef2bafc841df0206f6bb57dc4ff
4c0a49493c434273537d0d95bd54641ac6075ba3
37116db5916f6156ff1543c3767ef411722791417567d70e7e871e4a934c7c3f
GET /mycoffeekiss.com/wp-content/uploads/2022/09/cropped-quadrat-kasten-oder-wurfel-des-buchstaben-s-negativer-raum-logo-design-element-102296264-1.jpg?fit=192%2C192&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycoffeekiss.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 03:42:56 GMT
content-type: image/webp
content-length: 2966
last-modified: Thu, 08 Sep 2022 21:51:23 GMT
expires: Sun, 08 Sep 2024 09:51:23 GMT
cache-control: public, max-age=63115200
link: <https://mycoffeekiss.com/wp-content/uploads/2022/09/cropped-quadrat-kasten-oder-wurfel-des-buchstaben-s-negativer-raum-logo-design-element-102296264-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "2cc562ed01a937f4"
vary: Accept
x-nc: MISS arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6015
Expires: Tue, 29 Nov 2022 05:23:11 GMT
Date: Tue, 29 Nov 2022 03:42:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6015
Expires: Tue, 29 Nov 2022 05:23:11 GMT
Date: Tue, 29 Nov 2022 03:42:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6015
Expires: Tue, 29 Nov 2022 05:23:11 GMT
Date: Tue, 29 Nov 2022 03:42:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6015
Expires: Tue, 29 Nov 2022 05:23:11 GMT
Date: Tue, 29 Nov 2022 03:42:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6015
Expires: Tue, 29 Nov 2022 05:23:11 GMT
Date: Tue, 29 Nov 2022 03:42:56 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a2a5c8d4113d282600462749315f2c4f
e2b4d2e15bb7c086333c0da438873e4c139ba931
9b5d0e5dd11d4cbf1c78a71730cd63544170c91ab635bf3cf917827ac84874e6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4417
x-amzn-requestid: 01de83c2-51d2-4329-98f6-09a0edf46942
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnGEcRIAMFaXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852960-34583b6c588a0e937fcfaa46;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Jb1eLyzn88lV_UTId-Fl3OnftDn8c7o5j8d16_nzHCNST_68MZ1pvA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:50:08 GMT
age: 21168
etag: "e2b4d2e15bb7c086333c0da438873e4c139ba931"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 83c1fedec73299637cc7dc47c48af758
2e3f7326aeea6be8a34bf2c39b34862c07bfdc41
1fea143e23bb0156062f4c06569824900a67ed83cb99fd635d4c4ab968dc65e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4916
x-amzn-requestid: b8c80a6c-e3f1-4f20-beb8-27b0af760692
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrELFoAMFaeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-155cfb365525173c0ede8adb;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Twtw6dO3pjTB9OLi0HliKKCDgCuHRqgtx4PFTczrZQ9f8JztgXZoSg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 03:01:17 GMT
age: 2499
etag: "2e3f7326aeea6be8a34bf2c39b34862c07bfdc41"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe059c7ce-454d-453b-aead-18fae338f84c.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe059c7ce-454d-453b-aead-18fae338f84c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a4058fd62595d15c58b3d3266de9865a
d0dff35eb78f129b5da407043037bcf9c27e55c0
ab996c23d58871a2ad53f0c34688c87f0d7c0eac5d0c1d8265b86951248449fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe059c7ce-454d-453b-aead-18fae338f84c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4871
x-amzn-requestid: e2dfa7b8-ded7-4104-a913-1b84746a3c6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLDUUEy_oAMFgSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638118e8-0b229e0f60ff019d26800dd9;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 19:35:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9BUuT9WFwAQMnl8JiTDKo-zHgDL0AdjAAAIh0Mx405zbGwhvRouebQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 12:30:42 GMT
age: 54734
etag: "d0dff35eb78f129b5da407043037bcf9c27e55c0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3527eb28-888e-447d-90fd-1226d5b94433.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3527eb28-888e-447d-90fd-1226d5b94433.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 823e92f62ff7b3c2093828817d7f2866
c501de9eaa581a10b0b5fce40b54bb10f57f7c29
