r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5ceaca9fd4ad000cb435820812fc69c8
8168397aaf7b572c89a9c83f46c0b65e4ac509f2
9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7064
Expires: Wed, 07 Dec 2022 06:02:29 GMT
Date: Wed, 07 Dec 2022 04:04:45 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f83c5e33ba42e312ee398848bbb711f5
caa1fd23b1fbbe883292ded04404c1cfd861eb09
106d08fba45f1e13f85b4b5abc456594878494238933e54b6a06e21ed8a52bc9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3166
Cache-Control: max-age=112759
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 04:04:45 GMT
Etag: "638f19f6-1d7"
Expires: Thu, 08 Dec 2022 11:24:04 GMT
Last-Modified: Tue, 06 Dec 2022 10:31:18 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a0abf10fb7e96c1c98dacf2f013a68b4
acdd839bce85eadc78a8e821e32e00a958d5c0c8
b85d98f8df05431777d96c767ce4c152302ec3f653cdf6e61c8c3fa9574f3255
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B85D98F8DF05431777D96C767CE4C152302EC3F653CDF6E61C8C3FA9574F3255"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7066
Expires: Wed, 07 Dec 2022 06:02:31 GMT
Date: Wed, 07 Dec 2022 04:04:45 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 07 Dec 2022 03:20:27 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2658
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: xCMx3zqjdrnqe1pIv1SrdifKS40ehtlCt5CEglhEkvcgcOIwAlwyjRs+CxR3VbYIbZPGvaUPMfE=
x-amz-request-id: 63MKCWXCNKKS97Y4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 07 Dec 2022 03:49:13 GMT
age: 932
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 04:04:45 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 07 Dec 2022 03:11:20 GMT
cache-control: public,max-age=3600
age: 3205
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0f7dcaa590e32cfd1c075255188d5f06
d4bb4954fefdb3b59560b54adf500e806e252e39
195795c2511b31519134f5eb4442d8708918ecaff72f8e821a5473ad7c97c448
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3150
Cache-Control: max-age=107675
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 04:04:45 GMT
Etag: "638f062a-1d7"
Expires: Thu, 08 Dec 2022 09:59:20 GMT
Last-Modified: Tue, 06 Dec 2022 09:06:50 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
gsites14.com/
85.159.208.243200 OK 20 kB IP 85.159.208.243:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (26995), with CRLF, LF line terminators
Hash 809cece4a573422e576bf2f16209e180
c9ca3891e91e202aac93d41b72ac0ade20623d73
97706ea27b464080cae6ca37ee4d991485fef44731a89c544ba6a1f8bc425985
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: gsites14.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 07 Dec 2022 04:04:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-UA-Compatible: IE=edge
Link: <http://gsites14.com/wp-json/>; rel="https://api.w.org/", <http://gsites14.com/wp-json/wp/v2/pages/1015>; rel="alternate"; type="application/json", <http://gsites14.com/>; rel=shortlink
Content-Encoding: gzip
gsites14.com/wp-includes/css/dist/block-library/style.min.css
85.159.208.243200 OK 7.9 kB URL HTTP/1.1 gsites14.com/wp-includes/css/dist/block-library/style.min.css
IP 85.159.208.243:0
File type ASCII text, with very long lines (27100)
Hash 646b70aec2e0818a38d33af2802f6a1c
98d50275b179a513e86e4a14e5724d5311829274
279417c1c480d0a48bce59f96cfb542d48486928836acc3f5dd11c0662e9576e
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: gsites14.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gsites14.com/
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 07 Dec 2022 04:04:46 GMT
Content-Type: text/css
Last-Modified: Tue, 20 Oct 2020 09:12:15 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5f8ea9ef-d293"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
gsites14.com/wp-includes/css/dist/block-library/theme.min.css
85.159.208.243200 OK 729 B URL HTTP/1.1 gsites14.com/wp-includes/css/dist/block-library/theme.min.css
IP 85.159.208.243:0
File type ASCII text, with very long lines (2218), with no line terminators
Hash 1c594ff3d841fb2905c8d41ac7a1e453
5f96285b7a75449dc5d32bdfc44ed15997a16b1f
7c1f38e4bf49405241edc00e50cdb4d0609b162b31c9cc0cbb1ebd74ebb5367a
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/css/dist/block-library/theme.min.css HTTP/1.1
Host: gsites14.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gsites14.com/
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 07 Dec 2022 04:04:46 GMT
Content-Type: text/css
Last-Modified: Tue, 20 Oct 2020 09:12:15 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5f8ea9ef-8aa"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
gsites14.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/vendors-style.css
85.159.208.243200 OK 1.1 kB URL HTTP/1.1 gsites14.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/vendors-style.css
IP 85.159.208.243:0
File type ASCII text, with very long lines (3276), with no line terminators
Hash 5603ecd4345c0ac769bbead670d09243
16677c2ca4296e8b9ff6165e95e5ac868abec3bd
d20a08f62d6e99014c102bbaf24f13b4dbde4309ae99c71e5c0e30e6ba64b664
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/vendors-style.css HTTP/1.1
Host: gsites14.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gsites14.com/
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 07 Dec 2022 04:04:46 GMT
Content-Type: text/css
Last-Modified: Fri, 11 Mar 2022 01:04:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"622aa010-ccc"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
push.services.mozilla.com/
35.164.186.39101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.164.186.39:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: dlpaoUjIjc42rclTsGvN+A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: w4bOIf510EVabZzp/NFPQCeAZrI=
gsites14.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/style.css
85.159.208.243200 OK 19 kB URL HTTP/1.1 gsites14.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/style.css
IP 85.159.208.243:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash d75eaa3566059261fe447c2ade61993a
8263b73340d7365ea25ebe7abc8d1fff6ab50699
3d0dc2a3b86ff680e4bf9ffbe2fb5adf9fb03b378facddc8db2d500d2d7c77d7
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/style.css HTTP/1.1
Host: gsites14.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gsites14.com/
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 07 Dec 2022 04:04:46 GMT
Content-Type: text/css
