r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash aabe410b4bbe4d8beb0e4561d3aa158e
e1788632902ddea62cdd9e7ad6009a75ffb69788
ad535e27b201e92670770b2b868c58f7c05633ec66490a41ef4592f062834c1f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD535E27B201E92670770B2B868C58F7C05633EC66490A41EF4592F062834C1F"
Last-Modified: Wed, 09 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3074
Expires: Fri, 11 Nov 2022 15:18:29 GMT
Date: Fri, 11 Nov 2022 14:27:15 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 4edf853c470fcec0ab277c78527f3c2d
de93530ce15337e671c488d9fe05e7091d4956f0
b9d7976b398b1243ff8a571ddd3975d3a1317d69101061bdb1a755b3b56620e6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5078
Cache-Control: max-age=163730
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 14:27:15 GMT
Etag: "636e247f-1d7"
Expires: Sun, 13 Nov 2022 11:56:05 GMT
Last-Modified: Fri, 11 Nov 2022 10:31:27 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 11 Nov 2022 13:44:01 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2594
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5076aaa9f4ccd602540286ce0590cb9a
bbf7936a8413a564478971d9e19beb6338cbc869
00e3b967c579b0ccf709b78d497a43d95646b16eb50925fef1e2694c58f290b2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "00E3B967C579B0CCF709B78D497A43D95646B16EB50925FEF1E2694C58F290B2"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8259
Expires: Fri, 11 Nov 2022 16:44:54 GMT
Date: Fri, 11 Nov 2022 14:27:15 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Z3VDFMON2e9rIpCnEjT7hfF/+ggwkoCQqTjj/sZ8F8QquklXGFMqDqVp2rHyrVq0X/qxIOJmVG4=
x-amz-request-id: RYDBV761RXD7MYJQ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 11 Nov 2022 14:12:36 GMT
age: 879
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
sweets2die4.com/
301 Moved Permanently 0 B IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: sweets2die4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 11 Nov 2022 14:27:13 GMT
Server: nginx/1.21.6
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Vary: Accept-Encoding,Cookie
X-Redirect-By: WordPress
Location: https://sweets2die4.com/
X-Server-Cache: true
X-Proxy-Cache: HIT
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 11 Nov 2022 14:27:15 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Cache-Control, Retry-After, Content-Length, Expires, ETag, Pragma, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 11 Nov 2022 14:24:58 GMT
cache-control: public,max-age=3600
age: 138
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2ca04f573c26272312739970ca26ab3b
dab286019683100eb89b9b2d197fc968dd984703
6bbadbbbd7d28e6feefb48d02ab74061dc981c20bdeb779773b5bac98fedcf81
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6BBADBBBD7D28E6FEEFB48D02AB74061DC981C20BDEB779773B5BAC98FEDCF81"
Last-Modified: Wed, 09 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21598
Expires: Fri, 11 Nov 2022 20:27:14 GMT
Date: Fri, 11 Nov 2022 14:27:16 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash f7ff606fbc8634c858bbc04b69f55cf6
2441de2cba649239efd0dae7a878d7ef2245c0b4
95154e0dbb7e827b8f893cc141f986c29634ead618256470d753429aa65a0548
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 217
Cache-Control: max-age=153793
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 14:27:16 GMT
Etag: "636e10ac-1d7"
Expires: Sun, 13 Nov 2022 09:10:29 GMT
Last-Modified: Fri, 11 Nov 2022 09:06:52 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: T+RzfMHzeMi4DvKDTSsv0w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: dFc8NzMpx7sRIumtY0gqDzWKPIc=
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 06d7d61a20669050493c3fd5d2b9798e
5d2d51f23582ef785072cdd0ca9ccf859b563b2d
653662665ea3298734fa313f693216a3932a64ac2903986d7415f60f97bcf27f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 14:27:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sweets2die4.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.2.5
200 OK 3.0 kB URL HTTP/2 sweets2die4.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.2.5
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (10019)
Hash c2b5af6052f630a96e450e5e2a3cea52
00ca76a8828a1bbec1534eb10786804fd36492f2
58f6cc2d4fa3e528622102975fb62949dc0170bd47b588a67318d18552a57d59
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.2.5 HTTP/1.1
Host: sweets2die4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweets2die4.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 16 Jun 2021 18:35:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2997
content-type: text/css
date: Fri, 11 Nov 2022 14:27:17 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COvo%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CShadows+Into+Light%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=5.7.8
200 OK 2.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COvo%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CShadows+Into+Light%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=5.7.8
IP
Hash ab515f9ccaa4ffd2d5b05eb9ff3e1434
849e77d7a4233648c6ba3d0fccdfe008cb744cdb
dc42421119c0c4da6d06161eae3a061f6ecac085a53b318043189c32f144c4af
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COvo%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CShadows+Into+Light%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=5.7.8 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweets2die4.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 11 Nov 2022 14:27:17 GMT
date: Fri, 11 Nov 2022 14:27:17 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sweets2die4.com/wp-content/themes/astra/assets/css/minified/style.min.css?ver=3.6.2
200 OK 17 kB URL HTTP/2 sweets2die4.com/wp-content/themes/astra/assets/css/minified/style.min.css?ver=3.6.2
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (63086), with CRLF line terminators
Hash 88dfde46069b6a7699440b961add08b0
5fecf4ce9d09421c861f1ee9bb75cdcc984e1e2f
e87ca25a7d283d496e40ed1d5210dc34d000d46a33a0a43fd0fa96e20f2182e8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/astra/assets/css/minified/style.min.css?ver=3.6.2 HTTP/1.1
Host: sweets2die4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweets2die4.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 23 Jun 2021 18:34:32 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 17377
content-type: text/css
date: Fri, 11 Nov 2022 14:27:17 GMT
server: Apache
X-Firefox-Spdy: h2
sweets2die4.com/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.2.5
200 OK 613 B URL HTTP/2 sweets2die4.com/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.2.5
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3815)
Hash ef60e2aad2e792f9f8bc48e0db8b6d32
e1cfacc71358055e9bd30c9e1d1c834a068f8bf6
078844f0d70abc35c8993085b57973d5e2f84f846274d426d27f114b322213ec
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.2.5 HTTP/1.1