7d89669e23682f167b2fe1eff9edc5939112ec66b6b4e6389ef8aec78ccbdfe5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3527eb28-888e-447d-90fd-1226d5b94433.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8921
x-amzn-requestid: 98baf100-c007-4c44-89aa-b9cf55fa3f94
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnwFYToAMFoWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852964-1227b5a9100c206e0c64f4b2;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: awi49MMMlK51wHPbyBrBkL4N4g9lX3ea40LxyrYbYxe_FsfqelTcTQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:57:05 GMT
etag: "c501de9eaa581a10b0b5fce40b54bb10f57f7c29"
content-type: image/jpeg
age: 20751
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8d05305-0dee-4dad-a256-3b4083be8394.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8d05305-0dee-4dad-a256-3b4083be8394.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 73001f7390ae3a80bbbaa9d9bacbe488
f0410522b6dad8ebcbc2a64ff2193bafcfdc862e
49c02723bab596584abe2dd3dcb11c660538516587911ee033dd0e6e8ea5889f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8d05305-0dee-4dad-a256-3b4083be8394.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6716
x-amzn-requestid: 51e9f59e-558e-4bb4-8db5-741e0272f1fc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cV3cHHwqIAMFvoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63856c4d-48ecac9a4da2995b41abec49;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 02:19:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: wyF7fr2HqPh1eMePdqbRp2_SNhDOFYEki_pvMQGi0INPRR9QxznyGg==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 02:33:53 GMT
etag: "f0410522b6dad8ebcbc2a64ff2193bafcfdc862e"
content-type: image/jpeg
age: 4143
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F306bb762-e2a8-4771-9a39-086c46f94b11.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F306bb762-e2a8-4771-9a39-086c46f94b11.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 415b1b1d5a29fc17b4114bb3df1d1c22
600859401c885cc2cdd1f199cccc198eb41d6a04
abfbf4ecf2423736a29686859f6a8f2b77204b48f3f60d208f6d491e80611e7f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F306bb762-e2a8-4771-9a39-086c46f94b11.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7549
x-amzn-requestid: bb37235a-8c7d-47fe-abb6-6cc633560165
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP-7lHmsoAMF9lA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638311e3-1f2a4abc40119f3e026dc393;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:29:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -aUqAfyrtMO0hkr2J2lm5SNNFdtaJj-F2dpBULvXjfOV205Ksm0iHw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:42:03 GMT
age: 21653
etag: "600859401c885cc2cdd1f199cccc198eb41d6a04"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e070a2e472bf49ff35a7ac2946f41432
9631586d77f0490e24b120c15f242ba3d3605e83
c36e0fbc295a7addbaebcf0a1063dace45c4298077b48628f7ec38a3dd6f73e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C36E0FBC295A7ADDBAEBCF0A1063DACE45C4298077B48628F7EC38A3DD6F73E9"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18649
Expires: Tue, 29 Nov 2022 08:53:46 GMT
Date: Tue, 29 Nov 2022 03:42:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dd71cb59bfd5e31191d61da63fec244a
998886e4743fc393838dbee7a6632d392e268e73
54672c525e2462ddbb2e84b80945daede2e13469b8817d636dc12d5bb0b3bc47
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54672C525E2462DDBB2E84B80945DAEDE2E13469B8817D636DC12D5BB0B3BC47"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3208
Expires: Tue, 29 Nov 2022 04:36:25 GMT
Date: Tue, 29 Nov 2022 03:42:57 GMT
Connection: keep-alive
veilsuccessfully.com/sbar.json?key=2c24ac8e242dd31675f9930f571685cc&uuid=01d27615-e4d1-4c4a-a562-26443d03aeaf%3A1%3A1
173.233.137.52200 OK 2.5 kB URL HTTP/1.1 veilsuccessfully.com/sbar.json?key=2c24ac8e242dd31675f9930f571685cc&uuid=01d27615-e4d1-4c4a-a562-26443d03aeaf%3A1%3A1
IP 173.233.137.52:0
File type JSON data\012- , ASCII text, with very long lines (5886), with no line terminators
Hash 01f5f29427d22b5ca6c22eb751a0f560
bf66c5523ae4e12e368f74a103ba87fe8183d927
d4d232f7d1973adc37d7fe3b286aa8abf4cfa9d48f7ea8a9b4edf735b7a65a69