Last-Modified: Fri, 11 Mar 2022 01:04:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"622aa010-2c44d"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
gsites14.com/wp-content/themes/jannah/assets/css/woocommerce.css
85.159.208.243200 OK 11 kB URL HTTP/1.1 gsites14.com/wp-content/themes/jannah/assets/css/woocommerce.css
IP 85.159.208.243:0
Hash 4621d4d3532d39ccb2c51b01c96e0014
a0777ae31bfa4db3e59ef4e38fe91a167fe6da96
c85edfefe37808c83fd761b296c8d5051bbb35933565e7e1b91f1891069abf99
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/jannah/assets/css/woocommerce.css HTTP/1.1
Host: gsites14.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gsites14.com/
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 07 Dec 2022 04:04:46 GMT
Content-Type: text/css
Last-Modified: Mon, 17 Jun 2019 09:01:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5d0756ef-12089"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
gsites14.com/wp-includes/js/jquery/jquery.js
85.159.208.243200 OK 34 kB URL HTTP/1.1 gsites14.com/wp-includes/js/jquery/jquery.js
IP 85.159.208.243:0
File type ASCII text, with very long lines (31997)
Hash a5798cf6edb87e2f64df51a38eceef6a
a96934773339f6f36a5b37c5d6903ad95c062dca
d65dc5e8cea9e4daea184d6de7d896eb23d08f04b3bc20fb9b35b237e93ec6ce
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.js HTTP/1.1
Host: gsites14.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gsites14.com/
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 07 Dec 2022 04:04:46 GMT
Content-Type: application/javascript
Last-Modified: Thu, 05 Sep 2019 13:11:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5d710994-17a69"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
gsites14.com/wp-content/plugins/cookie-notice/js/front.min.js
85.159.208.243200 OK 2.2 kB URL HTTP/1.1 gsites14.com/wp-content/plugins/cookie-notice/js/front.min.js
IP 85.159.208.243:0
File type ASCII text, with very long lines (9332), with no line terminators
Hash 250d524631ec0457715109690f97ac7f
20a2e6f29f3fb48779543ad0a8570fbc58466018
285a50b095f609db7504faf3d478179e278ae881319c6e19543b96cff3a271df
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/cookie-notice/js/front.min.js HTTP/1.1
Host: gsites14.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gsites14.com/
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 07 Dec 2022 04:04:46 GMT
Content-Type: application/javascript
Last-Modified: Tue, 20 Oct 2020 09:12:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5f8eaa0a-2474"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
gsites14.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js
85.159.208.243200 OK 3.5 kB URL HTTP/1.1 gsites14.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js
IP 85.159.208.243:0
File type ASCII text, with very long lines (9151)
Hash c64b3652b53918761c8b0d96491a486c
0561f3f180184980208fef24e98ee26c7d1214f4
eca3c4c3a295fb5f79c6e412db9d8ecbd59edcdb1b8585b523114cfbb78e5274
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js HTTP/1.1
Host: gsites14.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gsites14.com/
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 07 Dec 2022 04:04:46 GMT
Content-Type: application/javascript
Last-Modified: Fri, 11 Mar 2022 01:04:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"622aa012-2549"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
gsites14.com/wp-includes/js/wp-emoji-release.min.js
85.159.208.243200 OK 4.7 kB URL HTTP/1.1 gsites14.com/wp-includes/js/wp-emoji-release.min.js
IP 85.159.208.243:0
File type ASCII text, with very long lines (11272)
Hash 80712bcce465dea429e6ff1e5c35bbc1
daff29755ee729dbeb0d30c93570f1fc9b673972
f444c094422ff2d56c4f52a022881e68e1f07d567e0fb3969f80259452995f8f
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js HTTP/1.1
Host: gsites14.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gsites14.com/
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 07 Dec 2022 04:04:46 GMT
Content-Type: application/javascript
Last-Modified: Thu, 15 Apr 2021 13:04:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"607839f4-3795"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
gsites14.com/wp-content/themes/jannah/assets/css/ilightbox/dark-skin/skin.css
85.159.208.243200 OK 1.3 kB URL HTTP/1.1 gsites14.com/wp-content/themes/jannah/assets/css/ilightbox/dark-skin/skin.css
IP 85.159.208.243:0
File type ASCII text, with CRLF line terminators
Hash e2e5789eacefad1d709ad9b13a854e08
3183250c86331a22e1fc1933919f5b8394040e51
f643c70b6045e8131d2b19adbd5e8977b100e0a686b31dbd8f45e466800b5414
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/jannah/assets/css/ilightbox/dark-skin/skin.css HTTP/1.1
Host: gsites14.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gsites14.com/
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 07 Dec 2022 04:04:46 GMT
Content-Type: text/css
Last-Modified: Mon, 17 Jun 2019 09:01:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5d0756ef-1c79"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
gsites14.com/wp-content/plugins/contact-form-7/includes/js/scripts.js
85.159.208.243200 OK 3.9 kB URL HTTP/1.1 gsites14.com/wp-content/plugins/contact-form-7/includes/js/scripts.js
IP 85.159.208.243:0
Hash 2288a290e851a033dde3e8d4a46b7fd6
a4bc6be80ef80cc441b780c467befa5413cf22fd
48d7cf63f55ec9a080e3e1ec9f4755450a9629a1f209f2b553aebb9ebaf5438b
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js HTTP/1.1
Host: gsites14.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gsites14.com/
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 07 Dec 2022 04:04:46 GMT
Content-Type: application/javascript
Last-Modified: Tue, 20 Oct 2020 09:12:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5f8eaa0a-3719"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
gsites14.com/wp-content/themes/jannah/assets/css/style.css
85.159.208.243200 OK 69 kB URL HTTP/1.1 gsites14.com/wp-content/themes/jannah/assets/css/style.css
IP 85.159.208.243:0
File type ASCII text, with CRLF, LF line terminators
Hash 9828453fb93eeff40dea71d7d71400e6
1c416c1ddeec6fd3de09ebc3e242da9a6f7e9b5d
f27af8bb49d6000cac9d9f0dec7b5e9a123f1d2d9382aa2657971a1a285b8fb4
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/jannah/assets/css/style.css HTTP/1.1
Host: gsites14.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gsites14.com/