Host: sweets2die4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweets2die4.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 16 Jun 2021 18:35:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 613
content-type: text/css
date: Fri, 11 Nov 2022 14:27:17 GMT
server: Apache
X-Firefox-Spdy: h2
sweets2die4.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.11.0
200 OK 3.6 kB URL HTTP/2 sweets2die4.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.11.0
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (17186)
Hash 562b1fe9af03782de7b696f11e43d784
4c38e4214a286350ea6d9840767b50c163b23028
8fa5310ae9c76dae00fc4aaa446fb64d4b3117df1b21288a95e2965f09bfc275
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.11.0 HTTP/1.1
Host: sweets2die4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweets2die4.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 16 Jun 2021 18:35:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3638
content-type: text/css
date: Fri, 11 Nov 2022 14:27:17 GMT
server: Apache
X-Firefox-Spdy: h2
sweets2die4.com/wp-content/uploads/elementor/css/post-84.css?ver=1598932899
200 OK 381 B URL HTTP/2 sweets2die4.com/wp-content/uploads/elementor/css/post-84.css?ver=1598932899
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1077), with no line terminators
Hash e157ac54ad8014b4a84608dd89677d70
7f704f2f8ec97e001f54ebf4b94d448b9d6db51d
5df20f2f3deddfe9d19974be25d3b7a01002558e755a4ae2314f31825d9b6ac7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/elementor/css/post-84.css?ver=1598932899 HTTP/1.1
Host: sweets2die4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweets2die4.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 01 Sep 2020 04:01:39 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 381
content-type: text/css
date: Fri, 11 Nov 2022 14:27:17 GMT
server: Apache
X-Firefox-Spdy: h2
sweets2die4.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.8
200 OK 12 kB URL HTTP/2 sweets2die4.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.8
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (29677)
Hash 6539ab5ee2e6ce41ce90332ae53a59cf
9b382f6e6fcc1ad15c0cc5964be243a1eeda4418
162eefc63d682dd03fc355b58332614c5a0f701d57d7c899cc76326eaa2136f8
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.7.8 HTTP/1.1
Host: sweets2die4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweets2die4.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 06:36:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 11763
content-type: text/css
date: Fri, 11 Nov 2022 14:27:17 GMT
server: Apache
X-Firefox-Spdy: h2
sweets2die4.com/wp-content/themes/astra/assets/css/minified/compatibility/contact-form-7-main.min.css?ver=3.6.2
409 Conflict 83 B URL HTTP/2 sweets2die4.com/wp-content/themes/astra/assets/css/minified/compatibility/contact-form-7-main.min.css?ver=3.6.2
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
GET /wp-content/themes/astra/assets/css/minified/compatibility/contact-form-7-main.min.css?ver=3.6.2 HTTP/1.1
Host: sweets2die4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweets2die4.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Fri, 11 Nov 2022 14:27:17 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
sweets2die4.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.1
409 Conflict 83 B URL HTTP/2 sweets2die4.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.1
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.1 HTTP/1.1
Host: sweets2die4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweets2die4.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Fri, 11 Nov 2022 14:27:17 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
sweets2die4.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.1
409 Conflict 83 B URL HTTP/2 sweets2die4.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.1
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.1 HTTP/1.1
Host: sweets2die4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweets2die4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Fri, 11 Nov 2022 14:27:17 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
sweets2die4.com/wp-content/uploads/elementor/css/post-6.css?ver=1598932904
200 OK 4.1 kB URL HTTP/2 sweets2die4.com/wp-content/uploads/elementor/css/post-6.css?ver=1598932904
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (18662), with no line terminators
Hash a4b2146d6ea77845669674d5a06a2ada
f7fa31472a1932972bbd4ddcd9833837c0de8767
45bbba68b90173a6aafbe9bd1cfbc62b03a05cdfdb64fb8acaf7de2cf1b87c82
GET /wp-content/uploads/elementor/css/post-6.css?ver=1598932904 HTTP/1.1
Host: sweets2die4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweets2die4.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 01 Sep 2020 04:01:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4063
content-type: text/css
date: Fri, 11 Nov 2022 14:27:17 GMT
server: Apache
X-Firefox-Spdy: h2
sweets2die4.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
200 OK 7.1 kB URL HTTP/2 sweets2die4.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (30837)
Hash 09b8b6cbc1b0486aa66786792e8c6984
73a077a16ce58b6b5c7169a61989f7421a913936
a8e462cb54773ddf7cd4fdc03715c0cd12a537c633c026635d5810b621246db6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: sweets2die4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweets2die4.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 16 Jun 2021 18:35:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7112
content-type: text/css
date: Fri, 11 Nov 2022 14:27:17 GMT
server: Apache
X-Firefox-Spdy: h2
sweets2die4.com/wp-includes/js/wp-embed.min.js?ver=5.7.8
200 OK 777 B URL HTTP/2 sweets2die4.com/wp-includes/js/wp-embed.min.js?ver=5.7.8
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1391)
Hash 06ece4d01ee88297957c9f4cdcaa4df5
2b3321654a8ead1e1493eac9b5f1fdfb65e2037f
0b17eb6ab02e69f50ac52ca157375bd69853ae4f4796eb48a35eb4a12fc7af8b
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-embed.min.js?ver=5.7.8 HTTP/1.1
Host: sweets2die4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweets2die4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 04 Feb 2021 07:35:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 777
content-type: application/javascript
date: Fri, 11 Nov 2022 14:27:17 GMT
server: Apache
X-Firefox-Spdy: h2
sweets2die4.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.2.5
200 OK 2.2 kB URL HTTP/2 sweets2die4.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.2.5
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4730)
Hash 303cb1a698995b58074fd786e4fceea9
a66389f231217eb2f37a3784f7e65df07c863ffe
793f7c90c8a1facc8aa69ca25bea5ff251df72e25f8bdf0985361b2c4437b22b
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.2.5 HTTP/1.1
Host: sweets2die4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweets2die4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 16 Jun 2021 18:35:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2186