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=2c24ac8e242dd31675f9930f571685cc&uuid=01d27615-e4d1-4c4a-a562-26443d03aeaf%3A1%3A1 HTTP/1.1
Host: veilsuccessfully.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mycoffeekiss.com
Connection: keep-alive
Referer: https://mycoffeekiss.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 29 Nov 2022 03:42:57 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://mycoffeekiss.com
Access-Control-Allow-Origin: https://mycoffeekiss.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17565631; expires=Wed, 30 Nov 2022 03:42:57 GMT; secure; SameSite=None
uid_id2=01d27615-e4d1-4c4a-a562-26443d03aeaf:1:1; expires=Tue, 06 Dec 2022 03:42:57 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 30 Nov 2022 03:42:57 GMT; secure; SameSite=None
uncs=1; expires=Wed, 30 Nov 2022 03:42:57 GMT; secure; SameSite=None
pdhtkv29=true; expires=Wed, 30 Nov 2022 03:42:57 GMT; secure; SameSite=None
uncs29=1; expires=Wed, 30 Nov 2022 03:42:57 GMT; secure; SameSite=None
slec2c24ac8e242dd31675f9930f571685cc=[3760946]; expires=Tue, 29 Nov 2022 03:43:02 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b99c442e3f4d1ebb9b72d40efc0baf45
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
veilsuccessfully.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSujqsBfxwMXoQog%2BSg4M72z5kdc1jyw0gwv0giOVdXVe%2BWW93VVHVP7%2B7F1aDkoDAqYrz1frObRQ2S3JXE2Vx0QMh4CHvIHvwHFALxKjM7sPig6r2q7zu873vvs41yj7go6e6l83pNKkXnoqbbePOazLiubOPC1YbnNt3jjWsya4XHGyvjy3Tf8dyo6b7VeE%2BwZT3nu57req7XOCONSPTK3ASFzG93vGbHbYZ%2B04tCrJj%2Fv23pwFIHvLtHjkDy0bNLv92FZANk6Z3Twi4XOn%2F73bRUtNAGXb79Qbac6SpDelAmxkGSbU%2FZ0HZEyM1D0Nn2VAF0d3OsALEcEeeRhzjbnraJuLu132msIDLE%2FAVU3QGEGkDSAZi%2BDskfEoBxXLiILL11QZuKru6jdIyOyMzTJ5DViMw8fgVZ%2BtNJJVcaV7QqC6kzi5WkhlwZQC4OkJc7KNYcyGoHrPgEkv9B5p6eQ5ZuXrRKQ%2FLdY67H%2FXbLi2ZFyL3ZkIV0lkYtf9ZvhWHA3YAKmkwsknIAmQygRA%2FUOijHRzooEwdl7iDluw0adRLXbSdxEgTzIWMsCBiL5ls84kE4n7go2VhDD0XeA1M9MLOO3KxjWfZgyvuwSzUsd2ALgi6vUQmCyhJUlKCSBFVBUHXrLa6sb%2BtbXNky9qbZn%2Bag7uticYNu6WJRZGQj3yMvj41zXjx8D8tit%2BEzP6RsXvihz3ngtdpR0ukEbhK1vdZ8xBisrCHtoYnMNTkiR7%2F4F7kckcMnXkJMd2DVDpg8Clq%2BBlr1274LutQP512sZXfSVaaTRIhlaW2T6RRc18iLGRSrzobaI69OhthhPgQbLjz5%2Ff71I9lNMFMjNzU%2BlA8IFtWN%2FmVdkc3LurLk7sW8kKlco%2BMBXyloIWZ%2BeF%2BsVtrws6dt7%2FsTbAyMy9tXhS3O0YzLbNGSH09KzoU5ow0T5Jez9pqIL5V26WRpsjI%2Fd%2BnUmbNpboS1UmcDUPmw%2FTWYHJHnz69PVvf1zx9AmgFMWSMth2QakHoHLF%2BHzYcLf5%2F65uPnjj2G1QRGHXDi3EFV1n3jxwefSo5I8N0bUGK48NWNb5d%2BfvQXaFzDigMbYjG8988%2Bf8PewKJxQIvryNIaXVOjq2pQ1YMtn%2BkXuRku%2FBlMArFy%2BrEyzmasjPpy314rdxsiStxEuL6Ik06ctKnLO0nYiWnHE%2B04oh4KO2KffvTrfwAAAP%2F%2FAQAA%2F%2F%2Fbg6e4lgQAAA%3D%3D
173.233.137.52200 OK 7 B URL HTTP/1.1 veilsuccessfully.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSujqsBfxwMXoQog%2BSg4M72z5kdc1jyw0gwv0giOVdXVe%2BWW93VVHVP7%2B7F1aDkoDAqYrz1frObRQ2S3JXE2Vx0QMh4CHvIHvwHFALxKjM7sPig6r2q7zu873vvs41yj7go6e6l83pNKkXnoqbbePOazLiubOPC1YbnNt3jjWsya4XHGyvjy3Tf8dyo6b7VeE%2BwZT3nu57req7XOCONSPTK3ASFzG93vGbHbYZ%2B04tCrJj%2Fv23pwFIHvLtHjkDy0bNLv92FZANk6Z3Twi4XOn%2F73bRUtNAGXb79Qbac6SpDelAmxkGSbU%2FZ0HZEyM1D0Nn2VAF0d3OsALEcEeeRhzjbnraJuLu132msIDLE%2FAVU3QGEGkDSAZi%2BDskfEoBxXLiILL11QZuKru6jdIyOyMzTJ5DViMw8fgVZ%2BtNJJVcaV7QqC6kzi5WkhlwZQC4OkJc7KNYcyGoHrPgEkv9B5p6eQ5ZuXrRKQ%2FLdY67H%2FXbLi2ZFyL3ZkIV0lkYtf9ZvhWHA3YAKmkwsknIAmQygRA%2FUOijHRzooEwdl7iDluw0adRLXbSdxEgTzIWMsCBiL5ls84kE4n7go2VhDD0XeA1M9MLOO3KxjWfZgyvuwSzUsd2ALgi6vUQmCyhJUlKCSBFVBUHXrLa6sb%2BtbXNky9qbZn%2Bag7uticYNu6WJRZGQj3yMvj41zXjx8D8tit%2BEzP6RsXvihz3ngtdpR0ukEbhK1vdZ8xBisrCHtoYnMNTkiR7%2F4F7kckcMnXkJMd2DVDpg8Clq%2BBlr1274LutQP512sZXfSVaaTRIhlaW2T6RRc18iLGRSrzobaI69OhthhPgQbLjz5%2Ff71I9lNMFMjNzU%2BlA8IFtWN%2FmVdkc3LurLk7sW8kKlco%2BMBXyloIWZ%2BeF%2BsVtrws6dt7%2FsTbAyMy9tXhS3O0YzLbNGSH09KzoU5ow0T5Jez9pqIL5V26WRpsjI%2Fd%2BnUmbNpboS1UmcDUPmw%2FTWYHJHnz69PVvf1zx9AmgFMWSMth2QakHoHLF%2BHzYcLf5%2F65uPnjj2G1QRGHXDi3EFV1n3jxwefSo5I8N0bUGK48NWNb5d%2BfvQXaFzDigMbYjG8988%2Bf8PewKJxQIvryNIaXVOjq2pQ1YMtn%2BkXuRku%2FBlMArFy%2BrEyzmasjPpy314rdxsiStxEuL6Ik06ctKnLO0nYiWnHE%2B04oh4KO2KffvTrfwAAAP%2F%2FAQAA%2F%2F%2Fbg6e4lgQAAA%3D%3D