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 07 Dec 2022 04:04:46 GMT
Content-Type: text/css
Last-Modified: Mon, 17 Jun 2019 09:01:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5d0756ef-69c31"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
gsites14.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js
85.159.208.243200 OK 982 B URL HTTP/1.1 gsites14.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js
IP 85.159.208.243:0
File type ASCII text, with very long lines (1668)
Hash e66463f2023b738680c9bdefece69a37
315dc8e6ebdfb18c662851244ee33e2758ad3c83
fd83e7fc6d81aa6f6680ea640e9c086aa1950a17757a582aa74ea9797a70f346
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js HTTP/1.1
Host: gsites14.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gsites14.com/
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 07 Dec 2022 04:04:46 GMT
Content-Type: application/javascript
Last-Modified: Fri, 11 Mar 2022 01:04:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"622aa013-72a"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
gsites14.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js
85.159.208.243200 OK 794 B URL HTTP/1.1 gsites14.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js
IP 85.159.208.243:0
File type ASCII text, with very long lines (2139), with no line terminators
Hash 29307e8dec33cf3411ca4e1f2c84e9d0
484402289464d7ffb1475827f3438329d520bfc6
a2db59efaa416ef0c9d5d58f142cd5e44c475348cff20a664586fd3cda1b5f5b
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js HTTP/1.1
Host: gsites14.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gsites14.com/
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 07 Dec 2022 04:04:46 GMT
Content-Type: application/javascript
Last-Modified: Fri, 11 Mar 2022 01:04:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"622aa012-85b"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
gsites14.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js
85.159.208.243200 OK 1.0 kB URL HTTP/1.1 gsites14.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js
IP 85.159.208.243:0
File type ASCII text, with very long lines (2938), with no line terminators
Hash a16f467232a27bf9b62353174b52650c
0e27aaae6aaec510ba39751843af4b17ea0ec3a7
40b0815db13d339634fd2cd734fc77eb38ef59bad547d319b9ca4262273ca8eb
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js HTTP/1.1
Host: gsites14.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gsites14.com/
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 07 Dec 2022 04:04:46 GMT
Content-Type: application/javascript
Last-Modified: Fri, 11 Mar 2022 01:04:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"622aa012-b7a"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
gsites14.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js
85.159.208.243200 OK 1.1 kB URL HTTP/1.1 gsites14.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js
IP 85.159.208.243:0
File type HTML document, ASCII text, with very long lines (3037), with no line terminators
Hash f46e666160800ab91bb12cccc7555662
63b98922823c1f54ed1a96e1dcd0c227e3e51419
f5cc9892eb6b336791126838b53edfe9dc4b12b99aae085cadf52d8e734f5c68
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js HTTP/1.1
Host: gsites14.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gsites14.com/
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 07 Dec 2022 04:04:46 GMT
Content-Type: application/javascript
Last-Modified: Fri, 11 Mar 2022 01:04:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"622aa012-bdd"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
gsites14.com/wp-includes/js/wp-embed.min.js
85.159.208.243200 OK 765 B URL HTTP/1.1 gsites14.com/wp-includes/js/wp-embed.min.js
IP 85.159.208.243:0
File type ASCII text, with very long lines (1391)
Hash fe875afb236ee8f0d50040fe58d848d4
e6b1b67093b429c95d5b9db07a7eba39e02cf0e5
328a6a072b91134f2802ae25e070f38ff156ceee2c6ec6a6253ae4b27af73b49
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/wp-embed.min.js HTTP/1.1
Host: gsites14.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gsites14.com/
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 07 Dec 2022 04:04:46 GMT
Content-Type: application/javascript
Last-Modified: Thu, 15 Apr 2021 13:04:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"607839f4-592"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
gsites14.com/wp-content/plugins/cookie-notice/css/front.min.css
85.159.208.243200 OK 1.1 kB URL HTTP/1.1 gsites14.com/wp-content/plugins/cookie-notice/css/front.min.css
IP 85.159.208.243:0
File type ASCII text, with very long lines (5461), with no line terminators
Hash e1de9945756a628b86549fa277c65157
dc6cb7d7aeba32cc6a4b1450dffca914b77c901c
5e30e3d62543123e12d941fd961a618a83d354e1d0fc47f21253638195117930
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/cookie-notice/css/front.min.css HTTP/1.1
Host: gsites14.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gsites14.com/
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 07 Dec 2022 04:04:46 GMT
Content-Type: text/css
Last-Modified: Tue, 20 Oct 2020 09:12:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5f8eaa0a-1555"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
gsites14.com/wp-content/themes/jannah/assets/js/sliders.js
85.159.208.243200 OK 17 kB URL HTTP/1.1 gsites14.com/wp-content/themes/jannah/assets/js/sliders.js
IP 85.159.208.243:0
File type ASCII text, with very long lines (41563)
Hash e626a412fda9960966cf16fe83a84ff4
79a570fd97f2cdde28eb36760ff9828f4ada7f40
373587cb93a0755a81cffd6e3295d3ab5bf39b65d0124d589f89cc030925f205
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/jannah/assets/js/sliders.js HTTP/1.1
Host: gsites14.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gsites14.com/
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 07 Dec 2022 04:04:46 GMT
Content-Type: application/javascript
Last-Modified: Mon, 17 Jun 2019 09:01:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5d0756ef-12415"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
gsites14.com/wp-content/plugins/contact-form-7/includes/css/styles.css
85.159.208.243200 OK 728 B URL HTTP/1.1 gsites14.com/wp-content/plugins/contact-form-7/includes/css/styles.css
IP 85.159.208.243:0
Hash f4da479ab671b05f46391c2ec8ece4b5
7ad97c1132cbc11ae8f10a215312d8d388f92821
e9b1498ba4c70601439f135a3745e9451dc5f0f82e7327f278966632df613cb0
