clicks.carbonpath.shop/kbpgugh/vjasbl1198gfhnxbamw/fp5t_ca8dkgeta5maty10xvgdjf7xuvkwflcnjmo9ai/oy1opfba3acuy80xa-iiiw3-5zie61s-o_pq2r3ueu1qamwpu0h3pyzgb7eqj7885xzjxqv4fjr7whpdztcyia
172.67.180.155200 OK 492 B URL HTTP/1.1 clicks.carbonpath.shop/kbpgugh/vjasbl1198gfhnxbamw/fp5t_ca8dkgeta5maty10xvgdjf7xuvkwflcnjmo9ai/oy1opfba3acuy80xa-iiiw3-5zie61s-o_pq2r3ueu1qamwpu0h3pyzgb7eqj7885xzjxqv4fjr7whpdztcyia
IP 172.67.180.155:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c30382c7d407c59c93f053c93106307b
e599d94039d37e44126ef5f8a42e347611a2bfdc
b16ed930639f4c9094e64be631c8ce91a4f3ae46c3ff403c016de934c3933b56
Analyzer Verdict Alert quad9 Sinkholed
GET /kbpgugh/vjasbl1198gfhnxbamw/fp5t_ca8dkgeta5maty10xvgdjf7xuvkwflcnjmo9ai/oy1opfba3acuy80xa-iiiw3-5zie61s-o_pq2r3ueu1qamwpu0h3pyzgb7eqj7885xzjxqv4fjr7whpdztcyia HTTP/1.1
Host: clicks.carbonpath.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 06:14:42 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LWsHQXapP%2FkMhOME6dSRDebYTZX%2BNFnDL3hw8U0KOyonDjauoEy7%2Bw5Q9qIYPHsSDmJ6DUAPCXIvOFVNoaDDbpqNbTc%2FBsSuRCRk5ylbLYpmFLf2sG6A0nDLDHg3JZ5%2BJbsssn8nPtXi"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77ad85251ce40afe-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 96367f956a4177aec7e7e80221539d58
8dcad10fde96c139d1ef212388cb6755fe3fe077
f4f9bdb5180359dfd734cef1e6f1b54bc9d8f72cae557366eb74f22100b94dc4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F4F9BDB5180359DFD734CEF1E6F1B54BC9D8F72CAE557366EB74F22100B94DC4"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5426
Expires: Sat, 17 Dec 2022 07:45:08 GMT
Date: Sat, 17 Dec 2022 06:14:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ae86164fd9297dfdc05d67d69284d70e
5e5f27e3fd492f715baa6820f05c0fafde4040b3
be20f6ae6a51d20611cb4d350b52a5d0a339af6722fe9b2482ef58826c1e9de0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE20F6AE6A51D20611CB4D350B52A5D0A339AF6722FE9B2482EF58826C1E9DE0"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15136
Expires: Sat, 17 Dec 2022 10:26:58 GMT
Date: Sat, 17 Dec 2022 06:14:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 555fc6e99ad3bf077d1c4b9b805e428d
4e800fc8e809a950288df0e94992084647762561
fac00cada519279717e2a13528cb202d292fc92ed5eb42782c41f8e7b9509eaf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAC00CADA519279717E2A13528CB202D292FC92ED5EB42782C41F8E7B9509EAF"
Last-Modified: Fri, 16 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5421
Expires: Sat, 17 Dec 2022 07:45:04 GMT
Date: Sat, 17 Dec 2022 06:14:43 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 17 Dec 2022 05:45:17 GMT
content-type: application/json
age: 1766
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 9J/wFs8nrQY8cSeaPkVo0x5BwxaXLg1rkyeWkfntOV+ednV37t0p+NqNM+26dxLQ65J7P2G2ARI=
x-amz-request-id: NS4DHCQHZ2MKF4WR
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 17 Dec 2022 05:51:40 GMT
age: 1383
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 17 Dec 2022 06:14:43 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8cffeaa037aa43ee5dd38d9bf940f0ec
385130d35323155499a61e73e16a9d9e7a6448b5
2938e838bf98de278488e22b736756400136c887e31b44fc608c4da2a07e6ae4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 06:14:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-22484186-3
172.217.21.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-22484186-3
IP 172.217.21.168:0
File type ASCII text, with very long lines (1921)
Hash c3984e4338935d8e4121cf6b0aa4a46b
5c5487b9764911a6323f360e480d27e72acb948c
0c3f065bbac53033a4088e2e7fdc348ce31ede3b90083d6ee31a66def5f64080
GET /gtag/js?id=UA-22484186-3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 17 Dec 2022 06:14:43 GMT
expires: Sat, 17 Dec 2022 06:14:43 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43582
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8cffeaa037aa43ee5dd38d9bf940f0ec
385130d35323155499a61e73e16a9d9e7a6448b5
2938e838bf98de278488e22b736756400136c887e31b44fc608c4da2a07e6ae4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 06:14:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
clicks.carbonpath.shop/jquery-1.11.0.min.js
172.67.180.155200 OK 33 kB URL HTTP/1.1 clicks.carbonpath.shop/jquery-1.11.0.min.js
IP 172.67.180.155:0
File type ASCII text, with very long lines (32341)
Hash 95fe3f4dd117c33f6015e1c3d6df1d0d
d5b8856932d1ea63f51824de0bb50670d2e960bc
e6945ac3f1927f242a9fd7a5cf67720f7763888127a7427eb24ffc52019d4b16
Analyzer Verdict Alert quad9 Sinkholed
GET /jquery-1.11.0.min.js HTTP/1.1
Host: clicks.carbonpath.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/kbpgugh/vjasbl1198gfhnxbamw/fp5t_ca8dkgeta5maty10xvgdjf7xuvkwflcnjmo9ai/oy1opfba3acuy80xa-iiiw3-5zie61s-o_pq2r3ueu1qamwpu0h3pyzgb7eqj7885xzjxqv4fjr7whpdztcyia
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 06:14:43 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 18:56:20 GMT
ETag: W/"6388f8d4-1787d"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t3nb8kiqu5hY%2BCyEDsScXmpyKWKFdAJ9mYM26LqyLoLLkNLO%2B0ctdga8uCg7n8fdqBbcCEcnUgg4jDl1lJ7%2FdLkcRg98B1RE4%2FKDQHg58Ehfp9SxUifAZqiXzLgxrB39kPya3K1eowOO"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ad85279daa0afe-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Last-Modified, ETag, Cache-Control, Alert, Content-Length, Pragma, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 17 Dec 2022 05:33:23 GMT
age: 2480
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
clicks.carbonpath.shop//offer.php?id=172&sid=1001038&h=fp5t_ca8dkgeta5maty10xvgdjf7xuvkwflcnjmo9ai/oy1opfba3acuy80xa-iiiw3-5zie61s-o_pq2r3ueu1qamwpu0h3pyzgb7eqj7885xzjxqv4fjr7whpdztcyia
172.67.180.155200 OK 278 B URL HTTP/1.1 clicks.carbonpath.shop//offer.php?id=172&sid=1001038&h=fp5t_ca8dkgeta5maty10xvgdjf7xuvkwflcnjmo9ai/oy1opfba3acuy80xa-iiiw3-5zie61s-o_pq2r3ueu1qamwpu0h3pyzgb7eqj7885xzjxqv4fjr7whpdztcyia
IP 172.67.180.155:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash bb39df4df5bf61faaf415febbd97f5d6
f133cfe1f8c0aa6c0e8482a375a3c781d2a41c21
543596b8556cb36dfb2b83b11a70cb5f9df25600124aad3263e9dc27470640f4
Analyzer Verdict Alert quad9 Sinkholed
GET //offer.php?id=172&sid=1001038&h=fp5t_ca8dkgeta5maty10xvgdjf7xuvkwflcnjmo9ai/oy1opfba3acuy80xa-iiiw3-5zie61s-o_pq2r3ueu1qamwpu0h3pyzgb7eqj7885xzjxqv4fjr7whpdztcyia HTTP/1.1
Host: clicks.carbonpath.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/kbpgugh/vjasbl1198gfhnxbamw/fp5t_ca8dkgeta5maty10xvgdjf7xuvkwflcnjmo9ai/oy1opfba3acuy80xa-iiiw3-5zie61s-o_pq2r3ueu1qamwpu0h3pyzgb7eqj7885xzjxqv4fjr7whpdztcyia
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 06:14:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ja0UwU%2FAIpiP8ZaxXwKnz187jCw7qlDON%2FImeYMRKRUv80OhoSOI70fpvWNr%2Bwk%2BBSFUfjWxxk4nIs2SMDR%2FiUtGDLzn4LOIgJ4D5BZBWgspfbgBmAlK0K5eOa1rask7tgZwVP2IxYNF"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77ad852a0ed30afe-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 142400be99b933ea5e0c68ea6a6b3e89
80e94132940e5ebe69dd0a03396764127b8fda49
20e8cde3c6907a3c5d97fe9fbcf6a44035e1f7482f7e166adb2c38a30a9084ea
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3713
Cache-Control: max-age=100442
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 06:14:43 GMT
Etag: "639c352c-1d7"
Expires: Sun, 18 Dec 2022 10:08:45 GMT
Last-Modified: Fri, 16 Dec 2022 09:06:52 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
clicks.carbonpath.shop/clicks/iTrack.php?sid=1001038&h=fp5t_ca8dkgeta5maty10xvgdjf7xuvkwflcnjmo9ai/oy1opfba3acuy80xa-iiiw3-5zie61s-o_pq2r3ueu1qamwpu0h3pyzgb7eqj7885xzjxqv4fjr7whpdztcyia
172.67.180.155200 OK 6.4 kB URL HTTP/1.1 clicks.carbonpath.shop/clicks/iTrack.php?sid=1001038&h=fp5t_ca8dkgeta5maty10xvgdjf7xuvkwflcnjmo9ai/oy1opfba3acuy80xa-iiiw3-5zie61s-o_pq2r3ueu1qamwpu0h3pyzgb7eqj7885xzjxqv4fjr7whpdztcyia
IP 172.67.180.155:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (485), with CRLF line terminators
Hash f5c64539cf3bc2bf0dd43ac48a231cd9
af1f15fc046a51d13133e3d847e1089e57d7e4d0
30578010321992a06b0ec2e389573a827cfca147eb8ccd8cac3aac0669f9280f
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/iTrack.php?sid=1001038&h=fp5t_ca8dkgeta5maty10xvgdjf7xuvkwflcnjmo9ai/oy1opfba3acuy80xa-iiiw3-5zie61s-o_pq2r3ueu1qamwpu0h3pyzgb7eqj7885xzjxqv4fjr7whpdztcyia HTTP/1.1
Host: clicks.carbonpath.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 06:14:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=noM5S4LFNjSCGGU0FenQiVfYYgBefbLB8kqmwOcLFP%2B2T5BywFnxYe18OTAVETaPvqOxzOn5lzCPUK6gwMbx4JHkK20uJezEoHWBR99enYGZEeFHug7K4g9gFs91ZPDFfLH%2FYqK8rXIb"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77ad852b6f6d0afe-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
35.160.184.41101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.160.184.41:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: dz7IQ3gkP5/olaHqQuL5hA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: iuDtJOZjg/SkUGU1HNueRn+73FY=
clicks.carbonpath.shop/clicks/iTrack_files/css_002.css
172.67.180.155200 OK 338 B URL HTTP/1.1 clicks.carbonpath.shop/clicks/iTrack_files/css_002.css
IP 172.67.180.155:0
Hash 1edd2ac3d7761f916000dfd159d3f42e
dd14df8eb1c659ba50cb8937a69698666414810c
7c9a7d2053ba333d2bba6278fdeeaf857350cc699b1046800ee6c616072d84af
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/iTrack_files/css_002.css HTTP/1.1
Host: clicks.carbonpath.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/clicks/iTrack.php?sid=1001038&h=fp5t_ca8dkgeta5maty10xvgdjf7xuvkwflcnjmo9ai/oy1opfba3acuy80xa-iiiw3-5zie61s-o_pq2r3ueu1qamwpu0h3pyzgb7eqj7885xzjxqv4fjr7whpdztcyia