IP 173.233.137.52:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSujqsBfxwMXoQog%2BSg4M72z5kdc1jyw0gwv0giOVdXVe%2BWW93VVHVP7%2B7F1aDkoDAqYrz1frObRQ2S3JXE2Vx0QMh4CHvIHvwHFALxKjM7sPig6r2q7zu873vvs41yj7go6e6l83pNKkXnoqbbePOazLiubOPC1YbnNt3jjWsya4XHGyvjy3Tf8dyo6b7VeE%2BwZT3nu57req7XOCONSPTK3ASFzG93vGbHbYZ%2B04tCrJj%2Fv23pwFIHvLtHjkDy0bNLv92FZANk6Z3Twi4XOn%2F73bRUtNAGXb79Qbac6SpDelAmxkGSbU%2FZ0HZEyM1D0Nn2VAF0d3OsALEcEeeRhzjbnraJuLu132msIDLE%2FAVU3QGEGkDSAZi%2BDskfEoBxXLiILL11QZuKru6jdIyOyMzTJ5DViMw8fgVZ%2BtNJJVcaV7QqC6kzi5WkhlwZQC4OkJc7KNYcyGoHrPgEkv9B5p6eQ5ZuXrRKQ%2FLdY67H%2FXbLi2ZFyL3ZkIV0lkYtf9ZvhWHA3YAKmkwsknIAmQygRA%2FUOijHRzooEwdl7iDluw0adRLXbSdxEgTzIWMsCBiL5ls84kE4n7go2VhDD0XeA1M9MLOO3KxjWfZgyvuwSzUsd2ALgi6vUQmCyhJUlKCSBFVBUHXrLa6sb%2BtbXNky9qbZn%2Bag7uticYNu6WJRZGQj3yMvj41zXjx8D8tit%2BEzP6RsXvihz3ngtdpR0ukEbhK1vdZ8xBisrCHtoYnMNTkiR7%2F4F7kckcMnXkJMd2DVDpg8Clq%2BBlr1274LutQP512sZXfSVaaTRIhlaW2T6RRc18iLGRSrzobaI69OhthhPgQbLjz5%2Ff71I9lNMFMjNzU%2BlA8IFtWN%2FmVdkc3LurLk7sW8kKlco%2BMBXyloIWZ%2BeF%2BsVtrws6dt7%2FsTbAyMy9tXhS3O0YzLbNGSH09KzoU5ow0T5Jez9pqIL5V26WRpsjI%2Fd%2BnUmbNpboS1UmcDUPmw%2FTWYHJHnz69PVvf1zx9AmgFMWSMth2QakHoHLF%2BHzYcLf5%2F65uPnjj2G1QRGHXDi3EFV1n3jxwefSo5I8N0bUGK48NWNb5d%2BfvQXaFzDigMbYjG8988%2Bf8PewKJxQIvryNIaXVOjq2pQ1YMtn%2BkXuRku%2FBlMArFy%2BrEyzmasjPpy314rdxsiStxEuL6Ik06ctKnLO0nYiWnHE%2B04oh4KO2KffvTrfwAAAP%2F%2FAQAA%2F%2F%2Fbg6e4lgQAAA%3D%3D HTTP/1.1
Host: veilsuccessfully.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycoffeekiss.com/
Cookie: u_pl=17565631; uid_id2=01d27615-e4d1-4c4a-a562-26443d03aeaf:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec2c24ac8e242dd31675f9930f571685cc=[3760946]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 29 Nov 2022 03:42:57 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4ae3fc77d8f97ed3c8ee6eef016a0a51
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=01d27615-e4d1-4c4a-a562-26443d03aeaf&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=2c24ac8e242dd31675f9930f571685cc&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=3
192.243.61.225200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=01d27615-e4d1-4c4a-a562-26443d03aeaf&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=2c24ac8e242dd31675f9930f571685cc&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=3
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=01d27615-e4d1-4c4a-a562-26443d03aeaf&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=2c24ac8e242dd31675f9930f571685cc&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=3 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycoffeekiss.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 29 Nov 2022 03:42:57 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7b0772bb790b3f8c7d4663615027c6fe
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 666862f4814e01580d5eda6267101cf3
df635667f6dae8be205caf550fc95c16d17a01a5
f6f33ec68b533f749a2cef620edba5fba65b437d2dd9e7a8bd6d3e19d0581db6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6F33EC68B533F749A2CEF620EDBA5FBA65B437D2DD9E7A8BD6D3E19D0581DB6"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9662
Expires: Tue, 29 Nov 2022 06:23:59 GMT
Date: Tue, 29 Nov 2022 03:42:57 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3c22f6742a681063615a548ae5fbc532
631eaaad4049c5b6f54eb2b4e127b77240868636
a8e170fec241ad3ec9acc075fa8d7ce2184d129bf69f5ace3e7229aa3bfd59c7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A8E170FEC241AD3EC9ACC075FA8D7CE2184D129BF69F5ACE3E7229AA3BFD59C7"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8911
Expires: Tue, 29 Nov 2022 06:11:28 GMT
Date: Tue, 29 Nov 2022 03:42:57 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3c22f6742a681063615a548ae5fbc532
631eaaad4049c5b6f54eb2b4e127b77240868636
a8e170fec241ad3ec9acc075fa8d7ce2184d129bf69f5ace3e7229aa3bfd59c7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A8E170FEC241AD3EC9ACC075FA8D7CE2184D129BF69F5ACE3E7229AA3BFD59C7"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8911
Expires: Tue, 29 Nov 2022 06:11:28 GMT
Date: Tue, 29 Nov 2022 03:42:57 GMT
Connection: keep-alive
veilsuccessfully.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Findex.html&l=3323&fd=397
173.233.137.52200 OK 0 B URL HTTP/1.1 veilsuccessfully.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Findex.html&l=3323&fd=397