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/css/styles.css HTTP/1.1
Host: gsites14.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gsites14.com/
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 07 Dec 2022 04:04:46 GMT
Content-Type: text/css
Last-Modified: Tue, 20 Oct 2020 09:12:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5f8eaa0a-780"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
gsites14.com/wp-content/themes/jannah/assets/js/scripts.js
85.159.208.243200 OK 80 kB URL HTTP/1.1 gsites14.com/wp-content/themes/jannah/assets/js/scripts.js
IP 85.159.208.243:0
File type ASCII text, with very long lines (40085)
Hash 79f67ba9253d23585b9d602599405641
78ce319aacfd167636428b67243017d88695206e
5e94d9d13646c5ee772bba3126ef065b78b8fc0132f8bbbe99df5384e40ecd3d
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/jannah/assets/js/scripts.js HTTP/1.1
Host: gsites14.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gsites14.com/
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 07 Dec 2022 04:04:46 GMT
Content-Type: application/javascript
Last-Modified: Mon, 17 Jun 2019 09:01:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5d0756ef-41e64"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
gsites14.com/wp-content/uploads/2021/11/modern-istanbul-780x500.jpg
85.159.208.243200 OK 108 kB URL HTTP/1.1 gsites14.com/wp-content/uploads/2021/11/modern-istanbul-780x500.jpg
IP 85.159.208.243:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 780x500, components 3\012- data
Size 108 kB (108216 bytes)
Hash e51d9ee8eea79e6fb03709ca23d293bc
b1f27a56bc703467371fdc661dd0cb240fd08df5
96b652e913418c7e6cbefaebf78862a8b1ad53d694766eeba573cc906f19b269
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/11/modern-istanbul-780x500.jpg HTTP/1.1
Host: gsites14.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gsites14.com/
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 07 Dec 2022 04:04:46 GMT
Content-Type: image/jpeg
Content-Length: 108216
Last-Modified: Mon, 01 Nov 2021 09:37:29 GMT
Connection: keep-alive
ETag: "617fb559-1a6b8"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
gsites14.com/wp-content/uploads/2021/11/monaco-travel-780x500.jpg
85.159.208.243200 OK 123 kB URL HTTP/1.1 gsites14.com/wp-content/uploads/2021/11/monaco-travel-780x500.jpg
IP 85.159.208.243:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 780x500, components 3\012- data
Size 123 kB (123142 bytes)
Hash 81d7199d2546e8dbcbdf31556e1ad53c
8c76ae65a4c3a0b30b2fc89344040925ace3b854
3ddaa6c1703850d3bc86a3175c01fe4a1f0f7f0d4a7c0a986de696ee809f4057
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/11/monaco-travel-780x500.jpg HTTP/1.1
Host: gsites14.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gsites14.com/
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 07 Dec 2022 04:04:46 GMT
Content-Type: image/jpeg
Content-Length: 123142
Last-Modified: Mon, 01 Nov 2021 10:07:27 GMT
Connection: keep-alive
ETag: "617fbc5f-1e106"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
gsites14.com/wp-content/uploads/2019/07/20110723_Venice_Basilica_di_San_Marco_5104-1500x630-780x405.jpg
85.159.208.243200 OK 86 kB URL HTTP/1.1 gsites14.com/wp-content/uploads/2019/07/20110723_Venice_Basilica_di_San_Marco_5104-1500x630-780x405.jpg
IP 85.159.208.243:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 780x405, components 3\012- data
Hash b963cf4026bbeb208f0acd49a93769b9
82876a36133dfa5b96d52b0bebd4f208b6d121e7
38b8c97b26eaaf473ef2a5692fd825104e262e5c2ae1635b42808af265bd0dc9
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2019/07/20110723_Venice_Basilica_di_San_Marco_5104-1500x630-780x405.jpg HTTP/1.1
Host: gsites14.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gsites14.com/
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 07 Dec 2022 04:04:46 GMT
Content-Type: image/jpeg
Content-Length: 85565
Last-Modified: Mon, 01 Jul 2019 07:10:31 GMT
Connection: keep-alive
ETag: "5d19b1e7-14e3d"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
gsites14.com/wp-content/themes/jannah/assets/fonts/fontawesome/fontawesome-webfont.woff2
85.159.208.243200 OK 77 kB URL HTTP/1.1 gsites14.com/wp-content/themes/jannah/assets/fonts/fontawesome/fontawesome-webfont.woff2
IP 85.159.208.243:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/jannah/assets/fonts/fontawesome/fontawesome-webfont.woff2 HTTP/1.1
Host: gsites14.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://gsites14.com/wp-content/themes/jannah/assets/css/style.css
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 07 Dec 2022 04:04:46 GMT
Content-Type: font/woff2
Content-Length: 77160
Last-Modified: Mon, 17 Jun 2019 09:01:35 GMT
Connection: keep-alive
ETag: "5d0756ef-12d68"
Accept-Ranges: bytes
gsites14.com/wp-content/uploads/2021/11/tenerife_canary_-780x500.jpg
85.159.208.243200 OK 140 kB URL HTTP/1.1 gsites14.com/wp-content/uploads/2021/11/tenerife_canary_-780x500.jpg
IP 85.159.208.243:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 780x500, components 3\012- data
Size 140 kB (139680 bytes)
Hash 92355199b48febc5bf4628bc8a5d4f68
47038b9f0ac995bd7a67a21b39cf847e076b1193
ac2ca04a0d4fd7cea3e6a2dbde3245edf20157425b4afa76d1b57f603ba8bf2f
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/11/tenerife_canary_-780x500.jpg HTTP/1.1
Host: gsites14.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gsites14.com/
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 07 Dec 2022 04:04:46 GMT
Content-Type: image/jpeg
Content-Length: 139680
Last-Modified: Mon, 01 Nov 2021 08:45:41 GMT
Connection: keep-alive
ETag: "617fa935-221a0"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
gsites14.com/wp-content/themes/jannah/assets/fonts/tiefonticon/tiefonticon.ttf
85.159.208.243200 OK 8.9 kB URL HTTP/1.1 gsites14.com/wp-content/themes/jannah/assets/fonts/tiefonticon/tiefonticon.ttf
IP 85.159.208.243:0
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, tiefonticon\012- data
Hash f6c774fed2694d98d4d08d2fcebffaab
61f27f178c050cd4c722f334e4a4690e0d581486
3e5fe3d9f3103e880a68f6ce8ab0d505eea2b6ea38daf1b873304cb6f837cbe4
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/jannah/assets/fonts/tiefonticon/tiefonticon.ttf HTTP/1.1
Host: gsites14.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gsites14.com/wp-content/themes/jannah/assets/css/style.css
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 07 Dec 2022 04:04:46 GMT