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 06:14:44 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: W/"6396c0f4-2d2"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Zi1TfaEaw4Iv8IEBRdcTriD4D7WpVsddwZ0faGhLcKYAgUuXx6%2BcsNwLJN8BbHN9AY2Kcijw9VGzQxsRiLvK5WzU96oGULqfLyS2ATP%2FGBqO1gedGnO2%2FXiYmZ0pDqBOvc%2BjFFR%2Bod7"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ad852cba76b4f3-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
clicks.carbonpath.shop/clicks/iTrack_files/jquery-3.2.1.min.js
172.67.180.155200 OK 30 kB URL HTTP/1.1 clicks.carbonpath.shop/clicks/iTrack_files/jquery-3.2.1.min.js
IP 172.67.180.155:0
File type ASCII text, with very long lines (32058), with CRLF line terminators
Hash 044dd3ebc6f866d2f19f4461526047a4
72c5978d6ff1ad56b2d33516a7fbb4d5cfd9a97a
7c1fb6c8cda1e037a01d8dfa1b11a57b8e1673c6abb4522ff2a9bb9070ec87e7
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/iTrack_files/jquery-3.2.1.min.js HTTP/1.1
Host: clicks.carbonpath.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/clicks/iTrack.php?sid=1001038&h=fp5t_ca8dkgeta5maty10xvgdjf7xuvkwflcnjmo9ai/oy1opfba3acuy80xa-iiiw3-5zie61s-o_pq2r3ueu1qamwpu0h3pyzgb7eqj7885xzjxqv4fjr7whpdztcyia
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 06:14:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: W/"6396c0f4-15287"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GyQbamhx2Jg%2FkIG3kkIdqVm169%2FdYQmXfdStC9x2VnlrTK0gY9Z8d0Svh%2FFT0kfG9XuImTCehFKn8tRll1mFQvNO9TuB%2Bln8qU1k4TAYouozZ6wsWsC31GDb%2BCi1b9BFw5tB%2FkMWaPuV"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ad852cdbec0af6-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
clicks.carbonpath.shop/clicks/iTrack_files/style.css
172.67.180.155200 OK 3.0 kB URL HTTP/1.1 clicks.carbonpath.shop/clicks/iTrack_files/style.css
IP 172.67.180.155:0
File type assembler source, ASCII text, with CRLF line terminators
Hash 1b5c0b8026b3f679da38c907364d9e37
cea7b729a8e03f5a4e8dcb0f4977490a7263a2d0
aaf369e727724cc8cd567cfc0c0b3891a374e445de29a3954f91df4cfdc0c33b
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/iTrack_files/style.css HTTP/1.1
Host: clicks.carbonpath.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/clicks/iTrack.php?sid=1001038&h=fp5t_ca8dkgeta5maty10xvgdjf7xuvkwflcnjmo9ai/oy1opfba3acuy80xa-iiiw3-5zie61s-o_pq2r3ueu1qamwpu0h3pyzgb7eqj7885xzjxqv4fjr7whpdztcyia
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 06:14:44 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:51:12 GMT
ETag: W/"6396c150-36d7"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=46WVMCgEtt8wawy29BmG%2BEHqZYhc4%2FZDNnwpLfHQDYJylSxCpTiiVkSkY%2FdTeRlaEUY1gT5kAx7%2BPcrxsCoNpWDKcqs2DdPB%2Bg2xeQkHhKmHMeKTTAzq3xZe2HkgHctWiH%2BSBxRHxT6w"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ad852cbe54b50f-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
clicks.carbonpath.shop/clicks/iTrack_files/css.css
172.67.180.155200 OK 1.0 kB URL HTTP/1.1 clicks.carbonpath.shop/clicks/iTrack_files/css.css
IP 172.67.180.155:0
Hash dc8145e4dd788530c20987afe075d60a
99db714da7a3ab721155f94d8b362b3d5779191f
f15f9af86d964ea196669f145ccdeb8f127bb43137818c1ae34f3591c79f83ac
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/iTrack_files/css.css HTTP/1.1
Host: clicks.carbonpath.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/clicks/iTrack.php?sid=1001038&h=fp5t_ca8dkgeta5maty10xvgdjf7xuvkwflcnjmo9ai/oy1opfba3acuy80xa-iiiw3-5zie61s-o_pq2r3ueu1qamwpu0h3pyzgb7eqj7885xzjxqv4fjr7whpdztcyia
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 06:14:44 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: W/"6396c0f4-51a3"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2sGNfOl6Ry1k%2FRVtNAr%2FILp3t9s5JE9WoRcUSqN6jBQ6kEGdROV1iijFUV4xEXWgmdjpJCYIjviiOAa04RsOaROeEiODpCDyMJhaopZ3oCVX%2BKQ61pFTRg2am36lCQKc0SOagB8EXG8Q"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ad852cbd591bfe-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
clicks.carbonpath.shop/clicks/iTrack_files/script.js
172.67.180.155404 Not Found 131 B URL HTTP/1.1 clicks.carbonpath.shop/clicks/iTrack_files/script.js
IP 172.67.180.155:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f758914aa953116df6aebbd7dd3c71cf
9e679d79c4e87bad87ab10d8a5f5d955a50c0350
2b35b9f42b9b30156ec8d39984dcab7b255df8e79682ebd0213fc45a9982cd10
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/iTrack_files/script.js HTTP/1.1
Host: clicks.carbonpath.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/clicks/iTrack.php?sid=1001038&h=fp5t_ca8dkgeta5maty10xvgdjf7xuvkwflcnjmo9ai/oy1opfba3acuy80xa-iiiw3-5zie61s-o_pq2r3ueu1qamwpu0h3pyzgb7eqj7885xzjxqv4fjr7whpdztcyia
HTTP/1.1 404 Not Found
Date: Sat, 17 Dec 2022 06:14:44 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pI%2FVgs23g1TSLXidSmV9E4IGpnYh48IrJu0lPX%2F9B12zMD220kB%2BbPAVWoXvtP0U0%2BabM2XfZ4CYyk8cnKSd7bzRl2uV5aUbQRHx1PnDUF9x8Y3LWEEdLMF4B4vdnjGzFthxQAZLsmY7"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ad852ddc4b0af6-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
clicks.carbonpath.shop/clicks/iTrack_files/fontawesome-all.min.css
172.67.180.155200 OK 7.3 kB URL HTTP/1.1 clicks.carbonpath.shop/clicks/iTrack_files/fontawesome-all.min.css
IP 172.67.180.155:0
File type ASCII text, with very long lines (33449), with CRLF line terminators
Hash 1a585fded87bc56098e8fe467748178b
f0514c23a710ec537dcece0e54542b13377e2026
70c74854160e08e8bf298f54fa0eec4307b68d1d69e8126e85ab094b5c149ca5
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/iTrack_files/fontawesome-all.min.css HTTP/1.1
Host: clicks.carbonpath.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/clicks/iTrack.php?sid=1001038&h=fp5t_ca8dkgeta5maty10xvgdjf7xuvkwflcnjmo9ai/oy1opfba3acuy80xa-iiiw3-5zie61s-o_pq2r3ueu1qamwpu0h3pyzgb7eqj7885xzjxqv4fjr7whpdztcyia
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 06:14:44 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: W/"6396c0f4-835f"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OTYZeTO8xsSfkmj2aZj1rEoBF9ZDDXTFKKzxb42QU%2BcSgzlc5u2xZgelSohTSPJRfqp%2FxikdpawMzVzvPvYcaf4knvWLl5wSPwWpdIcLkp8pGuVvSzdeGK5vJz26%2FjSNeSMaAYvktxKc"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ad852cbb391c16-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
clicks.carbonpath.shop/clicks/iTrack_files/jquery.social.sharing.js
172.67.180.155200 OK 422 B URL HTTP/1.1 clicks.carbonpath.shop/clicks/iTrack_files/jquery.social.sharing.js
IP 172.67.180.155:0
File type ASCII text, with CRLF line terminators
Hash 0255440ce4b0b41a5e37c3f3b51bff91
c00de34ab49d78cfd1cb76035602afa54f941d8a
288476016aaa0f1c7cf137550ee42642ff3bce6524150fc27ff4cee5b25cb9ff
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/iTrack_files/jquery.social.sharing.js HTTP/1.1
Host: clicks.carbonpath.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/clicks/iTrack.php?sid=1001038&h=fp5t_ca8dkgeta5maty10xvgdjf7xuvkwflcnjmo9ai/oy1opfba3acuy80xa-iiiw3-5zie61s-o_pq2r3ueu1qamwpu0h3pyzgb7eqj7885xzjxqv4fjr7whpdztcyia
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 06:14:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: W/"6396c0f4-327"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xvsaZ7qTm7EctHZ4Oj5nFt7kYgG5Kor3aXwFabuDJc%2FbqYedaYgEQJdVF%2BerGndCO8eJxK9pjFqjCe3Qe6%2BHcum7tQq4TbhxQt9Zxk9p2Yiw%2F8N%2FmLgP8vnup9qvMSQg55gBP7J5CO3v"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ad852dbad2b4f3-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
clicks.carbonpath.shop/clicks/iTrack_files/bootstrap.min.css
172.67.180.155200 OK 20 kB URL HTTP/1.1 clicks.carbonpath.shop/clicks/iTrack_files/bootstrap.min.css
IP 172.67.180.155:0
File type ASCII text, with very long lines (65371)
Hash ec33cc046e01c53aec64024058d8de78
d7df0f7a5a950ec42f3f950d5a4eb5dfa0993aa0
73fdef7c62fb183ccf51e35598666c094b3a3b92de0160fb946a708fb1c0f1b9
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/iTrack_files/bootstrap.min.css HTTP/1.1
Host: clicks.carbonpath.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/clicks/iTrack.php?sid=1001038&h=fp5t_ca8dkgeta5maty10xvgdjf7xuvkwflcnjmo9ai/oy1opfba3acuy80xa-iiiw3-5zie61s-o_pq2r3ueu1qamwpu0h3pyzgb7eqj7885xzjxqv4fjr7whpdztcyia
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 06:14:44 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: W/"6396c0f4-1d970"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oVVoJjGnj%2F8Y4yLcqP%2FIIIVqlEIaeO4TqTZThBppf0vJbE77kfQK6fieyrWsyn3Hqo1Pjn11xMqtoKJcKedeuxB4id0XyEhUBVSf3DNCdiYrRvGitjWl0VVAGsN2MVAGlX5sRVqGJE4O"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ad852cbff30afe-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash adcdbcc032f763fb6df3452d06cec25f
92a7bf8209930989013619971c6abf39b5c639d4
25ac98be2316dd7238a2ef038b27642270be777b7425bbfcdb1ca09f8bedcb5f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 06:14:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash adcdbcc032f763fb6df3452d06cec25f
92a7bf8209930989013619971c6abf39b5c639d4
25ac98be2316dd7238a2ef038b27642270be777b7425bbfcdb1ca09f8bedcb5f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 06:14:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
216.58.207.227200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 23724, version 1.0\012- data
Hash 2ca1253c8e47277b38c02353cdf32102
3cd0373fd1ae7ad8cb62ff8f2200193a7e8977e7
51aa1f55f3d344d82ece24055a31012cf77d10cc4a2f9307f5dea293118d40f1
GET /s/firasans/v16/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://clicks.carbonpath.shop
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23724
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Dec 2022 20:36:30 GMT
expires: Fri, 15 Dec 2023 20:36:30 GMT
cache-control: public, max-age=31536000
age: 121094
last-modified: Thu, 21 Apr 2022 16:58:19 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/abrilfatface/v19/zOL64pLDlL1D99S8g8PtiKchq-dmjQ.woff2