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Findex.html&l=3323&fd=397 HTTP/1.1
Host: veilsuccessfully.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycoffeekiss.com/
Cookie: u_pl=17565631; uid_id2=01d27615-e4d1-4c4a-a562-26443d03aeaf:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec2c24ac8e242dd31675f9930f571685cc=[3760946]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 29 Nov 2022 03:42:57 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/img/flash-logo.png
172.64.108.13200 OK 9.4 kB URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/img/flash-logo.png
IP 172.64.108.13:0
File type PNG image data, 240 x 240, 8-bit colormap, non-interlaced\012- data
Hash 910542c04f8bf2f90ee33d17d538a006
18d5943e5d51539038f7988c34bccef2937c5545
5969cb3c5c4f573f5c05035ddf9748ee17d5c71df6fca4e484f65d30e2694e57
GET /sb/interstitial/software/flashPlayer/mac/multi/1/img/flash-logo.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 03:42:57 GMT
content-type: image/png
content-length: 9360
last-modified: Wed, 01 Sep 2021 12:22:39 GMT
etag: "612f708f-2490"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1173047
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eRpviezMzg3Dd0rd7xdUpqOB2rGJJ0PQ3ILH%2F3gHrczv%2BaQO95Vj%2F1MM7BXN6vL%2F5%2FQikDntEiiJkHSU9gfYw%2FFsFZ2BeKes64Lh9cBe5HDf10qIlLHo7jTd1zhE%2FrT9afiQDJwYEAk8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7718561c7d9f75cc-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/js/jquery.min.js
172.64.108.13200 OK 31 kB URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/js/jquery.min.js
IP 172.64.108.13:0
File type ASCII text, with very long lines (32025), with CRLF line terminators
Hash 1f1e5fc59561cb170d09affae221e70d
e21e9f00851f45e232d916732319cec7d540a246
26ec7b4de57592fe5539c799f584d998d87dabd8e3306cf40982184e7c2c4c5a
GET /sb/interstitial/software/flashPlayer/mac/multi/1/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 03:42:58 GMT
content-type: application/javascript
last-modified: Wed, 01 Sep 2021 12:22:37 GMT
etag: W/"612f708d-149a0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1173048
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HktTvhkt%2BlMuk%2BE9cGKXxmAOMLIs%2BH90wBcRsiN9KZbfgxjeE5uOsQJuozuTjdcxp3ISvUK3j0R9O%2FGME14onmUo6tnamBchEiUfNfeO%2FP9OOZAKhvhjy3AqAzFw%2BAmaLu2JeJMAFExg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7718561c7da175cc-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/img/close.svg
172.64.108.13200 OK 576 B URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/img/close.svg
IP 172.64.108.13:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text
Hash 18f3547b5335a975f204deab07ab753a
5cf6d0d1749a2a97986c71071e87303b16267b2b
837d0d7cee53ef4b76f755260e9ac1b5d798ecc4671c82b57a40514590170791
GET /sb/interstitial/software/flashPlayer/mac/multi/1/img/close.svg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 03:42:57 GMT
content-type: image/svg+xml
last-modified: Wed, 01 Sep 2021 12:22:39 GMT
etag: W/"612f708f-4ff"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1173047
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9wausfJcYuRF0dXJBkwc78SppoK7888YhXUuTI78GVimA%2F5OC4A02GXqrvhrxnJFN7xIyWSBDYNJBZT93t%2FqI8SF8KdZug1gExpJx%2BjG1pS5GxMpjF7ZTtBZDvqKspUyEqhNLKueeRvC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7718561c7d9d75cc-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
veilsuccessfully.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Fcss%2Fstyle.css&l=4522&fd=344
173.233.137.52200 OK 0 B URL HTTP/1.1 veilsuccessfully.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Fcss%2Fstyle.css&l=4522&fd=344
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Fcss%2Fstyle.css&l=4522&fd=344 HTTP/1.1
Host: veilsuccessfully.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycoffeekiss.com/
Cookie: u_pl=17565631; uid_id2=01d27615-e4d1-4c4a-a562-26443d03aeaf:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec2c24ac8e242dd31675f9930f571685cc=[3760946]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 29 Nov 2022 03:42:58 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/js/script.js
172.64.108.13200 OK 12 kB URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/js/script.js