Content-Type: application/octet-stream
Content-Length: 8916
Last-Modified: Mon, 17 Jun 2019 09:01:35 GMT
Connection: keep-alive
ETag: "5d0756ef-22d4"
Accept-Ranges: bytes
gsites14.com/wp-content/uploads/2021/11/Cooper-falls-1-780x500.jpg
85.159.208.243200 OK 123 kB URL HTTP/1.1 gsites14.com/wp-content/uploads/2021/11/Cooper-falls-1-780x500.jpg
IP 85.159.208.243:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 780x500, components 3\012- data
Size 123 kB (122561 bytes)
Hash b667e05799844adb2af2d59f73a61e57
9c416860eadfe09e34b4654886f0314adda91f80
76aba8933fcceb40995a873b0d16649016fcbe88dd4979f897783ccf178a44d3
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/11/Cooper-falls-1-780x500.jpg HTTP/1.1
Host: gsites14.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gsites14.com/
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 07 Dec 2022 04:04:46 GMT
Content-Type: image/jpeg
Content-Length: 122561
Last-Modified: Mon, 01 Nov 2021 07:21:12 GMT
Connection: keep-alive
ETag: "617f9568-1dec1"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
gsites14.com/wp-content/uploads/2021/11/ddea9504d755c4f0ba8bdfe93e364f48-780x500.jpg
85.159.208.243200 OK 116 kB URL HTTP/1.1 gsites14.com/wp-content/uploads/2021/11/ddea9504d755c4f0ba8bdfe93e364f48-780x500.jpg
IP 85.159.208.243:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 780x500, components 3\012- data
Size 116 kB (115835 bytes)
Hash fdcfb1eaf151f870908c194378f85f6c
711b1eaf2ba07274540cd8947acfbe0f1c76db57
bb60951a63236e98085d4f74467067c577ea2c13c99c424c840e75546adece7d
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/11/ddea9504d755c4f0ba8bdfe93e364f48-780x500.jpg HTTP/1.1
Host: gsites14.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gsites14.com/
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 07 Dec 2022 04:04:46 GMT
Content-Type: image/jpeg
Content-Length: 115835
Last-Modified: Mon, 01 Nov 2021 07:05:37 GMT
Connection: keep-alive
ETag: "617f91c1-1c47b"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
gsites14.com/wp-content/uploads/2021/11/monaco-travel-390x220.jpg
85.159.208.243200 OK 32 kB URL HTTP/1.1 gsites14.com/wp-content/uploads/2021/11/monaco-travel-390x220.jpg
IP 85.159.208.243:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 390x220, components 3\012- data
Hash af8729b6ec026cd1c10be404b11ae2f1
3a38f2a99cad5e0a0881b049d16fbcbed824abcb
8979950fb638271ba84ebbf405b8c8fe00fb5161329cfc0980ad12c22bf6925d
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/11/monaco-travel-390x220.jpg HTTP/1.1
Host: gsites14.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gsites14.com/
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 07 Dec 2022 04:04:46 GMT
Content-Type: image/jpeg
Content-Length: 32183
Last-Modified: Mon, 01 Nov 2021 10:07:27 GMT
Connection: keep-alive
ETag: "617fbc5f-7db7"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
gsites14.com/wp-content/uploads/2021/11/Cooper-falls-1-390x220.jpg
85.159.208.243200 OK 33 kB URL HTTP/1.1 gsites14.com/wp-content/uploads/2021/11/Cooper-falls-1-390x220.jpg
IP 85.159.208.243:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 390x220, components 3\012- data
Hash 3e0c099bbe3ee2d1df8e268633e5db8d
b02fea3d8eedfe0bc7c9399a034c7c602cfd971a
58a4b70136628591658c4028790a78fc57398c6e80c152ef5366e212bc2e1ec6
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/11/Cooper-falls-1-390x220.jpg HTTP/1.1
Host: gsites14.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gsites14.com/
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 07 Dec 2022 04:04:46 GMT
Content-Type: image/jpeg
Content-Length: 32809
Last-Modified: Mon, 01 Nov 2021 07:21:12 GMT
Connection: keep-alive
ETag: "617f9568-8029"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
gsites14.com/wp-content/uploads/2021/11/modern-istanbul-390x220.jpg
85.159.208.243200 OK 30 kB URL HTTP/1.1 gsites14.com/wp-content/uploads/2021/11/modern-istanbul-390x220.jpg
IP 85.159.208.243:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 390x220, components 3\012- data
Hash bbc9e2b9b02d651c8fab2d635a4eeef5
9cee900b45d05564fccd6e101875e920cbc339be
dbe5ac29b408a02a473e6bf4036f8eed4c8bb9c9c489f4b1074523ff94e27c37
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/11/modern-istanbul-390x220.jpg HTTP/1.1
Host: gsites14.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gsites14.com/
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 07 Dec 2022 04:04:46 GMT
Content-Type: image/jpeg
Content-Length: 30210
Last-Modified: Mon, 01 Nov 2021 09:37:29 GMT
Connection: keep-alive
ETag: "617fb559-7602"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
gsites14.com/wp-content/uploads/2021/11/tenerife_canary_-390x220.jpg
85.159.208.243200 OK 33 kB URL HTTP/1.1 gsites14.com/wp-content/uploads/2021/11/tenerife_canary_-390x220.jpg
IP 85.159.208.243:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 390x220, components 3\012- data
Hash 3360be4862df7e06cd4a633272e85af2
d05f9f5fa8b7da788adc5a4dcf31f3e8f9cf67a5
0c1887e3f713f0846a4c9ba63d68b2a9719609813b4a7ea9273599ecaaba93d5
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/11/tenerife_canary_-390x220.jpg HTTP/1.1
Host: gsites14.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gsites14.com/
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 07 Dec 2022 04:04:46 GMT
Content-Type: image/jpeg
Content-Length: 32966
Last-Modified: Mon, 01 Nov 2021 08:45:40 GMT
Connection: keep-alive
ETag: "617fa934-80c6"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
gsites14.com/wp-content/uploads/2021/11/ddea9504d755c4f0ba8bdfe93e364f48-390x220.jpg
85.159.208.243200 OK 28 kB URL HTTP/1.1 gsites14.com/wp-content/uploads/2021/11/ddea9504d755c4f0ba8bdfe93e364f48-390x220.jpg
IP 85.159.208.243:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 390x220, components 3\012- data
Hash 6237f2f3170c2fd58026aba434411f51
2dfcc97c8cd6b3874c82260d6393a9b68ca0d2ba
11c58c9ed6d66dd110e8a0e8e7e6d2e29a29c6c72fd753b1c10f2a5da3827991
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/11/ddea9504d755c4f0ba8bdfe93e364f48-390x220.jpg HTTP/1.1
Host: gsites14.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gsites14.com/
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 07 Dec 2022 04:04:46 GMT
Content-Type: image/jpeg
Content-Length: 28536
Last-Modified: Mon, 01 Nov 2021 07:05:37 GMT
Connection: keep-alive