content-type: application/javascript
date: Fri, 11 Nov 2022 14:27:17 GMT
server: Apache
X-Firefox-Spdy: h2
sweets2die4.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
200 OK 3.7 kB URL HTTP/2 sweets2die4.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (12198), with no line terminators
Hash e2a8decccf4d0a6b925af707a36077a9
26a0febc9c3d91e75410f74b9ec62099ba1cbe90
09e0e638a6f53c0fdcfeeb8ae91f3a404bef47b471324e335e29be14a2aa87f7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: sweets2die4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweets2die4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 16 Jun 2021 18:35:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3747
content-type: application/javascript
date: Fri, 11 Nov 2022 14:27:17 GMT
server: Apache
X-Firefox-Spdy: h2
sweets2die4.com/wp-includes/js/underscore.min.js?ver=1.8.3
200 OK 6.4 kB URL HTTP/2 sweets2die4.com/wp-includes/js/underscore.min.js?ver=1.8.3
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (16010)
Hash 96bea734708712077251c5329641f1c6
5a37dc74b5532c8905fd02a17771199e78d1d880
a1e8bb45168c7805dd39f1e2fdecda8f10e30132f9d935841c063281be341e4a
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/underscore.min.js?ver=1.8.3 HTTP/1.1
Host: sweets2die4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweets2die4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 06:36:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6378
content-type: application/javascript
date: Fri, 11 Nov 2022 14:27:17 GMT
server: Apache
X-Firefox-Spdy: h2
sweets2die4.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=2.0.6
200 OK 13 kB URL HTTP/2 sweets2die4.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=2.0.6
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (38455)
Hash 8fcc0f7aec609f926aec754cae6b59c7
65ae99bd26657f69de4830228572f82e3f799558
54ef4466faada264c7b8b6537e1366089626919de99c5ea26122c5d947424e39
GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=2.0.6 HTTP/1.1
Host: sweets2die4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweets2die4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 21 May 2019 15:15:00 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 13132
content-type: application/javascript
date: Fri, 11 Nov 2022 14:27:17 GMT
server: Apache
X-Firefox-Spdy: h2
sweets2die4.com/wp-content/uploads/2019/05/linklogo1-189x22.png
200 OK 9.3 kB URL HTTP/2 sweets2die4.com/wp-content/uploads/2019/05/linklogo1-189x22.png
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 189 x 22, 8-bit/color RGBA, non-interlaced\012- data
Hash 0378023e80d3ad9698f73b2c8dc6f84e
cbacb57a344c21cbc15658c1015673c4c77d119d
59e32de5e43001793124de4156e16e4ef6d2b26d6931f4724d84de8df083b9e0
GET /wp-content/uploads/2019/05/linklogo1-189x22.png HTTP/1.1
Host: sweets2die4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweets2die4.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 21 May 2019 22:21:32 GMT
accept-ranges: bytes
content-length: 9289
content-type: image/png
date: Fri, 11 Nov 2022 14:27:17 GMT
server: Apache
X-Firefox-Spdy: h2
sweets2die4.com/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.6.7.3
200 OK 374 B URL HTTP/2 sweets2die4.com/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.6.7.3
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (754), with no line terminators
Hash ef785f463505633971eae5c08ad626d4
624e22257f386801822229db3a4bbd2e24b25e2f
b2a0dc77f0f79d81698a7e3893e16ecba7b0d980b80a5233656d9b11f1d8160d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.6.7.3 HTTP/1.1
Host: sweets2die4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweets2die4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Jul 2021 18:42:03 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 374
content-type: application/javascript
date: Fri, 11 Nov 2022 14:27:17 GMT
server: Apache
X-Firefox-Spdy: h2
sweets2die4.com/
200 OK 29 kB IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (17546), with CRLF, LF line terminators
Hash 04317cadf87b35c6b7f209756291ca0a
f351a2b3934c321957155a270f103031ffd8acab
e456b212a905de5ab4172d94087ec5c60144d6a9534145949565b67f39aef930
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: sweets2die4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 11 Nov 2022 14:27:16 GMT
server: Apache
content-type: text/html; charset=UTF-8
vary: Accept-Encoding,Cookie
link: <https://sweets2die4.com/index.php/wp-json/>; rel="https://api.w.org/", <https://sweets2die4.com/index.php/wp-json/wp/v2/pages/6>; rel="alternate"; type="application/json", <https://sweets2die4.com/>; rel=shortlink
content-encoding: gzip
x-server-cache: true
x-proxy-cache: EXPIRED
X-Firefox-Spdy: h2
sweets2die4.com/wp-content/uploads/pum/pum-site-styles.css?generated=1616354780&ver=1.16.1
200 OK 5.0 kB URL HTTP/2 sweets2die4.com/wp-content/uploads/pum/pum-site-styles.css?generated=1616354780&ver=1.16.1
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (7400), with CRLF, LF line terminators
Hash 5b241f9e974dcab785b71c79020b5597
ca162bfc70bb3d59f7928345510850acb613a9d6
a787970b17b18b1c4c78825b34e6ca7097305016cb336baaa9b8ad2fc944b65d
GET /wp-content/uploads/pum/pum-site-styles.css?generated=1616354780&ver=1.16.1 HTTP/1.1
Host: sweets2die4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweets2die4.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 21 Mar 2021 19:26:20 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5049
content-type: text/css
date: Fri, 11 Nov 2022 14:27:17 GMT
server: Apache
X-Firefox-Spdy: h2
sweets2die4.com/wp-content/themes/astra/assets/js/minified/style.min.js?ver=3.6.2
200 OK 3.6 kB URL HTTP/2 sweets2die4.com/wp-content/themes/astra/assets/js/minified/style.min.js?ver=3.6.2
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (10457), with no line terminators
Hash a9d52df1dfc9264dc466f142126b03c7
4932b5e079e51913d15218307106e48f9f018f95
35198e81610128d1549a6741bb05a055879ac31d3ff5a25aeb722f899d34c0d4
GET /wp-content/themes/astra/assets/js/minified/style.min.js?ver=3.6.2 HTTP/1.1
Host: sweets2die4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweets2die4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 23 Jun 2021 18:34:32 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3614
content-type: application/javascript
date: Fri, 11 Nov 2022 14:27:17 GMT
server: Apache
X-Firefox-Spdy: h2
sweets2die4.com/wp-content/themes/astra/assets/css/minified/galleries.min.css?ver=3.6.2
200 OK 376 B URL HTTP/2 sweets2die4.com/wp-content/themes/astra/assets/css/minified/galleries.min.css?ver=3.6.2
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (993), with no line terminators
Hash c00be1753b0468509e60711ba7d66ccf
34e36ed522cbf0f01c470fc06089b1b394f49a0a
6b3e9add86573e2937ebf79a0de1e23e39503cac0ad8db440f8fac7ed3d5fbe8
GET /wp-content/themes/astra/assets/css/minified/galleries.min.css?ver=3.6.2 HTTP/1.1