IP 172.64.108.13:0
Hash d21e57396a265f441bcc76c55c2a33aa
7efbaf4e164f96f0f47bb8103ff2ebff8142f063
7abb79b0b4637cfe12f620051352d2561c0fee6b48ab7948f6035fffc051d616
GET /sb/interstitial/software/flashPlayer/mac/multi/1/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mycoffeekiss.com
Connection: keep-alive
Referer: https://mycoffeekiss.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 03:42:58 GMT
content-type: application/javascript
last-modified: Wed, 01 Sep 2021 12:22:36 GMT
etag: W/"612f708c-7082"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kiPVzmPGsmTmElVun9OPQtwkl6%2FCsKeDpzC2pIv8doCuCxj%2F3ZyRL6ArIbW38rdZY%2B2mA5a0amjHn9zaRwkvDOzkCny8KAt3v5Y4j7bEPjZgYC10mw1m4ol%2F2dGP3MWidjgOngAQP993"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7718561cedd375cc-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
veilsuccessfully.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzYscRRSvjqsBPw4GL0KUQXJQcGf7cz7MYcmHkWC%2BSCI5V1dV75Zb3dVUdU%2Fv7sXVoOSgMCpivPX%2BZjeLGiS5K4mzueiCkPEQ9pA9%2BA8oBOJVZnZg8UHVe1W%2F3%2BH9fu99tl7uERcl3b10Xq9Kpehc1HQbb16TGdeVbVy42vDcpnu8cU1mrfB4Y3l8md47nhs13bca7wm2pOd813Ndz%2FUaZ6QRiV6em6CQ%2Be2u1%2By6zdBvelGIZfP%2Fty0dWOqA9%2FbIEUg%2Benbxt7uQbIgsvXNa2KVC52%2B%2Fm5aKFtqgx7c%2ByJYyXWVID8rEOEiyrSkb2o4IuXkIOtuaKoDubYwVIJYj4jzyEGdb0zYR9zb3O40VRIaYv4CqN4RQQ0g6BNPXIflDAjCOCxeRpbcuaFPRlX2UjtERmXn6BLIakZnHryBLfzqp5HLjilZlIXVmsZzUkMtDyIUh8nIbxaoDWW2DFZ9A8j%2FI3NNzyNKNi1ZpSL57zPW432550awIuTcbspDO0qjlz%2FqtMAy4G1BBk4lFUg4hkyGU6INaB%2BX4SAdl4qDMHaR8t0GjbuK67SROgqATMsaCgLGo0%2BIRD8JO4qJkYw19FHkfTPXBzBpys4Yl2Ycp78Mu1rDcgS0IerxGJQgqS1BRgkoSVAVB1as3ubK%2BrW9xZcvYm2Z%2FmoN6oIuFdbqpiwWRkfV8j7w8Ns558fA9LIndhs%2F8kLKO8EOf88BrtaOk2w3cJGp7rU7EGKysIe2hicxVOSJHv%2FgXuRyRwydeQky3YdU2mDwKWr4GWg3avgu6OAg7LlazO%2BkK00kixJK0tsl0Cq5r5MUMihVnXe2RVydD7DIfgu3MP%2Fn9%2FvUj2U0wUyM3NT6UDwgW1I3BZV2Rjcu6suTuxbyQqVyl4wFfKWghZn54X6xU2vCzp23%2F%2BxNsDIzL21eFLc7RjMtswZIfT0rOhTmjDRPkl7P2mogvlXbxZGmyMj936dSZs2luhLVSZ0NQ%2BbD9NZgckefPr01W9%2FXPH0CaIUxZIy13yDQg9TZYvgab78z%2Ffeqbj5879hhWExh1wIlzB1VZD4wfH3wqOSLBd29AiZ35r258u%2Fjzo79A4xpWHNgQi517%2F%2Bzz1%2B0NLBgHtLiOLK3RMzV6qgZVfdjymUGRm535P4NJIFbOIFbG2YiVUV%2Fu22vlbiPyQtGJO23GeSwY99p%2B0Alc1%2Bc8bHeF10VhR%2BzTj379DwAA%2F%2F8BAAD%2F%2F8%2BLKV6WBAAA
173.233.137.52200 OK 7 B URL HTTP/1.1 veilsuccessfully.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzYscRRSvjqsBPw4GL0KUQXJQcGf7cz7MYcmHkWC%2BSCI5V1dV75Zb3dVUdU%2Fv7sXVoOSgMCpivPX%2BZjeLGiS5K4mzueiCkPEQ9pA9%2BA8oBOJVZnZg8UHVe1W%2F3%2BH9fu99tl7uERcl3b10Xq9Kpehc1HQbb16TGdeVbVy42vDcpnu8cU1mrfB4Y3l8md47nhs13bca7wm2pOd813Ndz%2FUaZ6QRiV6em6CQ%2Be2u1%2By6zdBvelGIZfP%2Fty0dWOqA9%2FbIEUg%2Benbxt7uQbIgsvXNa2KVC52%2B%2Fm5aKFtqgx7c%2ByJYyXWVID8rEOEiyrSkb2o4IuXkIOtuaKoDubYwVIJYj4jzyEGdb0zYR9zb3O40VRIaYv4CqN4RQQ0g6BNPXIflDAjCOCxeRpbcuaFPRlX2UjtERmXn6BLIakZnHryBLfzqp5HLjilZlIXVmsZzUkMtDyIUh8nIbxaoDWW2DFZ9A8j%2FI3NNzyNKNi1ZpSL57zPW432550awIuTcbspDO0qjlz%2FqtMAy4G1BBk4lFUg4hkyGU6INaB%2BX4SAdl4qDMHaR8t0GjbuK67SROgqATMsaCgLGo0%2BIRD8JO4qJkYw19FHkfTPXBzBpys4Yl2Ycp78Mu1rDcgS0IerxGJQgqS1BRgkoSVAVB1as3ubK%2BrW9xZcvYm2Z%2FmoN6oIuFdbqpiwWRkfV8j7w8Ns558fA9LIndhs%2F8kLKO8EOf88BrtaOk2w3cJGp7rU7EGKysIe2hicxVOSJHv%2FgXuRyRwydeQky3YdU2mDwKWr4GWg3avgu6OAg7LlazO%2BkK00kixJK0tsl0Cq5r5MUMihVnXe2RVydD7DIfgu3MP%2Fn9%2FvUj2U0wUyM3NT6UDwgW1I3BZV2Rjcu6suTuxbyQqVyl4wFfKWghZn54X6xU2vCzp23%2F%2BxNsDIzL21eFLc7RjMtswZIfT0rOhTmjDRPkl7P2mogvlXbxZGmyMj936dSZs2luhLVSZ0NQ%2BbD9NZgckefPr01W9%2FXPH0CaIUxZIy13yDQg9TZYvgab78z%2Ffeqbj5879hhWExh1wIlzB1VZD4wfH3wqOSLBd29AiZ35r258u%2Fjzo79A4xpWHNgQi517%2F%2Bzz1%2B0NLBgHtLiOLK3RMzV6qgZVfdjymUGRm535P4NJIFbOIFbG2YiVUV%2Fu22vlbiPyQtGJO23GeSwY99p%2B0Alc1%2Bc8bHeF10VhR%2BzTj379DwAA%2F%2F8BAAD%2F%2F8%2BLKV6WBAAA