216.58.207.227200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/abrilfatface/v19/zOL64pLDlL1D99S8g8PtiKchq-dmjQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 13176, version 1.0\012- data
Hash c505a5b998cf70c98db25dd8d644c688
2a72710cb88d894cc7059122213728aefca69b97
a177f542e3506952479f8ee19c5f3fd6d20ac2e030b17e86c39a473931c990bf
GET /s/abrilfatface/v19/zOL64pLDlL1D99S8g8PtiKchq-dmjQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://clicks.carbonpath.shop
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13176
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Dec 2022 13:33:22 GMT
expires: Sat, 16 Dec 2023 13:33:22 GMT
cache-control: public, max-age=31536000
age: 60082
last-modified: Tue, 19 Apr 2022 18:49:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash adcdbcc032f763fb6df3452d06cec25f
92a7bf8209930989013619971c6abf39b5c639d4
25ac98be2316dd7238a2ef038b27642270be777b7425bbfcdb1ca09f8bedcb5f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 06:14:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/firasans/v16/va9E4kDNxMZdWfMOD5Vvl4jL.woff2
216.58.207.227200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/firasans/v16/va9E4kDNxMZdWfMOD5Vvl4jL.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 22592, version 1.0\012- data
Hash 4528524c7142b4e2d5c0438763223328
d439d881fd8c4f41e77c2fb07678e53fce3e331a
ea03bd5d723c75f6d0a9419d4f9651afd78ea2a4abfcee7f926cbde0681a2671
GET /s/firasans/v16/va9E4kDNxMZdWfMOD5Vvl4jL.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://clicks.carbonpath.shop
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22592
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Dec 2022 15:42:53 GMT
expires: Wed, 13 Dec 2023 15:42:53 GMT
cache-control: public, max-age=31536000
age: 311511
last-modified: Thu, 21 Apr 2022 16:51:36 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash adcdbcc032f763fb6df3452d06cec25f
92a7bf8209930989013619971c6abf39b5c639d4
25ac98be2316dd7238a2ef038b27642270be777b7425bbfcdb1ca09f8bedcb5f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 06:14:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash adcdbcc032f763fb6df3452d06cec25f
92a7bf8209930989013619971c6abf39b5c639d4
25ac98be2316dd7238a2ef038b27642270be777b7425bbfcdb1ca09f8bedcb5f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 06:14:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnSKzeRhf6.woff2
216.58.207.227200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnSKzeRhf6.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 23600, version 1.0\012- data
Hash 96535c146ffa5386af6a241b26a3a6b4
23cd84c531d12b9ee5e2fa0d1dd7620f4d6cff57
5a993ab2e9326ab9a1d3f403acf8eed16029f1113c786bcfef3f5b529343ab81
GET /s/firasans/v16/va9B4kDNxMZdWfMOD5VnSKzeRhf6.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://clicks.carbonpath.shop
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Dec 2022 15:44:21 GMT
expires: Wed, 13 Dec 2023 15:44:21 GMT
cache-control: public, max-age=31536000
age: 311423
last-modified: Thu, 21 Apr 2022 16:51:43 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2
216.58.207.227200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 22760, version 1.0\012- data
Hash d36cf1e01f039283292b186b9c85c883
569131c8375a808d1f6a1ad22786cc6b32ec9820
8a90f9c307d889844f7286c11a9e8596c9a41b2e91123ab49cca0fbaa4b48dc7
GET /s/firasans/v16/va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://clicks.carbonpath.shop
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22760
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Dec 2022 18:56:59 GMT
expires: Wed, 13 Dec 2023 18:56:59 GMT
cache-control: public, max-age=31536000
age: 299865
last-modified: Thu, 21 Apr 2022 16:56:24 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/firasans/v16/va9f4kDNxMZdWfMOD5VvkrByRCf4VFk.woff2
216.58.207.227200 OK 25 kB URL HTTP/2 fonts.gstatic.com/s/firasans/v16/va9f4kDNxMZdWfMOD5VvkrByRCf4VFk.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 24712, version 1.0\012- data
Hash 251cc4687a7f55281ab73945b1f9c993
2e802717ec3767117d32fd0df9d5def4e9cb067f
d0430beb254891a46106c24d7bd556893899b3417501cf55a9315f1dd9a07fd9
GET /s/firasans/v16/va9f4kDNxMZdWfMOD5VvkrByRCf4VFk.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://clicks.carbonpath.shop
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24712
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Dec 2022 13:33:49 GMT
expires: Sat, 16 Dec 2023 13:33:49 GMT
cache-control: public, max-age=31536000
age: 60055
last-modified: Thu, 21 Apr 2022 16:51:53 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash adcdbcc032f763fb6df3452d06cec25f
92a7bf8209930989013619971c6abf39b5c639d4
25ac98be2316dd7238a2ef038b27642270be777b7425bbfcdb1ca09f8bedcb5f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 06:14:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
clicks.carbonpath.shop/clicks/iTrack_files/mac_iphone.png
172.67.180.155200 OK 62 kB URL HTTP/1.1 clicks.carbonpath.shop/clicks/iTrack_files/mac_iphone.png
IP 172.67.180.155:0
File type PNG image data, 830 x 305, 8-bit colormap, non-interlaced\012- data
Hash 84cd9215595fcb6285dc993edd8c1305
d990985089521b3334f6590e99a10ecf5f735877
5b9a22cd6b95ae48e670b83e636362cc798b0b3d4026d501c1382c64514cec3c
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/iTrack_files/mac_iphone.png HTTP/1.1
Host: clicks.carbonpath.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/clicks/iTrack.php?sid=1001038&h=fp5t_ca8dkgeta5maty10xvgdjf7xuvkwflcnjmo9ai/oy1opfba3acuy80xa-iiiw3-5zie61s-o_pq2r3ueu1qamwpu0h3pyzgb7eqj7885xzjxqv4fjr7whpdztcyia
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 06:14:44 GMT
Content-Type: image/png
Content-Length: 61906
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: "6396c0f4-f1d2"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZFG2twUyep9k9%2BeZA3ySBCQzQZCYAdUIJdZufOIQ26kkL71xKbAAdXeiUSqeIPwcS1jkNG0OSJlo78PwrGvJlgASgp%2FxHuofvDAYHPgGt7SIf%2FV17h3inPte%2BjW4C0N2j9Zpb9u%2F2O6i"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ad853028efb50f-OSL
alt-svc: h2=":443"; ma=60
clicks.carbonpath.shop/clicks/iTrack_files/cuting_edge_image.png
172.67.180.155200 OK 4.7 kB URL HTTP/1.1 clicks.carbonpath.shop/clicks/iTrack_files/cuting_edge_image.png
IP 172.67.180.155:0
File type PNG image data, 149 x 150, 8-bit colormap, non-interlaced\012- data
Hash 9632923c638b41d5e862e8097e2f3043
6317b0edce17e64a3c681114bff1a5c7557486e0
3bfbd0de404e654b352a659328cb626e8e6eedd2b8800aaf37541197f9be2beb
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/iTrack_files/cuting_edge_image.png HTTP/1.1
Host: clicks.carbonpath.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/clicks/iTrack.php?sid=1001038&h=fp5t_ca8dkgeta5maty10xvgdjf7xuvkwflcnjmo9ai/oy1opfba3acuy80xa-iiiw3-5zie61s-o_pq2r3ueu1qamwpu0h3pyzgb7eqj7885xzjxqv4fjr7whpdztcyia
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 06:14:44 GMT
Content-Type: image/png
Content-Length: 4672
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: "6396c0f4-1240"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jZF50rHTz3g%2FQyy5ZDuk1HDPRim%2BGwSsII8i9v8MYkWHOhIO1pji69le2IsVrWG48oaBXoOAO8JOXmJgJTz4ENJwMFc4pQNfhfLaywun0n7Hn1qtLxhigp1bsknc00lterh1y8XjG%2BYq"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ad853029510afe-OSL
alt-svc: h2=":443"; ma=60
clicks.carbonpath.shop/clicks/iTrack_files/logo_white.png
172.67.180.155200 OK 2.9 kB URL HTTP/1.1 clicks.carbonpath.shop/clicks/iTrack_files/logo_white.png
IP 172.67.180.155:0
File type PNG image data, 190 x 60, 8-bit colormap, non-interlaced\012- data
Hash b525beff76a55e6db77732f69c94263b
5548005acf609af30a4ac575212c251872e56789
cf830a1c4a340625c010c646438bc0ef0832df9541a8c76916de38ba30e0e8d7
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/iTrack_files/logo_white.png HTTP/1.1
Host: clicks.carbonpath.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/clicks/iTrack.php?sid=1001038&h=fp5t_ca8dkgeta5maty10xvgdjf7xuvkwflcnjmo9ai/oy1opfba3acuy80xa-iiiw3-5zie61s-o_pq2r3ueu1qamwpu0h3pyzgb7eqj7885xzjxqv4fjr7whpdztcyia
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 06:14:44 GMT
Content-Type: image/png
Content-Length: 2891
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: "6396c0f4-b4b"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2z%2FKzji1RLYIpxAF5YtSPVcMePp%2Fq%2BU4AkFo3TgmZbVE0gSnPKKK3jxinxz%2FaalBTeDhAjPmDoi3PW0oYtuPgQ%2FDx8wOALTIH9kgzLSSUqEeAKw40vMiMOkrqVccWEJhFmGpurPC09NA"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ad85302d000af6-OSL
alt-svc: h2=":443"; ma=60
clicks.carbonpath.shop/clicks/iTrack_files/script.js
172.67.180.155404 Not Found 131 B URL HTTP/1.1 clicks.carbonpath.shop/clicks/iTrack_files/script.js
IP 172.67.180.155:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f758914aa953116df6aebbd7dd3c71cf
9e679d79c4e87bad87ab10d8a5f5d955a50c0350
2b35b9f42b9b30156ec8d39984dcab7b255df8e79682ebd0213fc45a9982cd10
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/iTrack_files/script.js HTTP/1.1
Host: clicks.carbonpath.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/clicks/iTrack.php?sid=1001038&h=fp5t_ca8dkgeta5maty10xvgdjf7xuvkwflcnjmo9ai/oy1opfba3acuy80xa-iiiw3-5zie61s-o_pq2r3ueu1qamwpu0h3pyzgb7eqj7885xzjxqv4fjr7whpdztcyia
HTTP/1.1 404 Not Found
Date: Sat, 17 Dec 2022 06:14:44 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UN4NM%2F8mDsRl6WohpcEt3ZZUjmKgD9WrhKvxxU5%2BekTE19wlGi4bfvYmMkF84xrmbxcKVFWRK2sor59%2B4HEW%2F7Mkgz6Q5mLr%2Bpqo311Q7PpNOSeYS9gX16LeZ7HrX39dvLrWxRSbuP2p"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ad85320a72b50f-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
clicks.carbonpath.shop/clicks/iTrack_files/itrack_right.png
172.67.180.155200 OK 40 kB URL HTTP/1.1 clicks.carbonpath.shop/clicks/iTrack_files/itrack_right.png
IP 172.67.180.155:0