Host: sweets2die4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweets2die4.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 23 Jun 2021 18:34:32 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 376
content-type: text/css
date: Fri, 11 Nov 2022 14:27:17 GMT
server: Apache
X-Firefox-Spdy: h2
sweets2die4.com/wp-includes/js/wp-util.min.js?ver=5.7.8
200 OK 591 B URL HTTP/2 sweets2die4.com/wp-includes/js/wp-util.min.js?ver=5.7.8
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1042)
Hash 9875c15a68630290d320fa21f40acca4
f63ea6aaa76e246fcf9b23a4dbf3a44511ecff8f
2e4ddc4e0ad92fafcb268e92cc465048f0696c548b313def8fc91eeae8e2293f
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-util.min.js?ver=5.7.8 HTTP/1.1
Host: sweets2die4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweets2die4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 04 Feb 2021 07:35:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 591
content-type: application/javascript
date: Fri, 11 Nov 2022 14:27:17 GMT
server: Apache
X-Firefox-Spdy: h2
sweets2die4.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.2.5
200 OK 1.2 kB URL HTTP/2 sweets2die4.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.2.5
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2577)
Hash 159281ac01a46f042b38d0d44cf3eb7a
54677be6b1cf85899d2ab1a6fada531ca5613d29
0738d3f931e8df2b67f3be1ec216b103560266c56cc38fdafae055bcb807ffea
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.2.5 HTTP/1.1
Host: sweets2die4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweets2die4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 16 Jun 2021 18:35:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1151
content-type: application/javascript
date: Fri, 11 Nov 2022 14:27:17 GMT
server: Apache
X-Firefox-Spdy: h2
sweets2die4.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
200 OK 4.6 kB URL HTTP/2 sweets2die4.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11126)
Hash acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: sweets2die4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweets2die4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Dec 2020 07:07:23 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4618
content-type: application/javascript
date: Fri, 11 Nov 2022 14:27:17 GMT
server: Apache
X-Firefox-Spdy: h2
sweets2die4.com/wp-content/plugins/elementor-pro/assets/lib/sticky-kit/jquery.sticky-kit.min.js?ver=1.1.2
200 OK 1.3 kB URL HTTP/2 sweets2die4.com/wp-content/plugins/elementor-pro/assets/lib/sticky-kit/jquery.sticky-kit.min.js?ver=1.1.2
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2746)
Hash 2c0e5da8ecfa08c438cebabd3554beb3
04c9831ca5c6742ca77ef833771662b7b0e4cfa8
f48981d2229b58c1438dd1ea3cc85a8ef6b8220e30d58287a3823a68a678892e
GET /wp-content/plugins/elementor-pro/assets/lib/sticky-kit/jquery.sticky-kit.min.js?ver=1.1.2 HTTP/1.1
Host: sweets2die4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweets2die4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 21 May 2019 15:15:00 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1320
content-type: application/javascript
date: Fri, 11 Nov 2022 14:27:17 GMT
server: Apache
X-Firefox-Spdy: h2
sweets2die4.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.8.1
200 OK 4.3 kB URL HTTP/2 sweets2die4.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.8.1
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (10725)
Hash 253da788125c58bc387c3db6cc404bad
6b90ddf84c234155eae1487d2f950ea079c2382c
12055a1176f887f9be83e2637de50ca41173101397cd42431d7c8df3e2757d6d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.8.1 HTTP/1.1
Host: sweets2die4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweets2die4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 16 Jun 2021 18:35:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4275
content-type: application/javascript
date: Fri, 11 Nov 2022 14:27:17 GMT
server: Apache
X-Firefox-Spdy: h2
sweets2die4.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.8
200 OK 4.9 kB URL HTTP/2 sweets2die4.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.8
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11272)
Hash 365a77ff4ecd6f029c81de14e2522c73
2a817a1e1091bdf10e562b746e7e9619ed5ef5d5
a46d0e1f9b302519b11da0266586429a4d6eaf6fb2914c29f0e9208f7d2eb355
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.7.8 HTTP/1.1
Host: sweets2die4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweets2die4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 04 Feb 2021 07:35:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4942
content-type: application/javascript
date: Fri, 11 Nov 2022 14:27:17 GMT
server: Apache
X-Firefox-Spdy: h2
sweets2die4.com/wp-content/uploads/elementor/thumbs/Frazil-o861z3ncct47igi0km3bzmmaf0buld1ph350bult20.png
200 OK 279 kB URL HTTP/2 sweets2die4.com/wp-content/uploads/elementor/thumbs/Frazil-o861z3ncct47igi0km3bzmmaf0buld1ph350bult20.png
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 470 x 380, 8-bit/color RGBA, non-interlaced\012- data
Size 279 kB (278840 bytes)
Hash 74a5f2cc24eaa063f2a8e782ed705bd1
d9ce85fe5691145f30ea5939c3965eb482480998
b7913aa574a8325ade6ca3a8f091cea44523a04d0eacb7ecda940f450607ce6e
GET /wp-content/uploads/elementor/thumbs/Frazil-o861z3ncct47igi0km3bzmmaf0buld1ph350bult20.png HTTP/1.1
Host: sweets2die4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweets2die4.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 21 May 2019 22:09:41 GMT
accept-ranges: bytes
content-length: 278840
content-type: image/png
date: Fri, 11 Nov 2022 14:27:17 GMT
server: Apache
X-Firefox-Spdy: h2
sweets2die4.com/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.2.5
200 OK 23 kB URL HTTP/2 sweets2die4.com/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.2.5
IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash 855be81630770dd4552e42f7faa7ccf7
1d8ba893d49a0f064aa618fe354e35e41006f79f
87d23e53f75821fd3ee7e2750064f1d899cb5955e6df15b9cfd4e1dc5dcf1cb6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.2.5 HTTP/1.1
Host: sweets2die4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweets2die4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 16 Jun 2021 18:35:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 11 Nov 2022 14:27:17 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fb29db48daab83bcaed56b72093619cc
e0e0a09d729ffb1c41411419768896f1e1eb3346
08e24124f809f1ab7e6960355efcb419e13dd5fb6063c31caf04e11ebdb7a5cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8137
Expires: Fri, 11 Nov 2022 16:42:55 GMT
Date: Fri, 11 Nov 2022 14:27:18 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e7dc40a-e47f-44b5-b3b4-87b10cd8669d.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e7dc40a-e47f-44b5-b3b4-87b10cd8669d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e72f32944d6f03e005f7b6f3e87d8c72