IP 173.233.137.52:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSzYscRRSvjqsBPw4GL0KUQXJQcGf7cz7MYcmHkWC%2BSCI5V1dV75Zb3dVUdU%2Fv7sXVoOSgMCpivPX%2BZjeLGiS5K4mzueiCkPEQ9pA9%2BA8oBOJVZnZg8UHVe1W%2F3%2BH9fu99tl7uERcl3b10Xq9Kpehc1HQbb16TGdeVbVy42vDcpnu8cU1mrfB4Y3l8md47nhs13bca7wm2pOd813Ndz%2FUaZ6QRiV6em6CQ%2Be2u1%2By6zdBvelGIZfP%2Fty0dWOqA9%2FbIEUg%2Benbxt7uQbIgsvXNa2KVC52%2B%2Fm5aKFtqgx7c%2ByJYyXWVID8rEOEiyrSkb2o4IuXkIOtuaKoDubYwVIJYj4jzyEGdb0zYR9zb3O40VRIaYv4CqN4RQQ0g6BNPXIflDAjCOCxeRpbcuaFPRlX2UjtERmXn6BLIakZnHryBLfzqp5HLjilZlIXVmsZzUkMtDyIUh8nIbxaoDWW2DFZ9A8j%2FI3NNzyNKNi1ZpSL57zPW432550awIuTcbspDO0qjlz%2FqtMAy4G1BBk4lFUg4hkyGU6INaB%2BX4SAdl4qDMHaR8t0GjbuK67SROgqATMsaCgLGo0%2BIRD8JO4qJkYw19FHkfTPXBzBpys4Yl2Ycp78Mu1rDcgS0IerxGJQgqS1BRgkoSVAVB1as3ubK%2BrW9xZcvYm2Z%2FmoN6oIuFdbqpiwWRkfV8j7w8Ns558fA9LIndhs%2F8kLKO8EOf88BrtaOk2w3cJGp7rU7EGKysIe2hicxVOSJHv%2FgXuRyRwydeQky3YdU2mDwKWr4GWg3avgu6OAg7LlazO%2BkK00kixJK0tsl0Cq5r5MUMihVnXe2RVydD7DIfgu3MP%2Fn9%2FvUj2U0wUyM3NT6UDwgW1I3BZV2Rjcu6suTuxbyQqVyl4wFfKWghZn54X6xU2vCzp23%2F%2BxNsDIzL21eFLc7RjMtswZIfT0rOhTmjDRPkl7P2mogvlXbxZGmyMj936dSZs2luhLVSZ0NQ%2BbD9NZgckefPr01W9%2FXPH0CaIUxZIy13yDQg9TZYvgab78z%2Ffeqbj5879hhWExh1wIlzB1VZD4wfH3wqOSLBd29AiZ35r258u%2Fjzo79A4xpWHNgQi517%2F%2Bzz1%2B0NLBgHtLiOLK3RMzV6qgZVfdjymUGRm535P4NJIFbOIFbG2YiVUV%2Fu22vlbiPyQtGJO23GeSwY99p%2B0Alc1%2Bc8bHeF10VhR%2BzTj379DwAA%2F%2F8BAAD%2F%2F8%2BLKV6WBAAA HTTP/1.1
Host: veilsuccessfully.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycoffeekiss.com/
Cookie: u_pl=17565631; uid_id2=01d27615-e4d1-4c4a-a562-26443d03aeaf:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec2c24ac8e242dd31675f9930f571685cc=[3760946]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 29 Nov 2022 03:42:58 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4e556f72f0b0bff22ac988b9bb1fb797
Strict-Transport-Security: max-age=0; includeSubdomains
veilsuccessfully.com/pixel/sbs?c=1
173.233.137.52200 OK 0 B URL HTTP/1.1 veilsuccessfully.com/pixel/sbs?c=1
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: veilsuccessfully.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycoffeekiss.com/
Cookie: u_pl=17565631; uid_id2=01d27615-e4d1-4c4a-a562-26443d03aeaf:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec2c24ac8e242dd31675f9930f571685cc=[3760946]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 29 Nov 2022 03:42:58 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycoffeekiss.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 03:42:55 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
content-encoding: br
expires: Wed, 29 Nov 2023 03:42:55 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/wp-mediaelement.min.css
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/wp-mediaelement.min.css
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/js/mediaelement/wp-mediaelement.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycoffeekiss.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 03:42:55 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
content-encoding: br
expires: Wed, 29 Nov 2023 03:42:55 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/11.5.1/css/jetpack.css
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/p/jetpack/11.5.1/css/jetpack.css
IP 192.0.77.37:0
GET /p/jetpack/11.5.1/css/jetpack.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycoffeekiss.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 03:42:55 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 25 Oct 2022 13:51:34 GMT
content-encoding: br
expires: Wed, 29 Nov 2023 03:42:55 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
104.21.234.92200 OK 0 B URL HTTP/2 friendshipmale.com/sfp.js
IP 104.21.234.92:0
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycoffeekiss.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 03:42:56 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: b540270ab50ec9a990f64018e2be8d86
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Tue, 29 Nov 2022 03:42:56 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P32U7gA4dzGRWDcXXHiLo1F6hnKoXgVBz0rRal0yuretaPvDaKGX9Vp8eHOYAAfDJXMtXzlXa2kGTfrS2C5zroqbFhgA1Tui2Y00j7LaaXsDTP%2B3EkvaK%2BRT0FnnAfk4VHm9UlI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77185610feb575de-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/css/style.css
172.64.108.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/css/style.css
IP 172.64.108.13:0
GET /sb/interstitial/software/flashPlayer/mac/multi/1/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mycoffeekiss.com
Connection: keep-alive
Referer: https://mycoffeekiss.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 03:42:58 GMT
content-type: text/css