ETag: "617f91c1-6f78"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
gsites14.com/wp-content/uploads/2021/11/pexels-quang-nguyen-vinh-2144200-390x220.jpg
85.159.208.243200 OK 22 kB URL HTTP/1.1 gsites14.com/wp-content/uploads/2021/11/pexels-quang-nguyen-vinh-2144200-390x220.jpg
IP 85.159.208.243:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 390x220, components 3\012- data
Hash 3142178358c383dacc974508cf8ac6cd
c8d69e76809bd08dc53519da3eda1c12f38bb58c
b98f01fea0046f3e2c6d80cd1b412c0a57e5c5832b35fe8d71e6a70a1e3af10d
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/11/pexels-quang-nguyen-vinh-2144200-390x220.jpg HTTP/1.1
Host: gsites14.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gsites14.com/
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 07 Dec 2022 04:04:46 GMT
Content-Type: image/jpeg
Content-Length: 22276
Last-Modified: Mon, 01 Nov 2021 06:07:53 GMT
Connection: keep-alive
ETag: "617f8439-5704"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
142.250.74.138200 OK 5.4 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
IP 142.250.74.138:0
File type ASCII text, with very long lines (2134)
Hash 30ca3165d143baf2835023bfcf463450
62c662c0873b79a314c040fef28dcd29abb14480
4f405d00e8ced09d5826e3e070b7e4d3f3556f856ca790b0b4a2c2eaaf58d33b
GET /ajax/libs/webfont/1/webfont.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gsites14.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 5437
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 02 Dec 2022 11:19:05 GMT
Expires: Sat, 02 Dec 2023 11:19:05 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Age: 405941
gsites14.com/wp-content/uploads/2019/07/DowDzeKX4AA3gF9-780x405.jpg
85.159.208.243200 OK 95 kB URL HTTP/1.1 gsites14.com/wp-content/uploads/2019/07/DowDzeKX4AA3gF9-780x405.jpg
IP 85.159.208.243:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 780x405, components 3\012- data
Hash 5c6f707d63869f9d3dfdf211a75f964e
3a152a7f35b933e03968cdf7b13a8a6fda2e4921
a9017c866416626ee0120802013dd03f6ab5e0638304d85911b3829dd4d9d8a4
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2019/07/DowDzeKX4AA3gF9-780x405.jpg HTTP/1.1
Host: gsites14.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gsites14.com/
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 07 Dec 2022 04:04:46 GMT
Content-Type: image/jpeg
Content-Length: 95389
Last-Modified: Mon, 01 Jul 2019 07:03:25 GMT
Connection: keep-alive
ETag: "5d19b03d-1749d"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
gsites14.com/wp-content/uploads/2019/07/img-Padova-Prato-della-Valle-700x405.jpg
85.159.208.243200 OK 73 kB URL HTTP/1.1 gsites14.com/wp-content/uploads/2019/07/img-Padova-Prato-della-Valle-700x405.jpg
IP 85.159.208.243:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 700x405, components 3\012- data
Hash e9ef5546be96955b33cf5108d8d29e37
0c3832fb871b014a62a7a6af91a1e201e8f01b44
6372d3a62fd244cdd99f87cc09fd55fa3c3f3375bce4750242eb954359014236
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2019/07/img-Padova-Prato-della-Valle-700x405.jpg HTTP/1.1
Host: gsites14.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gsites14.com/
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 07 Dec 2022 04:04:46 GMT
Content-Type: image/jpeg
Content-Length: 73044
Last-Modified: Mon, 01 Jul 2019 06:55:18 GMT
Connection: keep-alive
ETag: "5d19ae56-11d54"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
gsites14.com/wp-content/uploads/2019/07/img-Torre-Eiffel-Parigi-700x405.jpg
85.159.208.243200 OK 26 kB URL HTTP/1.1 gsites14.com/wp-content/uploads/2019/07/img-Torre-Eiffel-Parigi-700x405.jpg
IP 85.159.208.243:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 700x405, components 3\012- data
Hash 8c8e9329af855fda85164607ac7d5d2e
a79550a181494a467434eda27ea89e3fa91829c7
8ac706b50749b289ee1901f131bd31749fadbadc073521f5e58d59a11e72155f
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2019/07/img-Torre-Eiffel-Parigi-700x405.jpg HTTP/1.1
Host: gsites14.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gsites14.com/
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 07 Dec 2022 04:04:46 GMT
Content-Type: image/jpeg
Content-Length: 26030
Last-Modified: Mon, 01 Jul 2019 08:39:15 GMT
Connection: keep-alive
ETag: "5d19c6b3-65ae"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
gsites14.com/wp-content/uploads/2019/07/img-Rijskmuseum-Amsterdam.jpg
85.159.208.243200 OK 162 kB URL HTTP/1.1 gsites14.com/wp-content/uploads/2019/07/img-Rijskmuseum-Amsterdam.jpg
IP 85.159.208.243:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, datetime=2019:06:19 10:51:56], baseline, precision 8, 700x393, components 3\012- data
Size 162 kB (161561 bytes)
Hash 86993421be4a5a661df50cf676a4c4a9
d57dc6b2ccd2940e6c2fdfe517ab9f722b2ee4a9
cc988d72158c7ebde8ed1de8140d892e293d06139a50351cd78032daab9ed47f
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2019/07/img-Rijskmuseum-Amsterdam.jpg HTTP/1.1
Host: gsites14.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gsites14.com/
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 07 Dec 2022 04:04:46 GMT
Content-Type: image/jpeg
Content-Length: 161561
Last-Modified: Mon, 01 Jul 2019 06:43:30 GMT
Connection: keep-alive
ETag: "5d19ab92-27719"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
fonts.googleapis.com/css?family=Brawler%7CLora:regular,500,600,700%7CPT+Sans:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,800,800italic,900,900italic&subset=latin,latin,latin
142.250.74.106200 OK 823 B URL HTTP/1.1 fonts.googleapis.com/css?family=Brawler%7CLora:regular,500,600,700%7CPT+Sans:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,800,800italic,900,900italic&subset=latin,latin,latin
IP 142.250.74.106:0
Hash dd00a1ef438947f93eac078057a719e0
ab6aedf3793099a5b9696c91689f04b389ef0b0c
c2305a545b340e7e0d9b8d7c0485a9430787fbb6705c00f2f399c6ee2575ca8a
GET /css?family=Brawler%7CLora:regular,500,600,700%7CPT+Sans:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,800,800italic,900,900italic&subset=latin,latin,latin HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gsites14.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Wed, 07 Dec 2022 04:04:46 GMT
Date: Wed, 07 Dec 2022 04:04:46 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
fonts.gstatic.com/s/brawler/v19/xn7gYHE3xXewAscGggexSg.woff2