File type PNG image data, 300 x 454, 8-bit colormap, non-interlaced\012- data
Hash 6cea86e0a0be249a273d5ac6673488d7
8ce27ff4cf2a9f9f9376d742477faffcffbc1c65
08f41aac45dcfac36dd2f8db34daa55682e9ce4eb0dcd754913ebab68e6111a0
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/iTrack_files/itrack_right.png HTTP/1.1
Host: clicks.carbonpath.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/clicks/iTrack.php?sid=1001038&h=fp5t_ca8dkgeta5maty10xvgdjf7xuvkwflcnjmo9ai/oy1opfba3acuy80xa-iiiw3-5zie61s-o_pq2r3ueu1qamwpu0h3pyzgb7eqj7885xzjxqv4fjr7whpdztcyia
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 06:14:44 GMT
Content-Type: image/png
Content-Length: 39499
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: "6396c0f4-9a4b"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H3oTObbLw8FZvfHuWqYGVfJZgyuY34BflfD%2B4IldSRyfOrmLHE7F8vjCBWUSpH2mK%2FnHgdSrjpPr1XJSHETZyxKJ045qBNrNKcdbdtefwPnK5em%2BYOhQzOuciBnsoZgkn1n9EvrXKY8G"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ad85302c4b1c16-OSL
alt-svc: h2=":443"; ma=60
clicks.carbonpath.shop/clicks/webfonts/fa-brands-400.woff2
172.67.180.155404 Not Found 162 B URL HTTP/1.1 clicks.carbonpath.shop/clicks/webfonts/fa-brands-400.woff2
IP 172.67.180.155:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 1b7c22a214949975556626d7217e9a39
d01c97e2944166ed23e47e4a62ff471ab8fa031f
340c8464c2007ce3f80682e15dfafa4180b641d53c14201b929906b7b0284d87
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: clicks.carbonpath.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/clicks/iTrack_files/fontawesome-all.min.css
HTTP/1.1 404 Not Found
Date: Sat, 17 Dec 2022 06:14:44 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HLn9HBfT2icYmXVeOyQzFuQEFPD1uhwPNHA9ft%2B1YmipoF55prUzDCDTlmkfUUJh3cMzECzUI%2B6MMC3ENKgMfJBsRI67UOuGhq8GTxehGGBO%2BdDt7zTFGceD8XjFn9WArWINYG3eUMr%2B"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ad853209d40afe-OSL
alt-svc: h2=":443"; ma=60
clicks.carbonpath.shop/clicks/images/calen_data.png
172.67.180.155404 Not Found 131 B URL HTTP/1.1 clicks.carbonpath.shop/clicks/images/calen_data.png
IP 172.67.180.155:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f758914aa953116df6aebbd7dd3c71cf
9e679d79c4e87bad87ab10d8a5f5d955a50c0350
2b35b9f42b9b30156ec8d39984dcab7b255df8e79682ebd0213fc45a9982cd10
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/images/calen_data.png HTTP/1.1
Host: clicks.carbonpath.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/clicks/iTrack_files/style.css
HTTP/1.1 404 Not Found
Date: Sat, 17 Dec 2022 06:14:44 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ushI2%2BDgVsH9ax3jr%2FuTmVBhFMJlogQ2iu7dnMRINzINLaDwZ3GSmt83WxLcawo1%2FVInhi4CdNgP11e29mvUuVcDta4%2FEE3wdnhBAl63X8PgxqMtr6dp%2F3RHXLyDlNnwXXsZDBP3nhKs"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ad85322d3d1c16-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
clicks.carbonpath.shop/clicks/iTrack_files/how_it_works_image.png
172.67.180.155200 OK 146 kB URL HTTP/1.1 clicks.carbonpath.shop/clicks/iTrack_files/how_it_works_image.png
IP 172.67.180.155:0
File type PNG image data, 750 x 480, 8-bit colormap, non-interlaced\012- data
Size 146 kB (145878 bytes)
Hash 286e53c489534a386c7dae43de5b3837
69b376933428dd563d05acf051124ce4cd0be146
174a10f422bf0ec54d7ca1e8224e9b09f460e3b90edb195135255fea04ed7777
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/iTrack_files/how_it_works_image.png HTTP/1.1
Host: clicks.carbonpath.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/clicks/iTrack.php?sid=1001038&h=fp5t_ca8dkgeta5maty10xvgdjf7xuvkwflcnjmo9ai/oy1opfba3acuy80xa-iiiw3-5zie61s-o_pq2r3ueu1qamwpu0h3pyzgb7eqj7885xzjxqv4fjr7whpdztcyia
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 06:14:44 GMT
Content-Type: image/png
Content-Length: 145878
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: "6396c0f4-239d6"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v7NLrPDHdI2dO9p4oP4JjB8NlmRPtH6F6soJGmzPqe%2FLDLaVWgLKvlSRfc5%2FRq7a%2BMx%2Fbcu5AdA8isD%2BPZnt1ctHd3TBEUfs6XwqeLgtO6nAYbFHtOOlx0R%2FuGwqEwZotwmEQVNS8bY1"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ad85302cdab4f3-OSL
alt-svc: h2=":443"; ma=60
clicks.carbonpath.shop/clicks/iTrack_files/why_should_background.png
172.67.180.155200 OK 62 kB URL HTTP/1.1 clicks.carbonpath.shop/clicks/iTrack_files/why_should_background.png
IP 172.67.180.155:0
File type PNG image data, 731 x 388, 8-bit colormap, non-interlaced\012- data
Hash 22fa761c4e80913d0c8866f72162a8bb
b397e49f022678833fddb18f428593685b767e26
216b53f95e0dfbebea152712e946795a586d392d1a2d9fdddb2a1777e2c8e9a8
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/iTrack_files/why_should_background.png HTTP/1.1
Host: clicks.carbonpath.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/clicks/iTrack.php?sid=1001038&h=fp5t_ca8dkgeta5maty10xvgdjf7xuvkwflcnjmo9ai/oy1opfba3acuy80xa-iiiw3-5zie61s-o_pq2r3ueu1qamwpu0h3pyzgb7eqj7885xzjxqv4fjr7whpdztcyia
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 06:14:45 GMT
Content-Type: image/png
Content-Length: 61559
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: "6396c0f4-f077"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zf2Pu%2F%2BrsXjExGozp4%2F19WBJLchuRkm0ZkJw1LXqLf6hrsI5jHK6CBFyqpE2M9ge%2FUo%2BFWmm%2Bm4efsT%2B76xCXgBlRRgVUqKYi4XzVrIcKOowwZQo963J95GCB9q0QprzaprpYganPKjE"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ad85302e401bfe-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 302bca8b4776eca1d6dc94dfc7822bd9
3be17682c8639eda9854fbc8b21f5e43efdce33d
ae8438d6acbef18faace93a4421beb91356ad1290621032183a002d6c2151de3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AE8438D6ACBEF18FAACE93A4421BEB91356AD1290621032183A002D6C2151DE3"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5836
Expires: Sat, 17 Dec 2022 07:52:01 GMT
Date: Sat, 17 Dec 2022 06:14:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 302bca8b4776eca1d6dc94dfc7822bd9
3be17682c8639eda9854fbc8b21f5e43efdce33d
ae8438d6acbef18faace93a4421beb91356ad1290621032183a002d6c2151de3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AE8438D6ACBEF18FAACE93A4421BEB91356AD1290621032183A002D6C2151DE3"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5836
Expires: Sat, 17 Dec 2022 07:52:01 GMT
Date: Sat, 17 Dec 2022 06:14:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 302bca8b4776eca1d6dc94dfc7822bd9
3be17682c8639eda9854fbc8b21f5e43efdce33d
ae8438d6acbef18faace93a4421beb91356ad1290621032183a002d6c2151de3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AE8438D6ACBEF18FAACE93A4421BEB91356AD1290621032183A002D6C2151DE3"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5836
Expires: Sat, 17 Dec 2022 07:52:01 GMT
Date: Sat, 17 Dec 2022 06:14:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 302bca8b4776eca1d6dc94dfc7822bd9
3be17682c8639eda9854fbc8b21f5e43efdce33d
ae8438d6acbef18faace93a4421beb91356ad1290621032183a002d6c2151de3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AE8438D6ACBEF18FAACE93A4421BEB91356AD1290621032183A002D6C2151DE3"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5836
Expires: Sat, 17 Dec 2022 07:52:01 GMT
Date: Sat, 17 Dec 2022 06:14:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 302bca8b4776eca1d6dc94dfc7822bd9
3be17682c8639eda9854fbc8b21f5e43efdce33d
ae8438d6acbef18faace93a4421beb91356ad1290621032183a002d6c2151de3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AE8438D6ACBEF18FAACE93A4421BEB91356AD1290621032183A002D6C2151DE3"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5836
Expires: Sat, 17 Dec 2022 07:52:01 GMT
Date: Sat, 17 Dec 2022 06:14:45 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F716d5374-26a4-47e3-9c6a-62120a177040.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F716d5374-26a4-47e3-9c6a-62120a177040.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2fae5a52ce167de2a060dc814a744e98
4b108a79a4ad796a34f4b2b8950df907137680e3
61e1fe4a8c074a031e0628ca393449e42d70dcf3411481936c26c1fad7a5451b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F716d5374-26a4-47e3-9c6a-62120a177040.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9837
x-amzn-requestid: 7c104466-a4d8-4e03-94e6-79a18bd3bf54
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dQjWiEMlIAMFaaQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ce5c3-4b0e776f4f0edd533795a6ee;Sampled=0
x-amzn-remapped-date: Fri, 16 Dec 2022 21:40:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: BoDm_UMgTvGhUoJOaM2x6-YXgFOFuLanBV4hjgsPNTFxn_9CQjELUQ==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 21:40:19 GMT
etag: "4b108a79a4ad796a34f4b2b8950df907137680e3"
content-type: image/jpeg
age: 30866
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
clicks.carbonpath.shop/clicks/iTrack_files/blank.htm
172.67.180.155200 OK 548 B URL HTTP/1.1 clicks.carbonpath.shop/clicks/iTrack_files/blank.htm
IP 172.67.180.155:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1254), with CRLF line terminators
Hash cd64b4aeec0a8560c0d6527312e2c806
3b84cb918c9cf6a06d81b2aee07f5fec52ec6878
7dc0902142b34ea216d209ad68f58687c2190ebb974b2f540f61cc64b2b22ef4
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/iTrack_files/blank.htm HTTP/1.1
Host: clicks.carbonpath.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/clicks/iTrack.php?sid=1001038&h=fp5t_ca8dkgeta5maty10xvgdjf7xuvkwflcnjmo9ai/oy1opfba3acuy80xa-iiiw3-5zie61s-o_pq2r3ueu1qamwpu0h3pyzgb7eqj7885xzjxqv4fjr7whpdztcyia
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 06:14:45 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mE88fTuBruBM9ooac5sObvOT3vD48iAXs0YqQpnW9CQfgdprpvakmPSKh5kHPbEd5QCCoh68Exw%2B6Abw7brPkyYq%2F8nhzVIHNa2dVrzWq2HfT3D4QT0xdmyK1xT2poPHl3SHNRGAjxUF"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77ad85330a080afe-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
clicks.carbonpath.shop/clicks/images/user_img.png
172.67.180.155404 Not Found 131 B URL HTTP/1.1 clicks.carbonpath.shop/clicks/images/user_img.png
IP 172.67.180.155:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f758914aa953116df6aebbd7dd3c71cf
9e679d79c4e87bad87ab10d8a5f5d955a50c0350
2b35b9f42b9b30156ec8d39984dcab7b255df8e79682ebd0213fc45a9982cd10
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/images/user_img.png HTTP/1.1
Host: clicks.carbonpath.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/clicks/iTrack_files/style.css
HTTP/1.1 404 Not Found
Date: Sat, 17 Dec 2022 06:14:45 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0KBZrEbfJeTPF96EYeDEkoit1OFSKtINd0VuAqaKLwxMiG0xPJFKCcgMZGHEg5EP%2Fli0PrsFzv%2BTYf0e2akHOO2Spe%2FnZFgb88rlp8uQi7pPPRROAhIkXKcd9hA8g8WZruPfzjGtPUPO"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ad85321a7cb50f-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F340d7003-71e4-4f8e-a457-d067d05e0525.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F340d7003-71e4-4f8e-a457-d067d05e0525.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dce7a87ac0852f838007018af2e83cb5
379f7844a18284958ec0250cc45f2c91ac1ddfcf
31a5191700b9d5c2e471c0e6db15d43f1804b61c6a0867340e8001c32a0dabb5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F340d7003-71e4-4f8e-a457-d067d05e0525.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11667
x-amzn-requestid: f8f1832c-4269-4c4b-83c0-4c2d8c2fdd8f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dQjC7GLSIAMFd4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ce545-4c54f9704a32da245a90ab0d;Sampled=0
x-amzn-remapped-date: Fri, 16 Dec 2022 21:38:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: CrmrekFQeOTjAkIBgbGSNGN66ysdrtGK1uuzJV-b6nB1WFrOrtf1OA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 21:40:19 GMT
etag: "379f7844a18284958ec0250cc45f2c91ac1ddfcf"
content-type: image/jpeg
age: 30866
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F65c9cdbb-21b2-465b-8f75-329260ada5cc.webp
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F65c9cdbb-21b2-465b-8f75-329260ada5cc.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 86be9c16e4a62785e7f3a0cc8a956143
6cac191c918ff47d3e66e327e8c8a9c0fec9a88b
81dfec15eb1dc19acae5071663b9deaa9fa11f00378e36871c5b31a548a0626b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F65c9cdbb-21b2-465b-8f75-329260ada5cc.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8002
x-amzn-requestid: bcaeff23-947f-441a-8aea-1e0d54f2cc3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dQjD7GjdoAMFVIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ce54c-5fb0d9d76945c4f63d210806;Sampled=0
x-amzn-remapped-date: Fri, 16 Dec 2022 21:38:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: iWxLKwjIxP-hiy4A3yvosYlQAzRu0STuwy4K9LuqK77WphLXQH9m6A==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 21:40:19 GMT
age: 30866
etag: "6cac191c918ff47d3e66e327e8c8a9c0fec9a88b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce7eb005-df5e-4ad5-ab59-6dd5673202b8.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce7eb005-df5e-4ad5-ab59-6dd5673202b8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 11eb1a344e317c9805c0ecf1643e4a04
cdd0dd4300113cee0eff7dd9b5fe2c9eb411f07a
fc563a02dcd5eb90bde7d056bf8a832254c22b1d4baa7cabd83793b9a0edb47f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce7eb005-df5e-4ad5-ab59-6dd5673202b8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8915
x-amzn-requestid: c83c95c2-600e-4e2b-bcda-916a57f9f53d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dQjC6HmlIAMF8Rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ce545-1678e01c32f054c665efd888;Sampled=0
x-amzn-remapped-date: Fri, 16 Dec 2022 21:38:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AI1855uSgfHBqHOM_3xw8_HElfbuvQeFSCEurj8s-yRmUM_7FUrv9g==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 21:40:19 GMT
etag: "cdd0dd4300113cee0eff7dd9b5fe2c9eb411f07a"
content-type: image/jpeg
age: 30866
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfe9d995-0778-4444-81cd-99e5198ac11e.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfe9d995-0778-4444-81cd-99e5198ac11e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0cfd12f93a2a0efcbdc0aadfc18263e8
93ece0b291bd44a399612b832d8c7e9767ba3ce9
d40ab574038fb1642b0d64b430339552761496a0d0b99e238bb4d4f87e822484
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfe9d995-0778-4444-81cd-99e5198ac11e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3953
x-amzn-requestid: e528941a-b54c-4275-bce0-91f4c9dd7f2e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c0NMpGvxoAMFmRg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63918f1d-573aec4e11da97b91c9cd289;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 07:15:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8H9zkAEl6c6vZZhcsH0jTo3p4eTI14wNwpRSnhBLATJ52UIGJBClRg==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 06:17:21 GMT
age: 86244
etag: "93ece0b291bd44a399612b832d8c7e9767ba3ce9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab6b11b4-c340-467a-968f-ff8dff9eae90.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab6b11b4-c340-467a-968f-ff8dff9eae90.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a2c81b67adbfb8bf94378229e1edcfd8
4f8f964aa0b97794efa025d7dab09e802205ab26
1d2eba6d15e288a1ca66f0f3c6c055d7e390323bd0a8c9030ab528499b6503cb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab6b11b4-c340-467a-968f-ff8dff9eae90.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5851
x-amzn-requestid: 80799fe1-b9bf-4f9d-a5d0-18caae663a7a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dQjC5GeFIAMF_SA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ce545-3db2e2d50b3a2a6865b56e3e;Sampled=0
x-amzn-remapped-date: Fri, 16 Dec 2022 21:38:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YLsxuwuas79rrcMWXiFPhFxtR9qQhVp763LFbrYsCW6L_R8ZiWr2jA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 21:40:28 GMT
age: 30857
etag: "4f8f964aa0b97794efa025d7dab09e802205ab26"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
clicks.carbonpath.shop/clicks/iTrack_files/small_and_discrete.png
172.67.180.155200 OK 4.6 kB URL HTTP/1.1 clicks.carbonpath.shop/clicks/iTrack_files/small_and_discrete.png
IP 172.67.180.155:0
File type PNG image data, 149 x 150, 8-bit colormap, non-interlaced\012- data
Hash 0321ae8c549c261e5d515434b55874f1
b8628c44bc019b802b21aaf7ef830ff0ed93d9ab
deaf0449940694c6674aab08c1a2cd5624ea98e667f6ea07c6ed1ff4b29eb6f2
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/iTrack_files/small_and_discrete.png HTTP/1.1
Host: clicks.carbonpath.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/clicks/iTrack.php?sid=1001038&h=fp5t_ca8dkgeta5maty10xvgdjf7xuvkwflcnjmo9ai/oy1opfba3acuy80xa-iiiw3-5zie61s-o_pq2r3ueu1qamwpu0h3pyzgb7eqj7885xzjxqv4fjr7whpdztcyia
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 06:14:45 GMT
Content-Type: image/png
Content-Length: 4601
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: "6396c0f4-11f9"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5BOAemKw28DYLPw0UEaAW6Tuv9%2F6u82IWjnJ%2B7Cc5C15asGVxiBeYA4etCut2tL%2BC97KxP%2BpGhr8fVS7hi5gsbbaLPSrCsB4gjNe68%2BV6k%2BHx0RzeocKCa1n5qrAvJsnBqg3a%2BSeUKxz"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ad8533deb3b4f3-OSL
alt-svc: h2=":443"; ma=60
clicks.carbonpath.shop/clicks/webfonts/fa-brands-400.woff
172.67.180.155404 Not Found 162 B URL HTTP/1.1 clicks.carbonpath.shop/clicks/webfonts/fa-brands-400.woff
IP 172.67.180.155:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 1b7c22a214949975556626d7217e9a39
d01c97e2944166ed23e47e4a62ff471ab8fa031f
340c8464c2007ce3f80682e15dfafa4180b641d53c14201b929906b7b0284d87
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/webfonts/fa-brands-400.woff HTTP/1.1
Host: clicks.carbonpath.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/clicks/iTrack_files/fontawesome-all.min.css
HTTP/1.1 404 Not Found
Date: Sat, 17 Dec 2022 06:14:45 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wtr1pMvmdAJ5fWdSMstLNaUvCLWBvjuNnU4L4H9ZAO9BXTSK3eBJkels5ob2z774zdKpXZGp1o%2F73LSz1m73IYoixKwJRt9pN7hP8T0eD%2BIAamZAprez%2Fi2DX0gpYHr3P1%2BVhcmvWNQw"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ad85331d971c16-OSL
alt-svc: h2=":443"; ma=60
clicks.carbonpath.shop/clicks/iTrack_files/set_alerts.png
172.67.180.155200 OK 4.9 kB URL HTTP/1.1 clicks.carbonpath.shop/clicks/iTrack_files/set_alerts.png
IP 172.67.180.155:0
File type PNG image data, 149 x 150, 8-bit colormap, non-interlaced\012- data
Hash 64ef5f8fde58811d6ea6828050c412c5
1b2a287711e06f70b686c53ba9243340c8e75360
44bf1b46342194be7fc73fb32d31d9c36212b6651c509825e373b4b7d896521e
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/iTrack_files/set_alerts.png HTTP/1.1
Host: clicks.carbonpath.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/clicks/iTrack.php?sid=1001038&h=fp5t_ca8dkgeta5maty10xvgdjf7xuvkwflcnjmo9ai/oy1opfba3acuy80xa-iiiw3-5zie61s-o_pq2r3ueu1qamwpu0h3pyzgb7eqj7885xzjxqv4fjr7whpdztcyia
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 06:14:45 GMT
Content-Type: image/png
Content-Length: 4856
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: "6396c0f4-12f8"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rdY1TTJEqXhRb5TR4k3%2BXpDZpmqpazszJs2L8%2FY0xUswGvSrspmjtKJoKwQUIdZat4dCbVxler3ANY%2FnXF9FJFFRgFHdJXNs%2F1uMfTvGjOWSSMdhnjPzftrR5CiMW4Yb6zAKVbxGvAOc"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ad85340c17b50f-OSL
alt-svc: h2=":443"; ma=60
clicks.carbonpath.shop/clicks/iTrack_files/any_car.png
172.67.180.155200 OK 4.9 kB URL HTTP/1.1 clicks.carbonpath.shop/clicks/iTrack_files/any_car.png
IP 172.67.180.155:0
File type PNG image data, 149 x 150, 8-bit colormap, non-interlaced\012- data
Hash bba6edb84b71a14becd191af4054cefb
d63f14933e1bf187b98bac33b2ab040b20ef4eec
361415d77c8b00cc59c280211cadb83d92e7eafd821cd506c668e166827386a6
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/iTrack_files/any_car.png HTTP/1.1
Host: clicks.carbonpath.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/clicks/iTrack.php?sid=1001038&h=fp5t_ca8dkgeta5maty10xvgdjf7xuvkwflcnjmo9ai/oy1opfba3acuy80xa-iiiw3-5zie61s-o_pq2r3ueu1qamwpu0h3pyzgb7eqj7885xzjxqv4fjr7whpdztcyia
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 06:14:45 GMT
Content-Type: image/png
Content-Length: 4888
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: "6396c0f4-1318"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mM8lVkXkep2iiV2OxVsgkkDDzFCGYxeqgLn1igziS8DsvC7E8HvKRqFUMLDub4hyxWuJT1Cr0qSod6baXw%2FBeUfSOrm2EBmchIlKpUVSRiR46eXhv9Ba47FwY2s43wk9kft51e%2B6chnj"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ad85340a580afe-OSL
alt-svc: h2=":443"; ma=60
clicks.carbonpath.shop/clicks/webfonts/fa-brands-400.ttf
172.67.180.155404 Not Found 131 B URL HTTP/1.1 clicks.carbonpath.shop/clicks/webfonts/fa-brands-400.ttf
IP 172.67.180.155:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f758914aa953116df6aebbd7dd3c71cf
9e679d79c4e87bad87ab10d8a5f5d955a50c0350
2b35b9f42b9b30156ec8d39984dcab7b255df8e79682ebd0213fc45a9982cd10
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/webfonts/fa-brands-400.ttf HTTP/1.1
Host: clicks.carbonpath.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/clicks/iTrack_files/fontawesome-all.min.css
HTTP/1.1 404 Not Found
Date: Sat, 17 Dec 2022 06:14:45 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ktmUfZMnl3L%2BX82qdAvYCILWWWC1BYtc4onlJp5uUP0LuNb50o%2FW7iB7M6rXdHntLNSUIC%2FVi9NXtj5c%2BmnWpuCbICihl6ImHXDJJBROYJ9Im41njgg4JL4VdlSNU23Uyin9t3zw8eoM"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ad8534fcddb50f-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
clicks.carbonpath.shop/clicks/iTrack_files/free_access.png
172.67.180.155200 OK 5.2 kB URL HTTP/1.1 clicks.carbonpath.shop/clicks/iTrack_files/free_access.png
IP 172.67.180.155:0
File type PNG image data, 149 x 150, 8-bit colormap, non-interlaced\012- data
Hash 62817f297087b34bb3d29dca0ccd8c09
adfeba6771d16eefc05185436dd6bb08d33ac467
4d5b236eb6eb5396cbb0d295a54103c86c3ba02a353a7be1fe7758e967d855db
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/iTrack_files/free_access.png HTTP/1.1
Host: clicks.carbonpath.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/clicks/iTrack.php?sid=1001038&h=fp5t_ca8dkgeta5maty10xvgdjf7xuvkwflcnjmo9ai/oy1opfba3acuy80xa-iiiw3-5zie61s-o_pq2r3ueu1qamwpu0h3pyzgb7eqj7885xzjxqv4fjr7whpdztcyia
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 06:14:45 GMT
Content-Type: image/png
Content-Length: 5151
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: "6396c0f4-141f"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AjdBvQ3nLifbAbK91T5pI0ksdEFi7ydKVxwOTK%2BMuF8%2FZurHRJlYKPdj3jP7gG4v6viZ4cG3ETeftEC3NAMJVCr%2B0hoGY1HNl6LcP662IZX06SrnVfAmuH9aDaaju2QOn59JH1f%2FVaQG"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ad8533ef871bfe-OSL
alt-svc: h2=":443"; ma=60
clicks.carbonpath.shop/clicks/iTrack_files/top_bg.png
172.67.180.155200 OK 182 kB URL HTTP/1.1 clicks.carbonpath.shop/clicks/iTrack_files/top_bg.png
IP 172.67.180.155:0
File type PNG image data, 1600 x 360, 8-bit colormap, non-interlaced\012- data
Size 182 kB (182100 bytes)
Hash 5326d166fd0c3b7befc5ed55eaa4542b
26a6dfabd7e33577de394e0959fc9817003bb615
df9dac5f2de99f92fdf5563cf0795992def5651c7f68bbd81c315263c16a118c
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/iTrack_files/top_bg.png HTTP/1.1
Host: clicks.carbonpath.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/clicks/iTrack_files/style.css
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 06:14:45 GMT
Content-Type: image/png
Content-Length: 182100
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:50:34 GMT
ETag: "6396c12a-2c754"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f4dMTyd6ZUDt5xfWRyQW43n%2BtRHWmYmZGIsryYzEDYU84B11tXdkrflcpZrB46RxSCwlBw1FcPjHQByiZpS3dAOB4CO5Bqqx%2FP2CVME3KePvfP6epve7Ld7xEEwh5sQS%2BOzlIR8R89c4"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ad85320dc70af6-OSL
alt-svc: h2=":443"; ma=60
clicks.carbonpath.shop/clicks/iTrack_files/blank_data/inject.css
172.67.180.155200 OK 928 B URL HTTP/1.1 clicks.carbonpath.shop/clicks/iTrack_files/blank_data/inject.css
IP 172.67.180.155:0
File type ASCII text, with CRLF line terminators
Hash e1c22e631b7cce42e3ef13cd9bb02ff5
6c6c2b15c56e776d9eac10babf3a6c4a2bd964ae
93950a736308fe62073a44a76b8ec05b9a651062f6ecee4782059d0718aab6dc
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/iTrack_files/blank_data/inject.css HTTP/1.1
Host: clicks.carbonpath.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/clicks/iTrack_files/blank.htm
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 06:14:45 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: W/"6396c0f4-f28"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bKOLVfK5vd0%2FSSuuw%2FwsU8FizwirU3uggjjj2WY8KX89%2FSx4oS%2FZEj0oa%2FMgasXH17dyIGDE8l9l8J5Lt%2FzzQqcR15P2eWOPrp12iiwvTYr3BPSacYMIMe%2FovLEzi9mb%2BM0Ctwo1oQJP"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ad8534df26b4f3-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
clicks.carbonpath.shop/clicks/iTrack_files/gps_track.png
172.67.180.155200 OK 88 kB URL HTTP/1.1 clicks.carbonpath.shop/clicks/iTrack_files/gps_track.png
IP 172.67.180.155:0
File type PNG image data, 543 x 373, 8-bit colormap, non-interlaced\012- data
Hash 833539ad94309373ae997da0282134aa
649fbe66909f754cbbb58af82f2b65a62f974e11
231e97a8d1bedf2c8c15e76a0345ab2002da9621442729973c5e12bca76e28fa
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/iTrack_files/gps_track.png HTTP/1.1
Host: clicks.carbonpath.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/clicks/iTrack.php?sid=1001038&h=fp5t_ca8dkgeta5maty10xvgdjf7xuvkwflcnjmo9ai/oy1opfba3acuy80xa-iiiw3-5zie61s-o_pq2r3ueu1qamwpu0h3pyzgb7eqj7885xzjxqv4fjr7whpdztcyia
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 06:14:45 GMT
Content-Type: image/png
Content-Length: 88244
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: "6396c0f4-158b4"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ri1mPGFZPohCAWvs%2F0I0Lod01HR9RnxNGdcD68HCqX%2FcWVwQt6cfSBUMqZw1VVVb6nauZdEt%2Bc5fl3htAZ4854sHYffQvNrwCGyNX56WhORfaclDjlDe%2B9g3hvz0c0xsptZf3%2F0k6o3N"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ad8534ee221c16-OSL
alt-svc: h2=":443"; ma=60
clicks.carbonpath.shop/clicks/iTrack_files/brahim.png
172.67.180.155200 OK 6.1 kB URL HTTP/1.1 clicks.carbonpath.shop/clicks/iTrack_files/brahim.png
IP 172.67.180.155:0
File type PNG image data, 83 x 83, 8-bit colormap, non-interlaced\012- data
Hash b87886205663e0bf0968e5686949a531
ae946736843b6d9b20ff0956977b4fc03da6ca05
f52ab98bd382e27042a046485de7e9f1ab08c3c95db02a3468efd55705385c6c
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/iTrack_files/brahim.png HTTP/1.1
Host: clicks.carbonpath.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/clicks/iTrack.php?sid=1001038&h=fp5t_ca8dkgeta5maty10xvgdjf7xuvkwflcnjmo9ai/oy1opfba3acuy80xa-iiiw3-5zie61s-o_pq2r3ueu1qamwpu0h3pyzgb7eqj7885xzjxqv4fjr7whpdztcyia
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 06:14:45 GMT
Content-Type: image/png
Content-Length: 6136
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: "6396c0f4-17f8"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jFfZZ6r8WxnUQFkROmYhbeb8fPOHqGwcvMS9FXmat2adL6dmSIBFeIMlR9umCoAtxkRuVXKbSPvL2tZrzTBjyB3hEfdZmu4S7hLRFy9WJQGCRDv3o6ZRZomAanTmRf%2ByxJx2lxmdJYXe"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ad8535e85b1bfe-OSL
alt-svc: h2=":443"; ma=60
clicks.carbonpath.shop/clicks/iTrack_files/conclusion_image.png
172.67.180.155200 OK 123 kB URL HTTP/1.1 clicks.carbonpath.shop/clicks/iTrack_files/conclusion_image.png
IP 172.67.180.155:0
File type PNG image data, 750 x 420, 8-bit colormap, non-interlaced\012- data
Size 123 kB (122637 bytes)
Hash ee800efe19b89a8e43c719bd7b640937
31cdce78ad1ae08653efa960262c9573b20135c9
33eb021719b2aca56a99fae8ba5d4a017fb002d246e758cc7a55d6d1fa9a8a51
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/iTrack_files/conclusion_image.png HTTP/1.1
Host: clicks.carbonpath.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/clicks/iTrack.php?sid=1001038&h=fp5t_ca8dkgeta5maty10xvgdjf7xuvkwflcnjmo9ai/oy1opfba3acuy80xa-iiiw3-5zie61s-o_pq2r3ueu1qamwpu0h3pyzgb7eqj7885xzjxqv4fjr7whpdztcyia
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 06:14:45 GMT
Content-Type: image/png
Content-Length: 122637
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: "6396c0f4-1df0d"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=109tafESID6qZbEug7STCbYnEgXf1Op66fhfPwEjzhOolUpkXiJyK1c1X5V8hefjY%2BkoJzGxCUFFEb17eCmSW5yzVgCmH55tX5Rwe2BHe6pr0UUkKUctrIAB6r6wkWQ2Bz%2FTtKJv87qY"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ad8535ed8db50f-OSL
alt-svc: h2=":443"; ma=60
clicks.carbonpath.shop/clicks/iTrack_files/zarisa_del.png
172.67.180.155200 OK 5.8 kB URL HTTP/1.1 clicks.carbonpath.shop/clicks/iTrack_files/zarisa_del.png
IP 172.67.180.155:0
File type PNG image data, 83 x 83, 8-bit colormap, non-interlaced\012- data
Hash 249b777e4fa6987cf5cce44f74423a20
91bebe21d5536a25783c437e6ccea0a7244872ca
f13251a8da4d9812bdbf9913ec11f448fdb47235683b9aa3df299cd869b44412
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/iTrack_files/zarisa_del.png HTTP/1.1
Host: clicks.carbonpath.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/clicks/iTrack.php?sid=1001038&h=fp5t_ca8dkgeta5maty10xvgdjf7xuvkwflcnjmo9ai/oy1opfba3acuy80xa-iiiw3-5zie61s-o_pq2r3ueu1qamwpu0h3pyzgb7eqj7885xzjxqv4fjr7whpdztcyia
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 06:14:45 GMT
Content-Type: image/png
Content-Length: 5822
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: "6396c0f4-16be"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FpG7ynY71U%2FKOSCLioRMqrSaeF7qOWVwh8eQVC5vRu%2B9sSqZDoUD7Tr8HS3EKDWph0bzxJy7LGdR716%2FjDxoz9xcwJSCzZ8u9vQ%2Ft4Tg1LG34fmmDjOm5Nr7Iq6yjs8qPpvZ%2BT2iVuey"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ad8536a82ab4f3-OSL
alt-svc: h2=":443"; ma=60
clicks.carbonpath.shop/clicks/iTrack_files/hurry_image.png
172.67.180.155200 OK 59 kB URL HTTP/1.1 clicks.carbonpath.shop/clicks/iTrack_files/hurry_image.png
IP 172.67.180.155:0
File type PNG image data, 750 x 480, 8-bit colormap, non-interlaced\012- data
Hash 765192cad7f03e050291bf5f97298d40
38dd0b500aaa6e9e9d268cbb572a58c0aaa74e15
3aa8f081ed82aad1900fab8eebfca8d7abd383a439abe63a5913146f067b070b
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/iTrack_files/hurry_image.png HTTP/1.1
Host: clicks.carbonpath.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/clicks/iTrack.php?sid=1001038&h=fp5t_ca8dkgeta5maty10xvgdjf7xuvkwflcnjmo9ai/oy1opfba3acuy80xa-iiiw3-5zie61s-o_pq2r3ueu1qamwpu0h3pyzgb7eqj7885xzjxqv4fjr7whpdztcyia
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 06:14:45 GMT
Content-Type: image/png
Content-Length: 59232
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: "6396c0f4-e760"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=64EY%2Ff5scUba4s6PKS5tJL9098wP5adM4dLtugoADtiLwTizomJLrX%2FmXiKzroZi3uOzaYYy5YUjkjyd1g3LnrZFrNjaNa0bysPsOe7uwliY1IPqzXdpdZb9WAmNpNYu1yvezLUMYQ01"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ad8534faab0afe-OSL
alt-svc: h2=":443"; ma=60
clicks.carbonpath.shop/clicks/iTrack_files/amine_user.png
172.67.180.155200 OK 6.0 kB URL HTTP/1.1 clicks.carbonpath.shop/clicks/iTrack_files/amine_user.png
IP 172.67.180.155:0
File type PNG image data, 83 x 83, 8-bit colormap, non-interlaced\012- data
Hash 134488bacacf9b44edaf989d6bfcad1c
3ac624c103eb4dfef65dc7e5a823f1b311794fcd
4db2e068c0287ae9aae0eb22620cb8e14c74cc67e42d08b543f94be336011c06
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/iTrack_files/amine_user.png HTTP/1.1
Host: clicks.carbonpath.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/clicks/iTrack.php?sid=1001038&h=fp5t_ca8dkgeta5maty10xvgdjf7xuvkwflcnjmo9ai/oy1opfba3acuy80xa-iiiw3-5zie61s-o_pq2r3ueu1qamwpu0h3pyzgb7eqj7885xzjxqv4fjr7whpdztcyia
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 06:14:45 GMT
Content-Type: image/png
Content-Length: 6024
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: "6396c0f4-1788"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qY1DMzHW%2B9oBAZYX2HG%2F6CV%2BMEZiaWe4IYKklYbgoa7M0wVi3sTkf0tObtRQ4coV9HIvbfNLABSQ%2BiSu7TL7h7ge9yA5JPCrji8e1Sf5ihpjmPuOe2xBAe2puK8kPKwZX09lTBYm3B%2Bh"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ad85378f051c16-OSL
alt-svc: h2=":443"; ma=60
clicks.carbonpath.shop/clicks/iTrack_files/amine_image_mes.jpg
172.67.180.155200 OK 75 kB URL HTTP/1.1 clicks.carbonpath.shop/clicks/iTrack_files/amine_image_mes.jpg
IP 172.67.180.155:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x750, components 3\012- data
Hash be0a7541ada8c899dc75f11e4ce3f899
02a7fa2dac12839ee392cfd86f91edb2603078c9
709c26aac82d281592c7232c943a43bcb769562dea67359d19960b3c99d12f57
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/iTrack_files/amine_image_mes.jpg HTTP/1.1
Host: clicks.carbonpath.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/clicks/iTrack.php?sid=1001038&h=fp5t_ca8dkgeta5maty10xvgdjf7xuvkwflcnjmo9ai/oy1opfba3acuy80xa-iiiw3-5zie61s-o_pq2r3ueu1qamwpu0h3pyzgb7eqj7885xzjxqv4fjr7whpdztcyia
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 06:14:45 GMT
Content-Type: image/jpeg
Content-Length: 74977
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: "6396c0f4-124e1"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hTBEU26zK9kjqW8fGCclRcTCDyP7v5n9TsKpzjB0sdT14OBofTc14%2FwjXIt96AzKmEcBzxa0XocmeYtsLka6Uc3twgub6qsZf3DU9VxHYAaUbiMqRfwrJMwQM5F9MIpDO5dQdVIVlMta"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ad8537a8f71bfe-OSL
alt-svc: h2=":443"; ma=60
clicks.carbonpath.shop/clicks/iTrack_files/green_b_sm.jpg
172.67.180.155200 OK 44 kB URL HTTP/1.1 clicks.carbonpath.shop/clicks/iTrack_files/green_b_sm.jpg
IP 172.67.180.155:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Hash 29394dd07fd148ebdb5c4d5d96eb4db5
1175a269be794310e83dc07f1b150b57690c73d4
451e5ac2beaf6d1c0f51da43556324f1197d7e21aa4fb100e8ea7c5a9090612c
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/iTrack_files/green_b_sm.jpg HTTP/1.1
Host: clicks.carbonpath.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/clicks/iTrack.php?sid=1001038&h=fp5t_ca8dkgeta5maty10xvgdjf7xuvkwflcnjmo9ai/oy1opfba3acuy80xa-iiiw3-5zie61s-o_pq2r3ueu1qamwpu0h3pyzgb7eqj7885xzjxqv4fjr7whpdztcyia
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 06:14:45 GMT
Content-Type: image/jpeg
Content-Length: 44000
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: "6396c0f4-abe0"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mpdDVey%2BNh8Nviql1W%2FH8Pn7tISeD%2F0R3bvxZmwjZOIrA4L5x%2FoIjtmS5yxloG7R139wtcrMxpNMfSUn6ykoWwvl5mpOYZGtDycGG98AI%2B382SZ9SZKhwRDC68XMrXRhKwraDhyioC2i"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ad85369f900af6-OSL
alt-svc: h2=":443"; ma=60
clicks.carbonpath.shop/clicks/iTrack_files/sisi.png
172.67.180.155200 OK 6.0 kB URL HTTP/1.1 clicks.carbonpath.shop/clicks/iTrack_files/sisi.png
IP 172.67.180.155:0
File type PNG image data, 83 x 83, 8-bit colormap, non-interlaced\012- data
Hash ce2a05cd7f9e6d28e3b9e40fd203174b
416c50090b454770f13ebab74142896b6ba7ab97
0473da3eb3015c81e346a4b576dbc6a0623d3c7d4d8daa7bbf260f0662f09024
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/iTrack_files/sisi.png HTTP/1.1
Host: clicks.carbonpath.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/clicks/iTrack.php?sid=1001038&h=fp5t_ca8dkgeta5maty10xvgdjf7xuvkwflcnjmo9ai/oy1opfba3acuy80xa-iiiw3-5zie61s-o_pq2r3ueu1qamwpu0h3pyzgb7eqj7885xzjxqv4fjr7whpdztcyia
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 06:14:45 GMT
Content-Type: image/png
Content-Length: 6021
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: "6396c0f4-1785"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PVLEYRk0wbD1NBBobHZEIKljP6vqVoNlL6rBiAQsQ7lHiymaakUiNbiqjBlDygXTi5zlmX1IeOFQh6%2FhHxEQBDAixdktmBFbk8ISL1jvfsYyWpC8zuigObseJvbIaXdoaz41oRRjHu7l"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ad85388928b4f3-OSL
alt-svc: h2=":443"; ma=60
clicks.carbonpath.shop/clicks/iTrack_files/nabil_user.png
172.67.180.155200 OK 6.9 kB URL HTTP/1.1 clicks.carbonpath.shop/clicks/iTrack_files/nabil_user.png
IP 172.67.180.155:0
File type PNG image data, 83 x 83, 8-bit colormap, non-interlaced\012- data
Hash c8d699c779a55f472c20c39932a01e29
69fee4363c7af8384ae76e9de8c0a56ad3728a0e
9e73f77be494e8d8ca35cba7f00897dcceb5b145734f4a9028aa6e8bd9f22b86
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/iTrack_files/nabil_user.png HTTP/1.1
Host: clicks.carbonpath.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/clicks/iTrack.php?sid=1001038&h=fp5t_ca8dkgeta5maty10xvgdjf7xuvkwflcnjmo9ai/oy1opfba3acuy80xa-iiiw3-5zie61s-o_pq2r3ueu1qamwpu0h3pyzgb7eqj7885xzjxqv4fjr7whpdztcyia
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 06:14:46 GMT
Content-Type: image/png
Content-Length: 6887
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: "6396c0f4-1ae7"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aldVkYYOJodgTh3%2BcrGqghMWQwLlvP1AaMCGZupysAsklax%2BHq4zIMGHpdleqnm1YG%2FNZFoDc0ro3nab02g5t1fnv5ccsO29cjSPPTbR8ajzHY4W3tAOOz9RC9AAEF6Z2Us1BxHcJggO"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ad8537bed6b50f-OSL
alt-svc: h2=":443"; ma=60
clicks.carbonpath.shop/clicks/iTrack_files/jenny_user.png
172.67.180.155200 OK 7.2 kB URL HTTP/1.1 clicks.carbonpath.shop/clicks/iTrack_files/jenny_user.png
IP 172.67.180.155:0
File type PNG image data, 83 x 83, 8-bit colormap, non-interlaced\012- data
Hash 8418f3a855bb1648809b2d4afa5a8fdb
f9f832dbe7054763b3a873e43b77a32a9023157c
0aa5489dcf4270f744437f912baf36538f1d54d04face93dfd4a740c3d306a94
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/iTrack_files/jenny_user.png HTTP/1.1
Host: clicks.carbonpath.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/clicks/iTrack.php?sid=1001038&h=fp5t_ca8dkgeta5maty10xvgdjf7xuvkwflcnjmo9ai/oy1opfba3acuy80xa-iiiw3-5zie61s-o_pq2r3ueu1qamwpu0h3pyzgb7eqj7885xzjxqv4fjr7whpdztcyia
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 06:14:46 GMT
Content-Type: image/png
Content-Length: 7170
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: "6396c0f4-1c02"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aRdNBZPE%2BMQIMtOU759EJcTuCxdmMDFweAPXDJeBgmGvrVPgesDbAoSOnjOG8DBmE76ZPHHYIsOKQpDwdoIZ09g34shxDAE045tSV0oI%2FjtAeRg0crasZL1niy2XnkpvVaE1eq1B0pIW"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ad85395f8d1c16-OSL
alt-svc: h2=":443"; ma=60
clicks.carbonpath.shop/clicks/images/ul_stile_img.png
172.67.180.155404 Not Found 131 B URL HTTP/1.1 clicks.carbonpath.shop/clicks/images/ul_stile_img.png
IP 172.67.180.155:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f758914aa953116df6aebbd7dd3c71cf
9e679d79c4e87bad87ab10d8a5f5d955a50c0350
2b35b9f42b9b30156ec8d39984dcab7b255df8e79682ebd0213fc45a9982cd10
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/images/ul_stile_img.png HTTP/1.1
Host: clicks.carbonpath.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/clicks/iTrack_files/style.css
HTTP/1.1 404 Not Found
Date: Sat, 17 Dec 2022 06:14:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vrlmW8%2FK4Dhve39SS4vfr4EPYGHjKCS9k%2FdMnrwEUV5GB5NnqffGgp%2FkEE%2FrtuI%2FmhBma99Cl26%2BcUBXmeB2kGyqa%2FHWWDjAwAQ9YHvwiNJVjwQjDVs6i5pfzfJH7Gxd7%2F6EJO2pIeGA"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ad853979bab4f3-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
clicks.carbonpath.shop/clicks/iTrack_files/sara_user.png
172.67.180.155200 OK 6.4 kB URL HTTP/1.1 clicks.carbonpath.shop/clicks/iTrack_files/sara_user.png
IP 172.67.180.155:0
File type PNG image data, 83 x 83, 8-bit colormap, non-interlaced\012- data
Hash 1c0a3ca0873745fcfab45ab10baa42e7
ffa7619c6ad70cc86706274581fc834ac5a80d40
1516c7f4d64bf52f28fb9310908dde2357ebe9e34a431d2eb00c3ac5ce0c0b96
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/iTrack_files/sara_user.png HTTP/1.1
Host: clicks.carbonpath.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/clicks/iTrack.php?sid=1001038&h=fp5t_ca8dkgeta5maty10xvgdjf7xuvkwflcnjmo9ai/oy1opfba3acuy80xa-iiiw3-5zie61s-o_pq2r3ueu1qamwpu0h3pyzgb7eqj7885xzjxqv4fjr7whpdztcyia
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 06:14:46 GMT
Content-Type: image/png
Content-Length: 6414
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: "6396c0f4-190e"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jpxd75GXSg3uvybG0AjmH4lCYo%2F4NHXb34Yqdr%2BjxNOYt9SimQ7S8Z0suW%2BcPOwyglY%2FpxR%2BtSEAM6EIChrPP%2FLCHYQnlPMQbiF9BvctQL4olcNpaEVA4GCXmh6HAyWlI1KcoWU4uwAB"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ad85389bcd0afe-OSL
alt-svc: h2=":443"; ma=60
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sat, 17 Dec 2022 04:41:08 GMT
expires: Sat, 17 Dec 2022 06:41:08 GMT
cache-control: public, max-age=7200
age: 5618
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
clicks.carbonpath.shop/clicks/iTrack_files/jenny_b_sm.png
172.67.180.155200 OK 79 kB URL HTTP/1.1 clicks.carbonpath.shop/clicks/iTrack_files/jenny_b_sm.png
IP 172.67.180.155:0
File type PNG image data, 610 x 400, 8-bit colormap, non-interlaced\012- data
Hash cc292e7fc0a14c3ba375cf40810298dd
7da3885b8376a06f38b328972180cd9df713dbd7
d74b039e6cc013d8cf139ac882572278a534bf9749da080c2471b3c769071fdf
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/iTrack_files/jenny_b_sm.png HTTP/1.1
Host: clicks.carbonpath.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/clicks/iTrack.php?sid=1001038&h=fp5t_ca8dkgeta5maty10xvgdjf7xuvkwflcnjmo9ai/oy1opfba3acuy80xa-iiiw3-5zie61s-o_pq2r3ueu1qamwpu0h3pyzgb7eqj7885xzjxqv4fjr7whpdztcyia
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 06:14:46 GMT
Content-Type: image/png
Content-Length: 79275
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: "6396c0f4-135ab"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8w1vTDkphAtDDHczC74aaK0qnT%2Fb5soudEm%2Fe3uX12Z0XNP9P%2BqGkJpmGpewiwygeAsVcNLo4lg9%2FGoJf4VPHsrs%2FcJdlsPoJul56xUrNy5TzpMoM5RkS3jHjkV4RR30yRkKgzpjY6Ce"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ad85396a051bfe-OSL
alt-svc: h2=":443"; ma=60
clicks.carbonpath.shop/clicks/iTrack_files/win.png
172.67.180.155200 OK 22 kB URL HTTP/1.1 clicks.carbonpath.shop/clicks/iTrack_files/win.png
IP 172.67.180.155:0
File type PNG image data, 300 x 384, 8-bit colormap, non-interlaced\012- data
Hash 0c80602d00c6e811d591527c6d879b6a
6f7740f4170a46c9f01743fc964f5e0ee573fc0b
a6b41a873b54b0d8fcac150fac65446002149d9fed53248f48ce4864457adbab
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/iTrack_files/win.png HTTP/1.1
Host: clicks.carbonpath.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/clicks/iTrack.php?sid=1001038&h=fp5t_ca8dkgeta5maty10xvgdjf7xuvkwflcnjmo9ai/oy1opfba3acuy80xa-iiiw3-5zie61s-o_pq2r3ueu1qamwpu0h3pyzgb7eqj7885xzjxqv4fjr7whpdztcyia
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 06:14:46 GMT
Content-Type: image/png
Content-Length: 22413
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: "6396c0f4-578d"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bwzj7E%2BqdLw2fRrys%2FOXwmM648LH7%2FntPihwEEKxyQwx6AJZWI3otg6Rnxetq5JkwKlQKfyOoA%2FvHL88FCKn%2F8xb%2BR7uuWxSY53POQjIktppuDbbWpr6FEI2HmCEcen173ozMJYAaT0w"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ad853978710af6-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c7752844f399cd1f7dfb1ca6131bd407
d63b2b783ce290d2e032da1f60999584ab171579
2079c3ea0b15311a93e9bb07c107f209637e040327fd80a15cd17989acb83b81
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 06:14:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-22484186-3&cid=1454804260.1671257683&jid=1616621648&gjid=1603364616&_gid=1962128680.1671257683&_u=YEBAAUAAAAAAACAAI~&z=643732166
209.85.233.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-22484186-3&cid=1454804260.1671257683&jid=1616621648&gjid=1603364616&_gid=1962128680.1671257683&_u=YEBAAUAAAAAAACAAI~&z=643732166
IP 209.85.233.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-22484186-3&cid=1454804260.1671257683&jid=1616621648&gjid=1603364616&_gid=1962128680.1671257683&_u=YEBAAUAAAAAAACAAI~&z=643732166 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://clicks.carbonpath.shop
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://clicks.carbonpath.shop
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 17 Dec 2022 06:14:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8b1f3ab941f9af9d95c8b8de3919330c
581032c8d194a696e353070d25165321504c0176
852cc4977786c9e7c01867e8d4fafc93fa44fd1c4c6d25a9986cf6856aff991c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 06:14:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c7752844f399cd1f7dfb1ca6131bd407
d63b2b783ce290d2e032da1f60999584ab171579
2079c3ea0b15311a93e9bb07c107f209637e040327fd80a15cd17989acb83b81
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 06:14:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c8a49c10c60b31f85897b10f4ec4cf83
a36d1f2e9c383be9d1e8f3582e4245848c737942
96090cb245f690b7cc9a8b4cd11b6fbb1eede6e139f3a5485c8e58196024e7bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 06:14:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-22484186-3&cid=1454804260.1671257683&jid=1616621648&_u=YEBAAUAAAAAAACAAI~&z=1261283185
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-22484186-3&cid=1454804260.1671257683&jid=1616621648&_u=YEBAAUAAAAAAACAAI~&z=1261283185
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-22484186-3&cid=1454804260.1671257683&jid=1616621648&_u=YEBAAUAAAAAAACAAI~&z=1261283185 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 06:14:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-22484186-3&cid=1454804260.1671257683&jid=1616621648&_u=YEBAAUAAAAAAACAAI~&z=1261283185
216.58.207.228200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-22484186-3&cid=1454804260.1671257683&jid=1616621648&_u=YEBAAUAAAAAAACAAI~&z=1261283185
IP 216.58.207.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-22484186-3&cid=1454804260.1671257683&jid=1616621648&_u=YEBAAUAAAAAAACAAI~&z=1261283185 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 06:14:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6cd3c8548b8811b213e85df0a3b1a014
e90bbfcdfbb6d3166d9d048779953d8fecf27ae5
930971c486433cee86cb510d32fb871db02ba77b3b811a03f9318d60f34b0bcb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "930971C486433CEE86CB510D32FB871DB02BA77B3B811A03F9318D60F34B0BCB"
Last-Modified: Thu, 15 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 17 Dec 2022 12:14:46 GMT
Date: Sat, 17 Dec 2022 06:14:46 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8b1f3ab941f9af9d95c8b8de3919330c
581032c8d194a696e353070d25165321504c0176
852cc4977786c9e7c01867e8d4fafc93fa44fd1c4c6d25a9986cf6856aff991c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 06:14:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hqgeeks.com/iTrack/images/favicon.png
207.154.203.102200 OK 8.9 kB URL HTTP/1.1 hqgeeks.com/iTrack/images/favicon.png
IP 207.154.203.102:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash 4be60e63e7201b661538faf13c00e2ea
6150961b23b2e17cf687bfa6bbba11d5903b4a5f
ce01a9239bd33f9b872257b8cd789396114fdbf463bbbb87fa51364de989e079
GET /iTrack/images/favicon.png HTTP/1.1
Host: hqgeeks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://clicks.carbonpath.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Sat, 17 Dec 2022 06:14:46 GMT
Content-Type: image/png
Content-Length: 8850
Last-Modified: Tue, 06 Mar 2018 16:07:50 GMT
Connection: keep-alive
ETag: "5a9ebcd6-2292"
Expires: Fri, 17 Mar 2023 06:14:46 GMT
Pragma: public
Cache-Control: max-age=7776000, public
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b56a3548738502fa3cc2d975411a7900
e6584e903da8e7e6062fd14d0c927495f6819b83
8b4ed97669a9d9a093cb9b4c92f1676681ea9c279ac47105042fa922bb32057b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 06:14:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F631cb6d2-ac62-4b2c-8cf0-7c83deae0f02.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F631cb6d2-ac62-4b2c-8cf0-7c83deae0f02.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ac96a0cab4c96df122836bceb4850207
661d83a82eadfe8b2582a0550f6f1fd8af550695
a611f9d423d24a7461aea0d50d8bf1730ac24ab368f5f240349fa983a670fa03
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F631cb6d2-ac62-4b2c-8cf0-7c83deae0f02.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4922
x-amzn-requestid: 2d4d89a2-5ac9-40e5-9a5e-9bbcf2c3708b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dOj89G7UoAMFeWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639c19ec-2472c71330e0a5ae08fea9f4;Sampled=0
x-amzn-remapped-date: Fri, 16 Dec 2022 07:10:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: LEJlE4T5uEsDprOHhOTAeEG_tNxYttx13OOmtHAD9iRGpZsLbrkLyQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 21:40:19 GMT
age: 30872
etag: "661d83a82eadfe8b2582a0550f6f1fd8af550695"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2