last-modified: Wed, 01 Sep 2021 12:22:34 GMT
etag: W/"612f708a-11aa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pyMleNfca51LO0OysN%2F3xClR978QMIYffaWuk7nIPUcGhQ821ga%2FES3ENIHxm6%2BQTpMuorgBRSrACE7Vw769hi7hVETKWQYKS7LNwDTVF96ndHxQUXtxOK71CcifnoEvEwilYU7FOwXO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7718561c3d8775cc-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mycoffeekiss.com/
172.67.214.180200 OK 0 B IP 172.67.214.180:0
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: mycoffeekiss.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 29 Nov 2022 03:42:55 GMT
content-type: text/html; charset=UTF-8
link: <https://mycoffeekiss.com/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e3W%2B3sogAYComzGjxWgoyKTbbiapW0jRmXkJM8eh8q7G9Dom1UOIQLMPPMRvh2I3cka6VOXRpvQm%2BI%2BMLDh%2BeTsLwfVG9O%2B9SAS4iS1N0CF9pHDnwaTdL0yQzev7%2BaER%2FIxq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77185608ce5e0b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycoffeekiss.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 03:42:55 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
content-encoding: br
expires: Wed, 29 Nov 2023 03:42:55 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/css/dist/block-library/style.min.css
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/css/dist/block-library/style.min.css
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycoffeekiss.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 03:42:55 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 11 Nov 2022 14:56:45 GMT
content-encoding: br
expires: Wed, 29 Nov 2023 03:42:55 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/interstitial/software/flashPlayer/mac/multi/1/index.html
45.133.44.4200 OK 0 B URL HTTP/2 cdn.barscreative1.com/sb/interstitial/software/flashPlayer/mac/multi/1/index.html
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert fortinet Phishing
GET /sb/interstitial/software/flashPlayer/mac/multi/1/index.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mycoffeekiss.com
Connection: keep-alive
Referer: https://mycoffeekiss.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 03:42:57 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Wed, 01 Sep 2021 12:22:33 GMT
etag: W/"612f7089-cfb"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Tue, 29 Nov 2022 04:42:57 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/11.5.1/_inc/build/photon/photon.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/p/jetpack/11.5.1/_inc/build/photon/photon.min.js
IP 192.0.77.37:0
GET /p/jetpack/11.5.1/_inc/build/photon/photon.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycoffeekiss.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 03:42:55 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 07 Dec 2021 16:56:47 GMT
content-encoding: br
expires: Wed, 29 Nov 2023 03:42:55 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins%3A400%2C400i%2C700%2C700i%7CRubik%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Poppins%3A400%2C400i%2C700%2C700i%7CRubik%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext
IP 142.250.74.10:0
GET /css?family=Poppins%3A400%2C400i%2C700%2C700i%7CRubik%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycoffeekiss.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 29 Nov 2022 03:42:55 GMT
date: Tue, 29 Nov 2022 03:42:55 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/css/animate.css
172.64.108.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/css/animate.css
IP 172.64.108.13:0
GET /sb/interstitial/software/flashPlayer/mac/multi/1/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mycoffeekiss.com
Connection: keep-alive
Referer: https://mycoffeekiss.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 03:42:58 GMT
content-type: text/css
last-modified: Wed, 01 Sep 2021 12:22:34 GMT
etag: W/"612f708a-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1DD4r4qc2OGXXbWYUk6HdVdeWvlVmX80LzeYEZWZvZEAj%2BljX1IzGkx1jslJIPD5Da7Jv3%2BWcUBWW6MNjs%2BlsTOqGI7KXfzJ2xwFoSN9oE60AGOsgjNFd6S8S3%2FrNqk97FmUaPCtDD%2B0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7718561c3d8575cc-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2