216.58.207.227200 OK 22 kB URL HTTP/1.1 fonts.gstatic.com/s/brawler/v19/xn7gYHE3xXewAscGggexSg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 21504, version 1.0\012- data
Hash 47cc92ff76a67a39251f9dd89e3f559e
bc689f3f993c5624cc77256449e2ab0cd1a79422
3a8ff276cddf9b6a80e79916abe322fb8b6da9bb6fb2d1860844b0e406472148
GET /s/brawler/v19/xn7gYHE3xXewAscGggexSg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://gsites14.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 21504
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sun, 04 Dec 2022 05:24:31 GMT
Expires: Mon, 04 Dec 2023 05:24:31 GMT
Cache-Control: public, max-age=31536000
Age: 254416
Last-Modified: Thu, 21 Apr 2022 16:45:18 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/lora/v26/0QIvMX1D_JOuMwr7Iw.woff2
216.58.207.227200 OK 36 kB URL HTTP/1.1 fonts.gstatic.com/s/lora/v26/0QIvMX1D_JOuMwr7Iw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 35660, version 1.0\012- data
Hash 0d0d3e5824e5e67a9e993960df2b67a9
328d67bb1d5899a7809df9f4385181863fd035f1
38da98e06ba18c4204f547d30572cd81a2dd3fd5438d306856d2617480ee8639
GET /s/lora/v26/0QIvMX1D_JOuMwr7Iw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://gsites14.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 35660
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 02 Dec 2022 07:12:31 GMT
Expires: Sat, 02 Dec 2023 07:12:31 GMT
Cache-Control: public, max-age=31536000
Age: 420736
Last-Modified: Mon, 15 Aug 2022 18:07:59 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
216.58.207.227200 OK 45 kB URL HTTP/1.1 fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 45300, version 1.0\012- data
Hash 5fe660c3a23b871807b0e1d3ee973d23
62a9dd423b30b6ee3ab3dd40d573545d579af10a
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
GET /s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://gsites14.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 45300
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 01 Dec 2022 00:09:49 GMT
Expires: Fri, 01 Dec 2023 00:09:49 GMT
Cache-Control: public, max-age=31536000
Age: 532498
Last-Modified: Wed, 27 Apr 2022 16:11:08 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
216.58.207.227200 OK 47 kB URL HTTP/1.1 fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 47048, version 1.0\012- data
Hash 87a1556b696ae2cb1a726bd8c4584a2f
1be0f6f39e0cf316f9827f945eeeaef8294cc37b
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
GET /s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://gsites14.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 47048
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 01 Dec 2022 08:14:18 GMT
Expires: Fri, 01 Dec 2023 08:14:18 GMT
Cache-Control: public, max-age=31536000
Age: 503429
Last-Modified: Wed, 27 Apr 2022 16:55:54 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/ptsans/v17/jizYRExUiTo99u79D0e0x8mI.woff2
216.58.207.227200 OK 42 kB URL HTTP/1.1 fonts.gstatic.com/s/ptsans/v17/jizYRExUiTo99u79D0e0x8mI.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 42500, version 1.0\012- data
Hash 8c5246074400a5141ea18bf48dff17ee
b0650d9d042dfdc6e5fbc3b9f79f87822f9ee689
595c14bd7589b069e4570ba658cfab8850611639e8a077ca84ef263bfa4671f9
GET /s/ptsans/v17/jizYRExUiTo99u79D0e0x8mI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://gsites14.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 42500
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 02 Dec 2022 02:28:41 GMT
Expires: Sat, 02 Dec 2023 02:28:41 GMT
Cache-Control: public, max-age=31536000
Age: 437766
Last-Modified: Wed, 27 Apr 2022 16:01:40 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/ptsans/v17/jizdRExUiTo99u79D0e8fOydLxUd.woff2
216.58.207.227200 OK 33 kB URL HTTP/1.1 fonts.gstatic.com/s/ptsans/v17/jizdRExUiTo99u79D0e8fOydLxUd.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 32964, version 1.0\012- data
Hash 837e4f7f18f25636413ecd6a72074b7c
7f988c4b121f5afae056d467c2c9e5d16d4fb844
001d8a10f7fa65efb142212df4f00867320cda3b9ee9075d7dbe50ef090e14e0
GET /s/ptsans/v17/jizdRExUiTo99u79D0e8fOydLxUd.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://gsites14.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 32964
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 03 Dec 2022 03:52:20 GMT
Expires: Sun, 03 Dec 2023 03:52:20 GMT
Cache-Control: public, max-age=31536000
Age: 346347
Last-Modified: Wed, 27 Apr 2022 16:06:22 GMT
Content-Type: font/woff2
gsites14.com/?wc-ajax=get_refreshed_fragments
85.159.208.243200 OK 338 B URL HTTP/1.1 gsites14.com/?wc-ajax=get_refreshed_fragments
IP 85.159.208.243:0
File type JSON data\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (698), with no line terminators
Hash 4c1f2e3a47a092112aaf29c63f9f35c0
89307fb553ca2a7a241fe118df1b6bfb1977040a
450dcb2348248dc03a74409b127c1233c33eadecd2a60aeaddd3a3836769e075
Analyzer Verdict Alert quad9 Sinkholed
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: gsites14.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: http://gsites14.com
Connection: keep-alive
Referer: http://gsites14.com/
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 07 Dec 2022 04:04:47 GMT
Content-Type: application/json; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-UA-Compatible: IE=edge
Access-Control-Allow-Origin: http://gsites14.com
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4305
Expires: Wed, 07 Dec 2022 05:16:32 GMT
Date: Wed, 07 Dec 2022 04:04:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4305
Expires: Wed, 07 Dec 2022 05:16:32 GMT
Date: Wed, 07 Dec 2022 04:04:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4305
Expires: Wed, 07 Dec 2022 05:16:32 GMT
Date: Wed, 07 Dec 2022 04:04:47 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3a455f5-9c19-4e6f-ab7a-1fe9c399118f.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3a455f5-9c19-4e6f-ab7a-1fe9c399118f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a0f0782df385287698881f1c19e79b96
5a25f245b594f6cbf2fdaeed2463ac5fbc08068a
4f795cd2286e194cd96751e6a4e3bd0da09c6db5344182e51986b65149e75cd7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3a455f5-9c19-4e6f-ab7a-1fe9c399118f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8579
x-amzn-requestid: 0efa303a-364e-488d-beac-24836c7c1e4f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlirE2KoAMFX9g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb610-5564a0c0264ed36f0497e17e;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:37:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: xpzGji_JAWkUjhXLouXWlin6rV-44shz6Z_STqo7uK7ZUV2PWs7Zpg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:57:19 GMT