5fe340bf33ac219f6a3d44810f31d0a8796c83a9
bcdcba30210d276996d0fe749bbfc69d666ae11ddfbfdb57307e4bb4d6e43d1f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e7dc40a-e47f-44b5-b3b4-87b10cd8669d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10671
x-amzn-requestid: 1b6053eb-64ac-4c24-a750-c1b8cd69157f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJEh8GxPoAMFhPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366b472-56c6a3bc07ec89ab56d4f3bd;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 19:07:30 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qJeWGvC4DM_d3k66OHN2V19elou-xoSNkep1BNalBO0NtKyQtAFzNQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 03:31:46 GMT
age: 39332
etag: "5fe340bf33ac219f6a3d44810f31d0a8796c83a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fb29db48daab83bcaed56b72093619cc
e0e0a09d729ffb1c41411419768896f1e1eb3346
08e24124f809f1ab7e6960355efcb419e13dd5fb6063c31caf04e11ebdb7a5cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8137
Expires: Fri, 11 Nov 2022 16:42:55 GMT
Date: Fri, 11 Nov 2022 14:27:18 GMT
Connection: keep-alive
sweets2die4.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.2.5
200 OK 36 kB URL HTTP/2 sweets2die4.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.2.5
IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash b367b9f007a22602eb7fc539e0dc9bf5
b58b7eb0ae0f6094fe40540c36239d3b685beacd
d1658af4561f92c5272b661a5ced64657aec8b047398ffbe220c15a00f60b897
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.2.5 HTTP/1.1
Host: sweets2die4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweets2die4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 16 Jun 2021 18:35:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 11 Nov 2022 14:27:17 GMT
server: Apache
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c9847f2-3b5e-4950-9792-a512af36da58.jpeg
200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c9847f2-3b5e-4950-9792-a512af36da58.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f29164fb4dd64d9ce60566fbebd40f0a
96de8f2627e1103c5e6beb5d64cdbc09f97fce82
8eba6095edfed1ee1402c050727f81b8a9942625fd1c9cbb3bac4e51ee178577
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c9847f2-3b5e-4950-9792-a512af36da58.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6517
x-amzn-requestid: 7884aa37-c94f-49d4-b6a4-c6bd66026d2c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: apxD3EeYIAMFYAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635a2ee5-337e8e0949f5020713fcab58;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 07:10:29 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: kXRfJbLr7ErTvJIW0rjpcqxHA0zvN6XOPrszlIzXBgaJkJGWzkoyGw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 10 Nov 2022 22:00:02 GMT
age: 59236
etag: "96de8f2627e1103c5e6beb5d64cdbc09f97fce82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
sweets2die4.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.2.5
200 OK 32 kB URL HTTP/2 sweets2die4.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.2.5
IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash 9b821ed8b70d9b4483a3973b6142b092
06c27c42f01dc49d856f2f945caf3ce895e6090a
2c7ab88fa54f44d49af528f35227017d27683d61da0e3d910b25842271191a52
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.2.5 HTTP/1.1
Host: sweets2die4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweets2die4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 16 Jun 2021 18:35:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 11 Nov 2022 14:27:17 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 05bb9af901ca5b651e88fcbe236711f5
18412da7fc2d868fc74bc3e7c44b4add4bbbdef9
9b87e90e4f5356da47fd562f7d06c8fbdef90d011e8c20e5687afbeaf6e7d29b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 14:27:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4094512-9a5a-47aa-9796-9f630fb1c13f.jpeg
200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4094512-9a5a-47aa-9796-9f630fb1c13f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 13f7b6eea163326da8c58ae5c09efccd
e0d1ebb35a16c686eae3d31eb85ac72278459b05
13f2f428acb7806808d957a8167ab2c139a5d0f59798671465717f2b39b914a9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4094512-9a5a-47aa-9796-9f630fb1c13f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8581
x-amzn-requestid: 385174fe-153f-448f-be5e-9ea3b5757ff9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bZ4u1EYOIAMFncA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636d6e5e-6084a34f58df22037275e676;Sampled=0
x-amzn-remapped-date: Thu, 10 Nov 2022 21:34:22 GMT
x-amz-cf-pop: YVR50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MhIq0Vdxah99pPo_O7gkhrq9Nekkxld2lv0955wr0yJzcP3g6LAH8g==
via: 1.1 dfc972676b24a6d23251d4f298dfa08c.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Thu, 10 Nov 2022 21:46:56 GMT
age: 60022
etag: "e0d1ebb35a16c686eae3d31eb85ac72278459b05"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5530631-4859-4685-8ab3-a5b1013cd2cb.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5530631-4859-4685-8ab3-a5b1013cd2cb.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1ae1fe42d639643009ccee5a7ef770fd
d43bb27911013930ed09d9609a71d737e0838556
d5fc8515f49a0b90e083f6a6025c3dc71dba286e15d5b3f841772d60d2e68fb2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5530631-4859-4685-8ab3-a5b1013cd2cb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11527
x-amzn-requestid: a2a00c3d-12f7-412b-ba02-6bda7aa60586
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bNfYZHXhIAMFVYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63687902-593d2a380bac7a567af893d3;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 03:18:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: J8-Ix4bZI7Yiu83xhD8WF8T4bdp2kX9s_xgpBLEuufdTtHWx_TKYcw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 04:50:48 GMT
age: 34590
etag: "d43bb27911013930ed09d9609a71d737e0838556"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 50b7ad7d0cb47a73140b0c340b5b72b4
5b7fd8d7d4a5fb963c33d52675ef3be152f4e7e3
494e1c3410c113871960bd9b35b3d89c0d404ecb836c03669a8522d159391cd9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 14:27:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 50b7ad7d0cb47a73140b0c340b5b72b4
5b7fd8d7d4a5fb963c33d52675ef3be152f4e7e3
494e1c3410c113871960bd9b35b3d89c0d404ecb836c03669a8522d159391cd9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 14:27:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sweets2die4.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 19:34:08 GMT
expires: Thu, 09 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 154390
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 50b7ad7d0cb47a73140b0c340b5b72b4
5b7fd8d7d4a5fb963c33d52675ef3be152f4e7e3
494e1c3410c113871960bd9b35b3d89c0d404ecb836c03669a8522d159391cd9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 14:27:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.google.com/maps?q=park%20city&t=m&z=10&output=embed&iwloc=near
301 Moved Permanently 278 B URL HTTP/2 maps.google.com/maps?q=park%20city&t=m&z=10&output=embed&iwloc=near
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 0798280a1ba8905de240812d1ba3efe1
9680d54130ac1bec414fd61f129ef021bd0da7b6
2597f34730e21339e19a6543172b3c685dc15a7854fc6f4708c3eb609d38d623
GET /maps?q=park%20city&t=m&z=10&output=embed&iwloc=near HTTP/1.1
Host: maps.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweets2die4.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Fri, 11 Nov 2022 14:27:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1spark+city!5e0!6i10
content-type: text/html; charset=UTF-8
server: mafe
content-length: 278
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 50b7ad7d0cb47a73140b0c340b5b72b4
5b7fd8d7d4a5fb963c33d52675ef3be152f4e7e3
494e1c3410c113871960bd9b35b3d89c0d404ecb836c03669a8522d159391cd9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 14:27:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Xw5aXo.woff2
200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Xw5aXo.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 11624, version 1.0\012- data
Hash a99537333644b3005a7072ba4e848f7f
f23c996b9bb480b4cf8b5ed6943134559c3e96e1
aec18d7924d58cd7ad9f3e0437c1b1b9bbc2ef7479e379b9666015c38aac6967
GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Xw5aXo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sweets2die4.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11624
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Nov 2022 03:27:25 GMT
expires: Tue, 07 Nov 2023 03:27:25 GMT
cache-control: public, max-age=31536000
age: 385193
last-modified: Mon, 11 Jul 2022 18:58:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/shadowsintolight/v15/UqyNK9UOIntux_czAvDQx_ZcHqZXBNQzdcD5.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/shadowsintolight/v15/UqyNK9UOIntux_czAvDQx_ZcHqZXBNQzdcD5.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 16296, version 1.0\012- data
Hash ab4a2c11e0a08a8b4fa7846c2adcc173
86304ab63791be3a22e5eb673245bca6351774a2
2498c027559c4ae9a920e18e30031193148983e7ea195416d62c5d0ea2eaa3ac
GET /s/shadowsintolight/v15/UqyNK9UOIntux_czAvDQx_ZcHqZXBNQzdcD5.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sweets2die4.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16296
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 19:50:31 GMT
expires: Thu, 09 Nov 2023 19:50:31 GMT
cache-control: public, max-age=31536000
age: 153407
last-modified: Wed, 27 Apr 2022 15:55:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ovo/v17/yYLl0h7WyfzTzI44.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/ovo/v17/yYLl0h7WyfzTzI44.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15908, version 1.0\012- data
Hash 0051b92e8f10572b82f553163d74332c
61cd2fd6e7290f54a4ba42093d5293df04a54729
f15f985cf4288b6c8756d9c950c1c2f16f0f291035396c6ce463d153463640d7
GET /s/ovo/v17/yYLl0h7WyfzTzI44.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sweets2die4.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 22:13:10 GMT
expires: Thu, 09 Nov 2023 22:13:10 GMT
cache-control: public, max-age=31536000
age: 144848
last-modified: Mon, 09 May 2022 18:39:28 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sweets2die4.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 18:53:49 GMT
expires: Thu, 09 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 156809
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sweets2die4.com/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
200 OK 77 kB URL HTTP/2 sweets2die4.com/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: sweets2die4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://sweets2die4.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 16 Jun 2021 18:35:30 GMT
accept-ranges: bytes
content-length: 77160
content-type: font/woff2
date: Fri, 11 Nov 2022 14:27:18 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 50b7ad7d0cb47a73140b0c340b5b72b4
5b7fd8d7d4a5fb963c33d52675ef3be152f4e7e3
494e1c3410c113871960bd9b35b3d89c0d404ecb836c03669a8522d159391cd9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 14:27:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 05bb9af901ca5b651e88fcbe236711f5
18412da7fc2d868fc74bc3e7c44b4add4bbbdef9
9b87e90e4f5356da47fd562f7d06c8fbdef90d011e8c20e5687afbeaf6e7d29b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 14:27:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash a7d7a5379a732fc5eadab78de886cc31
6df8c63644e97bf57262415f24e270c718e1758b
c355159cc937a19485f62cc446530f319749237e147adbb2c5784d1d2c20ed64
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 14:27:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sweets2die4.com/wp-content/uploads/2019/05/IMG_1558-150x150.jpg
200 OK 13 kB URL HTTP/2 sweets2die4.com/wp-content/uploads/2019/05/IMG_1558-150x150.jpg
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=9, manufacturer=Apple, model=iPhone 8 Plus, orientation=upper-left, xresolution=142, yresolution=150, resolutionunit=2, software=12.1.4, datetime=2019:03:05 12:37:16], baseline, precision 8, 150x150, components 3\012- data
Hash 79114b907d498ff0cc89a9a430ea417d
f1942ddd5bc35693553a559d581acc6113ab31d3
a2ddc87edda4e81f1a8916c88d8451f25f8f9b90832de580d2e2fc76ebb26762
GET /wp-content/uploads/2019/05/IMG_1558-150x150.jpg HTTP/1.1
Host: sweets2die4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweets2die4.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 21 May 2019 15:51:40 GMT
accept-ranges: bytes
content-length: 13063
content-type: image/jpeg
date: Fri, 11 Nov 2022 14:27:18 GMT
server: Apache
X-Firefox-Spdy: h2
sweets2die4.com/wp-content/uploads/2019/05/IMG_1559-150x150.jpg
200 OK 10 kB URL HTTP/2 sweets2die4.com/wp-content/uploads/2019/05/IMG_1559-150x150.jpg
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=9, manufacturer=Apple, model=iPhone 8 Plus, orientation=upper-right, xresolution=142, yresolution=150, resolutionunit=2, software=12.1.4, datetime=2019:03:05 13:00:47], baseline, precision 8, 150x150, components 3\012- data
Hash 8aceb1bd06f035f1a4a08177227de377
de81f660d59736b5ffe036a1cdb1d0e6b7b83c54
6ce2f40741c5632ca6d4f1b819a09af627e12df4b0338e491162b1d545e70266
GET /wp-content/uploads/2019/05/IMG_1559-150x150.jpg HTTP/1.1
Host: sweets2die4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweets2die4.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 21 May 2019 15:51:45 GMT
accept-ranges: bytes
content-length: 9961
content-type: image/jpeg
date: Fri, 11 Nov 2022 14:27:18 GMT
server: Apache
X-Firefox-Spdy: h2
sweets2die4.com/wp-content/uploads/2019/05/IMG_1594-150x150.jpg
200 OK 12 kB URL HTTP/2 sweets2die4.com/wp-content/uploads/2019/05/IMG_1594-150x150.jpg
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=9, manufacturer=Apple, model=iPhone 8 Plus, orientation=upper-left, xresolution=142, yresolution=150, resolutionunit=2, software=12.1.4, datetime=2019:03:15 19:02:39], baseline, precision 8, 150x150, components 3\012- data
Hash 249e8cb415197d4ea1d3404f1a9deb5b
905e1c90e98002a8d7894e72b76bb3a9aceaacce
f4bae70157809e9de46f0cc2bcd765758612cd03bfa7407f994d46623e4fd506
GET /wp-content/uploads/2019/05/IMG_1594-150x150.jpg HTTP/1.1
Host: sweets2die4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweets2die4.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 21 May 2019 15:51:49 GMT
accept-ranges: bytes
content-length: 11746
content-type: image/jpeg
date: Fri, 11 Nov 2022 14:27:18 GMT
server: Apache
X-Firefox-Spdy: h2
sweets2die4.com/wp-content/uploads/2019/05/IMG_1921-150x150.jpg
200 OK 42 kB URL HTTP/2 sweets2die4.com/wp-content/uploads/2019/05/IMG_1921-150x150.jpg
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=9, manufacturer=Apple, model=iPhone 8 Plus, orientation=upper-left, xresolution=142, yresolution=150, resolutionunit=2, software=12.2, datetime=2019:05:10 21:02:07], baseline, precision 8, 150x150, components 3\012- data
Hash 1571c22ee9a08e44233e0218a9467ef0
c76b27b4eb852c1fad37ed0dbfe1980281ce112f
eb3c7ba3efe175ce619eb9ce75f9057e3eee81e3f8773e98a7ac746a426a31fd
GET /wp-content/uploads/2019/05/IMG_1921-150x150.jpg HTTP/1.1
Host: sweets2die4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweets2die4.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 21 May 2019 15:51:53 GMT
accept-ranges: bytes
content-length: 41494
content-type: image/jpeg
date: Fri, 11 Nov 2022 14:27:18 GMT
server: Apache
X-Firefox-Spdy: h2
sweets2die4.com/wp-content/uploads/2019/05/Logo1.png
200 OK 83 kB URL HTTP/2 sweets2die4.com/wp-content/uploads/2019/05/Logo1.png
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 780 x 353, 8-bit/color RGBA, non-interlaced\012- data
Hash ae5acba4c3f5f611ea79359e132eac7c
ca22d6754b1016a6bedc66c84ebfee845ad2f91f
aa6d68351a463cdb9fc2c5584e03a2f16a0c1c623144f33518b6eb5cff74e458
GET /wp-content/uploads/2019/05/Logo1.png HTTP/1.1
Host: sweets2die4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweets2die4.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 21 May 2019 15:28:35 GMT
accept-ranges: bytes
content-length: 82856
content-type: image/png
date: Fri, 11 Nov 2022 14:27:18 GMT
server: Apache
X-Firefox-Spdy: h2
sweets2die4.com/wp-content/uploads/2019/05/IMG_1922-150x150.jpg
200 OK 42 kB URL HTTP/2 sweets2die4.com/wp-content/uploads/2019/05/IMG_1922-150x150.jpg
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=9, manufacturer=Apple, model=iPhone 8 Plus, orientation=upper-right, xresolution=142, yresolution=150, resolutionunit=2, software=12.2, datetime=2019:05:10 21:23:07], baseline, precision 8, 150x150, components 3\012- data
Hash e415a001ffdf8c8f56ef3df36eab0cb8
e6082b474afc74a89662dcd802c4bc21a8cd3433
e22a7eb3b54930091db9f40648dbb9e0040b50cb1a0b16f1ae2ce9ea7b869a98
GET /wp-content/uploads/2019/05/IMG_1922-150x150.jpg HTTP/1.1
Host: sweets2die4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweets2die4.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 21 May 2019 15:51:56 GMT
accept-ranges: bytes
content-length: 41928
content-type: image/jpeg
date: Fri, 11 Nov 2022 14:27:18 GMT
server: Apache
X-Firefox-Spdy: h2
sweets2die4.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.1
409 Conflict 83 B URL HTTP/2 sweets2die4.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.1
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.1 HTTP/1.1
Host: sweets2die4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweets2die4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Fri, 11 Nov 2022 14:27:18 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1spark+city!5e0!6i10
200 OK 961 B URL HTTP/2 www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1spark+city!5e0!6i10
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1565)
Hash 4d98cb9e71a9f2550472b0333050ad4d
f556e4eab26d689ee4aa9955bbeaa05002292595
e5675c5cff1943c19e222137c928562760e5610eff2bc0d88616027edd5679cc
GET /maps/embed?origin=mfe&pb=!1m4!2m1!1spark+city!5e0!6i10 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sweets2die4.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Fri, 11 Nov 2022 14:27:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
vary: Accept-Language
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-WuCWhc9_ugP_tea15oQNHw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-encoding: gzip
server: mafe
content-length: 961
x-xss-protection: 0
server-timing: gfet4t7; dur=321
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
maps.gstatic.com/maps-api-v3/embed/js/50/12a/init_embed.js
200 OK 68 kB URL HTTP/2 maps.gstatic.com/maps-api-v3/embed/js/50/12a/init_embed.js
IP
File type ASCII text, with very long lines (2669)
Hash 33fed333a55580b5c13fb891bf0e0343
7566dff90bb8035abcced956615eadbc6ebcf4a9
70386264b35cd6ef3b68f7e6c568197388d1140bb4e8e2cdd6d44fdfb0c00a2a
GET /maps-api-v3/embed/js/50/12a/init_embed.js HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 68524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Nov 2022 18:26:33 GMT
expires: Tue, 07 Nov 2023 18:26:33 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 04 Nov 2022 20:13:38 GMT
content-type: text/javascript
age: 331245
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sweets2die4.com/wp-content/uploads/2019/05/foodiesfeed.com_meanwhile-in-the-kitchen-1.jpg
200 OK 155 kB URL HTTP/1.1 sweets2die4.com/wp-content/uploads/2019/05/foodiesfeed.com_meanwhile-in-the-kitchen-1.jpg
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1500x686, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 28032-0, spot sensor temperature 0.000000, unit celsius, color scheme 0, calibration: offset -0.000000, slope 42.010262\012- data
Size 155 kB (155159 bytes)
Hash 96044fa15f7f27ead5f979afd30df3be
cb7878206d3dd9c7556c3b4493bc6270d10000bb
6bcaa33bf978c48fddec64783a9ab3ad47ac7d9939d71aae14fd216b4dbac423
GET /wp-content/uploads/2019/05/foodiesfeed.com_meanwhile-in-the-kitchen-1.jpg HTTP/1.1
Host: sweets2die4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 14:27:18 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Tue, 21 May 2019 15:21:32 GMT
Accept-Ranges: bytes
Content-Length: 155159
Content-Type: image/jpeg
sweets2die4.com/wp-content/uploads/2019/05/cropped-Logo1-32x32.png
200 OK 3.0 kB URL HTTP/2 sweets2die4.com/wp-content/uploads/2019/05/cropped-Logo1-32x32.png
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 1de08b345f9e78e6cca0840766c7d2f3
32cebe7b702991ea2f8e726a2beb3e848e26df8e
99f83a8f7314502685848fee37c69827095feb0828359b716a7069e1e753c538
GET /wp-content/uploads/2019/05/cropped-Logo1-32x32.png HTTP/1.1
Host: sweets2die4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweets2die4.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 21 May 2019 15:37:21 GMT
accept-ranges: bytes
content-length: 2957
content-type: image/png
date: Fri, 11 Nov 2022 14:27:18 GMT
server: Apache
X-Firefox-Spdy: h2
sweets2die4.com/wp-content/uploads/2019/05/cropped-Logo1-192x192.png
200 OK 36 kB URL HTTP/2 sweets2die4.com/wp-content/uploads/2019/05/cropped-Logo1-192x192.png
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 859793d1593444da2f6d0d9ba282942c
077571fd029a7e6db8c76eb02a855bc7b24204a4
d6daededc2a1ffd7dd6cacd9e3c1e20d9b1d40808f4167d044f44aa119251d1d
GET /wp-content/uploads/2019/05/cropped-Logo1-192x192.png HTTP/1.1
Host: sweets2die4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweets2die4.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 21 May 2019 15:37:21 GMT
accept-ranges: bytes
content-length: 35979
content-type: image/png
date: Fri, 11 Nov 2022 14:27:18 GMT
server: Apache
X-Firefox-Spdy: h2
khms0.googleapis.com/kh?v=932&hl=en-US&x=24&y=48&z=7
200 OK 18 kB URL HTTP/2 khms0.googleapis.com/kh?v=932&hl=en-US&x=24&y=48&z=7
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 256x256, components 3\012- data
Hash 1eae7316c4719cf32a0a7778e9a8baed
6a8219bf89323f6128f014877668a3667ccc0d17
8b4b91d21c54ac7602db94cfa6913a0cec6e74505454b1a82f7f8e33f5c18d87
GET /kh?v=932&hl=en-US&x=24&y=48&z=7 HTTP/1.1
Host: khms0.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31536000
last-modified: Fri, 1 Jan 2010 01:00:00 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
x-content-type-options: nosniff
date: Fri, 11 Nov 2022 14:27:19 GMT
expires: Sat, 11 Nov 2023 14:27:19 GMT
content-type: image/jpeg
vary: Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
content-length: 17960
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sweets2die4.com/wp-content/uploads/2019/05/IMG_1502.png
200 OK 1.2 MB URL HTTP/1.1 sweets2die4.com/wp-content/uploads/2019/05/IMG_1502.png
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1646 x 826, 8-bit/color RGBA, non-interlaced\012- data
Size 1.2 MB (1157079 bytes)
Hash d221d32e50d08238f0c8f5b920856892
0bfa1522e1fd692308cd2d3e05a48a6d7f76196c
8f3b7087ae7f69ba09ca8f1027319836a13dc77488f4ea028bb512cf63262367
GET /wp-content/uploads/2019/05/IMG_1502.png HTTP/1.1
Host: sweets2die4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 14:27:18 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Tue, 21 May 2019 15:22:52 GMT
Accept-Ranges: bytes
Content-Length: 1157079
Content-Type: image/png
sweets2die4.com/wp-content/uploads/2019/05/IMG_1594.jpg
200 OK 852 kB URL HTTP/1.1 sweets2die4.com/wp-content/uploads/2019/05/IMG_1594.jpg
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=9, manufacturer=Apple, model=iPhone 8 Plus, orientation=upper-left, xresolution=142, yresolution=150, resolutionunit=2, software=12.1.4, datetime=2019:03:15 19:02:39], baseline, precision 8, 2016x1512, components 3\012- data
Size 852 kB (851906 bytes)
Hash e04e41041389618e1c0a23777e8a9c66
4ceb7286b8dbe66b5d7644803c7b15b35a1067b1
e37593d53efc9bf190e389aab1c861aa9289e51080990b8516b50aafdb608127
GET /wp-content/uploads/2019/05/IMG_1594.jpg HTTP/1.1
Host: sweets2die4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 14:27:18 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Tue, 21 May 2019 15:51:49 GMT
Accept-Ranges: bytes
Content-Length: 851906
Content-Type: image/jpeg
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
File type gzip compressed data, max compression\012- data
Hash 2853325373e1c020f4defa29faf36e77
ebeb0f817eb4b20f8730fbd68b922d50744ca982
733602161913dbe8187e7b17d111400018ee91d756fede5e16eb881973513fc5
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 14:07:32 GMT
expires: Thu, 09 Nov 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 173988
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sweets2die4.com/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=2.0.6
200 OK 0 B URL HTTP/2 sweets2die4.com/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=2.0.6
IP
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=2.0.6 HTTP/1.1
Host: sweets2die4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweets2die4.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 21 May 2019 15:15:00 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Fri, 11 Nov 2022 14:27:17 GMT
server: Apache
X-Firefox-Spdy: h2
sweets2die4.com/wp-content/uploads/pum/pum-site-scripts.js?defer&generated=1616354780&ver=1.16.1
200 OK 0 B URL HTTP/2 sweets2die4.com/wp-content/uploads/pum/pum-site-scripts.js?defer&generated=1616354780&ver=1.16.1
IP
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/uploads/pum/pum-site-scripts.js?defer&generated=1616354780&ver=1.16.1 HTTP/1.1
Host: sweets2die4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweets2die4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 21 Mar 2021 19:26:20 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 11 Nov 2022 14:27:17 GMT
server: Apache
X-Firefox-Spdy: h2
sweets2die4.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.2.5
200 OK 0 B URL HTTP/2 sweets2die4.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.2.5
IP
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.2.5 HTTP/1.1
Host: sweets2die4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweets2die4.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 16 Jun 2021 18:35:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Fri, 11 Nov 2022 14:27:17 GMT
server: Apache
X-Firefox-Spdy: h2
sweets2die4.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
200 OK 0 B URL HTTP/2 sweets2die4.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
IP
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4 HTTP/1.1
Host: sweets2die4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweets2die4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 12 Aug 2020 01:54:25 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 11 Nov 2022 14:27:17 GMT
server: Apache
X-Firefox-Spdy: h2
sweets2die4.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
200 OK 0 B URL HTTP/2 sweets2die4.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
IP
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6 HTTP/1.1
Host: sweets2die4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweets2die4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 16 Jun 2021 18:35:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 11 Nov 2022 14:27:17 GMT
server: Apache
X-Firefox-Spdy: h2
sweets2die4.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
200 OK 0 B URL HTTP/2 sweets2die4.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
IP
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.5.1 HTTP/1.1
Host: sweets2die4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweets2die4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Dec 2020 07:07:23 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 11 Nov 2022 14:27:17 GMT
server: Apache
X-Firefox-Spdy: h2
192.254.235.112
23.36.77.32
93.184.220.29
0.0.0.0