etag: "5a25f245b594f6cbf2fdaeed2463ac5fbc08068a"
content-type: image/jpeg
age: 22048
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa051c24a-9b15-4802-8ffe-63154898a5cf.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa051c24a-9b15-4802-8ffe-63154898a5cf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 639e2589368c582a78dfccb17890f552
158b89c849ca0728151fd6d46f06b1d2c01afead
a2ae55dd59cbbf2fcb5ff552b450a1622156230425c1f430a44a791bfa55b3b3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa051c24a-9b15-4802-8ffe-63154898a5cf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5216
x-amzn-requestid: de340de7-410c-4481-85c4-0aec052ccf6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKUYFBzIAMFgsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abdb5-2f96b0db47a0aaaa057b5135;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:08:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qFeyXtnAicW0KDNjDmtP398s2j-OMl3H7Uim4Sr52kgmMtcnEefgZw==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 07:24:07 GMT
age: 74440
etag: "158b89c849ca0728151fd6d46f06b1d2c01afead"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
gsites14.com/favicon.ico
85.159.208.243302 Found 0 B IP 85.159.208.243:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: gsites14.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gsites14.com/
HTTP/1.1 302 Found
Server: openresty
Date: Wed, 07 Dec 2022 04:04:47 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-UA-Compatible: IE=edge
Link: <http://gsites14.com/wp-json/>; rel="https://api.w.org/"
X-Redirect-By: WordPress
Location: http://gsites14.com/wp-includes/images/w-logo-blue-white-bg.png
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5025a35-c128-4d8f-a429-7148aaebb3b1.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5025a35-c128-4d8f-a429-7148aaebb3b1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f38ce0fb35ef0fc66b61cafd2b09eeb6
aded2fe97a129dc820ba9d6d7605aeadfe17c15c
39bcb5e0c3a9cd39c0fcefbffd9e6f949bb9d85f0bee2b0b7c5cb999b508b1c1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5025a35-c128-4d8f-a429-7148aaebb3b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9781
x-amzn-requestid: 24355473-a83a-42b6-bdf3-ae2c39f7f3eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ccq48GfKoAMFjmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63882505-2f58dd012665cb131ceff8f2;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 03:52:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VySWUb7U2HlkyL8T1PCOzSDXNSDJDRIIF1PAnwaK2DHiGJFGGzRCOQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 22:30:30 GMT
age: 20057
etag: "aded2fe97a129dc820ba9d6d7605aeadfe17c15c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167b7461-ee08-4205-a299-12e7c883b958.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167b7461-ee08-4205-a299-12e7c883b958.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4884ce2731d3033b12e4792c1bbf453e
63b6efc98cb04228d82ac28fceb97bb1cf8d82fb
8c37704d0e1fd16239e28cbdb88c5ac6a2e9cfb70f8457bfab127202f89d3788
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167b7461-ee08-4205-a299-12e7c883b958.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14896
x-amzn-requestid: 58d94b15-dce0-44c0-96b1-917f1206a39e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cnA4RFkeoAMFfGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c4834-7c1667b53795d5c11a3bfdda;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 07:11:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tM0WOO_Ypgj2QxJSz9GHZZTsKjzsvyD6tjpp4G0ZpuGAIGmnEe4oqQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 08:11:23 GMT
age: 71604
etag: "63b6efc98cb04228d82ac28fceb97bb1cf8d82fb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feeb81330-af0b-4cc3-bd0e-591ba064667a.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feeb81330-af0b-4cc3-bd0e-591ba064667a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9257f2e3b9bd1b3aa262b0f4bf57968
4bcdd6ecd63834aa1010faf19457a97f37ae99fa
9afd592279c51b533b3bf72a860cf4a8f2bc6cf01b07d1ab6f11f0ff302e0ef6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feeb81330-af0b-4cc3-bd0e-591ba064667a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7392
x-amzn-requestid: f4b6890a-7a8f-48f8-b2af-365cb5f681e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpwREFiXoAMFSMw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d60d3-009e524f30c72d0629c877bb;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 03:09:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: C0-H0LUbxaxMEXoDf6PXEFAvVTj2D9K2M7eshRo39QzAAWSk2ubepA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 03:15:41 GMT
age: 2946
etag: "4bcdd6ecd63834aa1010faf19457a97f37ae99fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e95ebce9d79ba46cb96af9a45af1762f
985c6761675e6bcc0186f64d55f94cf09352f05c
5837d6bf31e57f955ba2577f112281cc33a5502b358c83192f4e396b57042ac0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8438
x-amzn-requestid: 0f5d1b0e-1193-4006-8a54-555681d9f62e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlqVGMjoAMFS6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb641-6366ea6464122d857407cdff;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:38:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nm0qQpo75zvDYWxv8V3GvOSBFenh8ocfjV9d02Mc2l-ABieIb3h2uA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:53:40 GMT
age: 22267
etag: "985c6761675e6bcc0186f64d55f94cf09352f05c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
gsites14.com/wp-includes/images/w-logo-blue-white-bg.png
85.159.208.243200 OK 4.1 kB URL HTTP/1.1 gsites14.com/wp-includes/images/w-logo-blue-white-bg.png
IP 85.159.208.243:0
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 000bf649cc8f6bf27cfb04d1bcdcd3c7
d73d2f6d74ec6cdcbae07955592962e77d8ae814
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: gsites14.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://gsites14.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 07 Dec 2022 04:04:47 GMT
Content-Type: image/png
Content-Length: 4119
Last-Modified: Thu, 11 Jun 2020 01:06:40 GMT
Connection: keep-alive
ETag: "5ee183a0-1017"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes