Report - daughablelea.com/s?518fe1b2

Report Overview

Visitedpublic

2024-12-15 03:15:42

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
d1tafuajjg33f8.cloudfront.net	unknown	2008-04-25	2024-12-09	2024-12-09	417 B	69 kB	54.230.241.83
bineukdwithme.com	unknown	2024-11-07	2024-12-09	2024-12-09	1.0 kB	1.9 kB	172.67.183.159
daughablelea.com	unknown	2024-01-01	2024-09-23	2024-12-06	978 B	104 kB	104.21.56.50
ukankingwithea.com	unknown	2024-01-01	2024-09-05	2024-12-11	862 B	104 kB	0.0.0.0
dfdgfruitie.xyz	unknown	2022-08-22	2022-12-12	2024-12-11	411 B	926 B	104.21.13.114
fingerprinting36542.s3.us-east-1.amazonaws.com	unknown	2005-08-18	2024-12-09	2024-12-09	968 B	40 kB	52.216.216.242
yfueuktureu.com	unknown	2024-01-01	2024-08-02	2024-12-11	510 B	1.2 kB	172.67.132.181
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2024-12-11	522 B	8.7 kB	216.58.207.227
undefined	142677	unknown	2020-01-28	2024-12-11	974 B	0 B	0.0.0.0
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2024-12-11	940 B	17 kB	142.250.74.42

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-12-14	medium	undefined	Sinkholed

ThreatFox

No alerts detected

JavaScript (5)

	URL	From	Size	First Seen	Last Seen
	d1tafuajjg33f8.cloudfront.net/?tid=1088235	ScriptElement	225 kB	2024-12-15	2024-12-15
URL d1tafuajjg33f8.cloudfront.net/?tid=1088235 IP / ASN 54.230.241.83 #16509 AMAZON-02 Introduced by ScriptElement Embedded false Resource Info First Seen 2024-12-15 Last Seen 2024-12-15 Times Seen 1 Size 225 kB (224706 bytes) MD5 bdf95cb4bf59ef1cc90059a45bf15245 SHA1 eaac512880347b4b2d734d70f6bde21f914a47e6 SHA256 4646318969f26881be22c7557044fe7b8cb735da28e639f0757f38c01cd17839 Format Code Loading...

	fingerprinting36542.s3.us-east-1.amazonaws.com/fingerprint.js	ScriptElement	38 kB	2024-12-09	2025-08-03
URL fingerprinting36542.s3.us-east-1.amazonaws.com/fingerprint.js IP / ASN 52.216.216.242 #16509 AMAZON-02 Introduced by ScriptElement Embedded false Resource Info First Seen 2024-12-09 Last Seen 2025-08-03 Times Seen 412 Size 38 kB (38143 bytes) MD5 9ac06ba71cc5803c7515b3e8c3a2854d SHA1 03ba918aad85dda720c6f46267eb4fba9103aac3 SHA256 6cf24eed847d975853348f50d95b192ac37a4c49e96d8888af6dd2e15631a1fd Format Code Loading...

	dfdgfruitie.xyz/adserver/yzfdmoan.js	ScriptElement	0 B	0001-01-01	2025-08-04
URL dfdgfruitie.xyz/adserver/yzfdmoan.js IP / ASN 104.21.13.114 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded false Resource Info First Seen 0001-01-01 Last Seen 2025-08-04 Times Seen 5648503 Size 0 B (0 bytes) MD5 d41d8cd98f00b204e9800998ecf8427e SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Format Code Loading...

	fingerprinting36542.s3.us-east-1.amazonaws.com/loadFingerPrint.js	ScriptElement	653 B	2024-12-09	2025-08-03
URL fingerprinting36542.s3.us-east-1.amazonaws.com/loadFingerPrint.js IP / ASN 52.216.216.242 #16509 AMAZON-02 Introduced by ScriptElement Embedded false Resource Info First Seen 2024-12-09 Last Seen 2025-08-03 Times Seen 317 Size 653 B (653 bytes) MD5 6c2ea9c45e0053e2d4fe3eaeada5d896 SHA1 e5ec1f9cf5dceded1d58900137c9ecdea4fca4d6 SHA256 6b3e0f4edb818818625ffb8ede90fea90a9778c7516bec1d197fed877d5d37e2 Format Code Loading...

	daughablelea.com/s?518fe1b2	ScriptElement	92 kB	2024-12-15	2024-12-15
URL daughablelea.com/s?518fe1b2 IP / ASN 104.21.56.50 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded true Resource Info First Seen 2024-12-15 Last Seen 2024-12-15 Times Seen 1 Size 92 kB (92455 bytes) MD5 f7f9c56c2061a9d19a6c632750124289 SHA1 9729974f0dbd8d880e2de52709e1a0a97643f3f4 SHA256 09242c2398f412b2bda92d6a03ce9e78a1e3ec267aa29d850ec0ba1ac69269a0 Format Code Loading...

HTTP Transactions (15)

URL IP Response Size

GET dfdgfruitie.xyz/adserver/yzfdmoan.js

104.21.13.114

200 OK

0 B

URL GET HTTPS

dfdgfruitie.xyz/adserver/yzfdmoan.js

IP / ASN

104.21.13.114

#13335 CLOUDFLARENET

Requested byhttps://daughablelea.com/s?518fe1b2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-04

Times Seen5648503

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectdfdgfruitie.xyz

Fingerprint59:9A:52:D1:BE:14:69:D3:AF:93:CC:88:52:E4:38:E6:08:E9:1A:D1

ValidityWed, 20 Nov 2024 21:43:53 GMT - Tue, 18 Feb 2025 21:43:52 GMT

HTTP Headers

GET /adserver/yzfdmoan.js HTTP/1.1
Host: dfdgfruitie.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daughablelea.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 15 Dec 2024 03:15:18 GMT
content-type: application/x-javascript
content-length: 0
last-modified: Fri, 03 Feb 2023 19:26:28 GMT
etag: "63dd5fe4-0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2028
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WholnlLECOCKF9urBVZ3%2FHn8W6fgiq3vw77tFSe0YXYdf8MDMMaEntLKCD8RM%2Be7OV0A7LfhBzriLQcCpv9m77LQ0%2BLEswEuRz4Y2HKBs%2FYKNsdclaKHnB7N4OAi5k%2FtcdE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f2344b59c8b56c5-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=552&min_rtt=439&rtt_var=244&sent=6&recv=10&lost=0&retrans=0&sent_bytes=3209&recv_bytes=1067&delivery_rate=6798122&cwnd=253&unsent_bytes=0&cid=6b16bf182f1dba4d&ts=33&x=0"
X-Firefox-Spdy: h2

GET d1tafuajjg33f8.cloudfront.net/?tid=1088235

54.230.241.83

200 OK

68 kB

URL GET HTTPS

d1tafuajjg33f8.cloudfront.net/?tid=1088235

IP / ASN

54.230.241.83

#16509 AMAZON-02

Requested byhttps://daughablelea.com/s?518fe1b2

Resource Info

File typeJavaScript source, ASCII text, with very long lines (1741)

First Seen2024-12-15

Last Seen2024-12-15

Times Seen1

Size68 kB (68165 bytes)

MD5bdf95cb4bf59ef1cc90059a45bf15245

SHA1eaac512880347b4b2d734d70f6bde21f914a47e6

SHA2564646318969f26881be22c7557044fe7b8cb735da28e639f0757f38c01cd17839

Certificate Info

IssuerAmazon

Subject*.cloudfront.net

Fingerprint28:D3:87:79:3C:E8:8B:3C:D9:10:45:E5:F7:64:7A:6D:44:4E:5A:62

ValidityTue, 30 Jul 2024 00:00:00 GMT - Thu, 03 Jul 2025 23:59:59 GMT

HTTP Headers

GET /?tid=1088235 HTTP/1.1
Host: d1tafuajjg33f8.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daughablelea.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 68165
date: Sun, 15 Dec 2024 03:15:18 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4M1Fv5-_w39n2CjP1XZnvrWRFY6sLlZTa4Zt1UzltOWP9GW-Jkbvnw==
X-Firefox-Spdy: h2

GET bineukdwithme.com/a3ZuRVBESQ02bSYxChwdLD8oED0uMjkyGjwUGSEDKTAgIhMtM0gxOQ9LX3VoU0RdcHYbHwp4Y15QHTExHwMdeGFNHwAjP1ZQGHhgRUBAcX5aUBt4YU0CHiQ3VkdINSQfGlN0Z1hCXHZiXkdWdmZe

172.67.183.159

204 No Content

0 B

URL GET HTTPS

bineukdwithme.com/a3ZuRVBESQ02bSYxChwdLD8oED0uMjkyGjwUGSEDKTAgIhMtM0gxOQ9LX3VoU0RdcHYbHwp4Y15QHTExHwMdeGFNHwAjP1ZQGHhgRUBAcX5aUBt4YU0CHiQ3VkdINSQfGlN0Z1hCXHZiXkdWdmZe

IP / ASN

172.67.183.159

#13335 CLOUDFLARENET

Requested byhttps://daughablelea.com/s?518fe1b2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-04

Times Seen5648503

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectbineukdwithme.com

FingerprintAE:31:C5:0C:C4:68:23:D6:5A:7F:94:04:6E:D8:51:9A:C6:3F:78:63

ValidityFri, 08 Nov 2024 06:42:45 GMT - Thu, 06 Feb 2025 06:42:44 GMT

HTTP Headers

GET /a3ZuRVBESQ02bSYxChwdLD8oED0uMjkyGjwUGSEDKTAgIhMtM0gxOQ9LX3VoU0RdcHYbHwp4Y15QHTExHwMdeGFNHwAjP1ZQGHhgRUBAcX5aUBt4YU0CHiQ3VkdINSQfGlN0Z1hCXHZiXkdWdmZe HTTP/1.1
Host: bineukdwithme.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daughablelea.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Sun, 15 Dec 2024 03:15:18 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f2%2BvTnd9xziwiRa%2BZrHFu7wafy%2F1kKMTwSSdEQeyv0rfONXJbPfAHmPz1Zj4BUdqRfsGcvjB%2FEMKrcXJ9pdGKuMzTsXxkcP8Kaud1RnXxbdX%2F9eJlHzAVmF%2FkOaivV0XbwXj0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f2344b84920b4eb-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=609&min_rtt=508&rtt_var=221&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3214&recv_bytes=1190&delivery_rate=7438356&cwnd=254&unsent_bytes=0&cid=8e6f5eeaf932eebb&ts=157&x=0"
X-Firefox-Spdy: h2

GET bineukdwithme.com/popunder.gif

172.67.183.159

200 OK

58 B

URL GET HTTPS

bineukdwithme.com/popunder.gif

IP / ASN

172.67.183.159

#13335 CLOUDFLARENET

Requested byhttps://daughablelea.com/s?518fe1b2

Resource Info

File typeGIF image data, version 89a, 1 x 1

First Seen2023-04-05

Last Seen2025-08-04

Times Seen24136

Size58 B (58 bytes)

MD528d6814f309ea289f847c69cf91194c6

SHA10f4e929dd5bb2564f7ab9c76338e04e292a42ace

SHA2568337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Certificate Info

IssuerGoogle Trust Services

Subjectbineukdwithme.com

FingerprintAE:31:C5:0C:C4:68:23:D6:5A:7F:94:04:6E:D8:51:9A:C6:3F:78:63

ValidityFri, 08 Nov 2024 06:42:45 GMT - Thu, 06 Feb 2025 06:42:44 GMT

HTTP Headers

GET /popunder.gif HTTP/1.1
Host: bineukdwithme.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daughablelea.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 15 Dec 2024 03:15:18 GMT
content-type: image/gif
content-length: 58
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
content-encoding: gzip
cf-cache-status: HIT
age: 477596
last-modified: Mon, 09 Dec 2024 14:35:22 GMT
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k9IoT40gszD7D%2B5cBlWV0Bu6dN9VrWkgLl%2FBwTTUSq%2F0utY%2FliwUng3nodWOX3qL7RKyfetl8G7KVVzHEzpLbbZ1xYDOpJYfn2t0jB%2FiUHzRWWCCRc1fUmmAeZ3m47MXdWPxmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f2344ba6938b4ee-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4301&min_rtt=1758&rtt_var=2476&sent=13&recv=8&lost=0&retrans=0&sent_bytes=4128&recv_bytes=1198&delivery_rate=334994&cwnd=12000&unsent_bytes=0&cid=a10fcfe07db910a9&ts=211&x=1", cfExtPri, cfHdrFlush;dur=0

GET fingerprinting36542.s3.us-east-1.amazonaws.com/loadFingerPrint.js

52.216.216.242

200 OK

653 B

URL GET HTTPS

fingerprinting36542.s3.us-east-1.amazonaws.com/loadFingerPrint.js

IP / ASN

52.216.216.242

#16509 AMAZON-02

Requested byhttps://daughablelea.com/s?518fe1b2

Resource Info

File typeASCII text

First Seen2024-12-09

Last Seen2025-08-03

Times Seen317

Size653 B (653 bytes)

MD56c2ea9c45e0053e2d4fe3eaeada5d896

SHA1e5ec1f9cf5dceded1d58900137c9ecdea4fca4d6

SHA2566b3e0f4edb818818625ffb8ede90fea90a9778c7516bec1d197fed877d5d37e2

Certificate Info

IssuerAmazon

Subjects3.amazonaws.com

FingerprintE8:B4:46:AB:CF:F8:1A:F9:65:3F:DD:AD:F3:14:03:B8:A9:44:A2:1F

ValidityMon, 18 Nov 2024 00:00:00 GMT - Fri, 07 Nov 2025 23:59:59 GMT

HTTP Headers

GET /loadFingerPrint.js HTTP/1.1
Host: fingerprinting36542.s3.us-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://daughablelea.com
DNT: 1
Connection: keep-alive
Referer: https://daughablelea.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: VMHpfu6vin59MNZ1GEo7HzSAW09II4fm4j9wJCTzV3fh0Ojp4tsdua2edyZDds2VRZ73dyEhvCI=
x-amz-request-id: BPZ8TWST4F3DFEXZ
Date: Sun, 15 Dec 2024 03:15:20 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, PUT, POST, DELETE
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Last-Modified: Mon, 09 Dec 2024 12:05:18 GMT
ETag: "6c2ea9c45e0053e2d4fe3eaeada5d896"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 653
Server: AmazonS3

GET fingerprinting36542.s3.us-east-1.amazonaws.com/fingerprint.js

52.216.216.242

200 OK

38 kB

URL GET HTTPS

fingerprinting36542.s3.us-east-1.amazonaws.com/fingerprint.js

IP / ASN

52.216.216.242

#16509 AMAZON-02

Requested byhttps://daughablelea.com/s?518fe1b2

Resource Info

File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (38136), with no line terminators

First Seen2024-12-09

Last Seen2025-08-03

Times Seen412

Size38 kB (38143 bytes)

MD59ac06ba71cc5803c7515b3e8c3a2854d

SHA103ba918aad85dda720c6f46267eb4fba9103aac3

SHA2566cf24eed847d975853348f50d95b192ac37a4c49e96d8888af6dd2e15631a1fd

Certificate Info

IssuerAmazon

Subjects3.amazonaws.com

FingerprintE8:B4:46:AB:CF:F8:1A:F9:65:3F:DD:AD:F3:14:03:B8:A9:44:A2:1F

ValidityMon, 18 Nov 2024 00:00:00 GMT - Fri, 07 Nov 2025 23:59:59 GMT

HTTP Headers

GET /fingerprint.js HTTP/1.1
Host: fingerprinting36542.s3.us-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://daughablelea.com
DNT: 1
Connection: keep-alive
Referer: https://fingerprinting36542.s3.us-east-1.amazonaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: hVxyrJiDPRqEWSwKngXfVAdM5CYGz00PSPh4U8OaFow+0J5i1pv0HDHI/QQe2K8UlbLvybL+rC4=
x-amz-request-id: BPZ3JTSGJFWVMNSP
Date: Sun, 15 Dec 2024 03:15:20 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, PUT, POST, DELETE
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Last-Modified: Mon, 09 Dec 2024 12:08:59 GMT
ETag: "9ac06ba71cc5803c7515b3e8c3a2854d"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 38143
Server: AmazonS3

GET daughablelea.com/favicon.ico

104.21.56.50

404 Not Found

7.1 kB

URL GET HTTPS

daughablelea.com/favicon.ico

IP / ASN

104.21.56.50

#13335 CLOUDFLARENET

Requested byhttps://daughablelea.com/s?518fe1b2

Resource Info

File typeHTML document, ASCII text, with CRLF line terminators

First Seen2023-04-07

Last Seen2025-08-03

Times Seen769

Size7.1 kB (7098 bytes)

MD5707a6bf80b2aae914a3475cb829e534b

SHA12e70d81cf7a8b2c2bf66521e720969d1e92f3819

SHA25620703cc00e86bed52bb9af00fac1cbd8c3dc16c2866b7251288325f1501c8755

Certificate Info

IssuerGoogle Trust Services

Subjectdaughablelea.com

Fingerprint42:87:D9:C4:59:06:62:DB:DB:1E:B1:D2:A1:EC:E4:03:1D:08:12:F1

ValidityThu, 21 Nov 2024 13:31:02 GMT - Wed, 19 Feb 2025 13:31:01 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: daughablelea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daughablelea.com/s?518fe1b2
Cookie: uid=ela33MBoV3qNpQetBEEErrwCeDr26k1V
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Sun, 15 Dec 2024 03:15:18 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: EXPIRED
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KYhFJG5IL2llMTj%2FoAv8ed2sxbxO0zWO%2BYMUC8aC45YwQ0T6dAe9%2BlAbi0U4qrc0%2BEPY2JJcZRkSahzS%2FD%2BXKnKMi2M6a31cVFKiWLvNDYPmA3jj%2FJbxVQQhicvngPD3hU0J"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f2344b51e035695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5401&min_rtt=1249&rtt_var=3434&sent=12&recv=6&lost=0&retrans=0&sent_bytes=4076&recv_bytes=1130&delivery_rate=471348&cwnd=12000&unsent_bytes=0&cid=3bf036ca670df334&ts=927&x=1", cfExtPri, cfHdrFlush;dur=0

POST yfueuktureu.com/tc

172.67.132.181

200 OK

0 B

URL POST HTTPS

yfueuktureu.com/tc

IP / ASN

172.67.132.181

#13335 CLOUDFLARENET

Requested byhttps://daughablelea.com/s?518fe1b2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-04

Times Seen5648503

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoogle Trust Services

Subjectyfueuktureu.com

Fingerprint83:69:22:BD:D6:7B:2C:F9:25:08:DE:B9:10:B2:3E:B5:0F:DC:BD:63

ValidityWed, 27 Nov 2024 10:36:16 GMT - Tue, 25 Feb 2025 10:36:15 GMT

HTTP Headers

OPTIONS /tc HTTP/1.1
Host: yfueuktureu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://daughablelea.com/
Origin: https://daughablelea.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 15 Dec 2024 03:15:19 GMT
content-type: application/json
content-length: 0
set-cookie: ci=305582426155464; Max-Age=86400; Secure; SameSite=None
access-control-allow-origin: https://daughablelea.com
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST, GET, OPTIONS, HEAD
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y54cn14PjAk4moKef9JJVtnvVYm%2BBbojuQXLyIzD3K%2BArgAltcYMTBIyo6XbjnWQ8ZybKLSplJffGKPpYVcwN1b3dDdJZlZKUjoLjTW%2BtcT2ybE%2B7M%2Bh%2F%2Fe9dj2%2FrGB%2BjFo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f2344be3c611c16-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1043&min_rtt=530&rtt_var=994&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3209&recv_bytes=1143&delivery_rate=7688495&cwnd=254&unsent_bytes=0&cid=9fe65d7f9af63cdd&ts=258&x=0"
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/poppins/v22/pxiEyp8kv8JHgFVrJJfecg.woff2

216.58.207.227

200 OK

7.9 kB

URL GET HTTPS

fonts.gstatic.com/s/poppins/v22/pxiEyp8kv8JHgFVrJJfecg.woff2

IP / ASN

216.58.207.227

#15169 GOOGLE

Requested byhttps://daughablelea.com/s?518fe1b2

Resource Info

File typeWeb Open Font Format (Version 2), TrueType, length 7884, version 1.0

First Seen2023-04-05

Last Seen2025-08-04

Times Seen104634

Size7.9 kB (7884 bytes)

MD59212f6f9860f9fc6c69b02fedf6db8c3

SHA1ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b

SHA2567d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Certificate Info

IssuerGoogle Trust Services

Subject*.gstatic.com

Fingerprint5E:64:A9:4C:59:5A:8F:EC:57:D9:7F:C4:7E:70:AC:88:F2:67:F1:79

ValidityMon, 04 Nov 2024 08:38:50 GMT - Mon, 27 Jan 2025 08:38:49 GMT

HTTP Headers

GET /s/poppins/v22/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://daughablelea.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 14 Dec 2024 04:15:23 GMT
expires: Sun, 14 Dec 2025 04:15:23 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 04 Dec 2024 06:53:08 GMT
content-type: font/woff2
age: 82797
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET daughablelea.com/s?518fe1b2

104.21.56.50

200 OK

95 kB

URL User Request GET HTTPS

daughablelea.com/s?518fe1b2

IP / ASN

104.21.56.50

#13335 CLOUDFLARENET

Requested byN/A

Resource Info

File typeHTML document, ASCII text, with very long lines (61248)

First Seen2024-12-15

Last Seen2024-12-15

Times Seen1

Size95 kB (95426 bytes)

MD5d01cdd05e23136b337fe487c2bfca4f9

SHA17a1221963a7f7d75622519ce664a9fb1dfd1f742

SHA256fa5fc95a2155b68d66381b3745eb92fac2f2eb1658f5024f0934bbc31c729ac0

Certificate Info

IssuerGoogle Trust Services

Subjectdaughablelea.com

Fingerprint42:87:D9:C4:59:06:62:DB:DB:1E:B1:D2:A1:EC:E4:03:1D:08:12:F1

ValidityThu, 21 Nov 2024 13:31:02 GMT - Wed, 19 Feb 2025 13:31:01 GMT

HTTP Headers

GET /s?518fe1b2 HTTP/1.1
Host: daughablelea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 15 Dec 2024 03:15:17 GMT
content-type: text/html
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST, GET, OPTIONS, HEAD
access-control-allow-credentials: true
set-cookie: uid=ela33MBoV3qNpQetBEEErrwCeDr26k1V; expires=Mon, 15 Dec 2025 03:15:17 GMT; Path=/; Secure
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ymGtvEF8QhKWn%2BUDNVQU%2FoyqMW1CuTacN%2FqmCB0P3pjdKbf9V0zZMA8gvtaZ1WMnwPyPyZ4ffXdkDQ4SnHUOCxTyBi5euTWJLYOqbPLHDRi9Fw0suc5%2BgdHPGp0TOq8cXq%2Bv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f2344af1c0fb4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=5667&min_rtt=515&rtt_var=10348&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3287&recv_bytes=1255&delivery_rate=7702127&cwnd=254&unsent_bytes=0&cid=90500f4c8664e77e&ts=256&x=0"
X-Firefox-Spdy: h2

GET undefined/NzNwRVlWURMoZlYOEmMsRV9NYGtxFkIDPQZHESMsVlkaImoEVUhrOltcBSE/RVweMXdZVgRga3EGIihtB2Y0JjV2ZR93GnN6OBAeB3QUKQB6ahcXI2R2ISwMXnEkEB1xcDkUA2F+HDYzdl81PR5kZjISAW1XPhQfVnoxKmF8WD09AH8LPhMgeUkyESlfcR4iaGR2MTQMBEcVADNPZDsEMn1XHAw2c2IcLRxkUDsTNAd3KQcpcmNBPW5wAh91DF5yOBIzYWcpBy1hUSYqKXF1QH0OTlc8BzFucBEDbWVqFyEscVQmLRxZZgMADn57OyI9VnklfDNvcl0UNnMAMT0YWmIjIQpAYSkiOgd0MgMzU11JHB5achUcaEB2PnQQW3EmMWh1YjImG3B2OCE1D3YpFxMHaxwMbGVgPQwOTlQjIRpQfSotNQVgNQMtdVRWLypYXQB4I3NEERJgVFADARpjZiYKKg

0.0.0.0

0 B

URL GET HTTP

undefined/NzNwRVlWURMoZlYOEmMsRV9NYGtxFkIDPQZHESMsVlkaImoEVUhrOltcBSE/RVweMXdZVgRga3EGIihtB2Y0JjV2ZR93GnN6OBAeB3QUKQB6ahcXI2R2ISwMXnEkEB1xcDkUA2F+HDYzdl81PR5kZjISAW1XPhQfVnoxKmF8WD09AH8LPhMgeUkyESlfcR4iaGR2MTQMBEcVADNPZDsEMn1XHAw2c2IcLRxkUDsTNAd3KQcpcmNBPW5wAh91DF5yOBIzYWcpBy1hUSYqKXF1QH0OTlc8BzFucBEDbWVqFyEscVQmLRxZZgMADn57OyI9VnklfDNvcl0UNnMAMT0YWmIjIQpAYSkiOgd0MgMzU11JHB5achUcaEB2PnQQW3EmMWh1YjImG3B2OCE1D3YpFxMHaxwMbGVgPQwOTlQjIRpQfSotNQVgNQMtdVRWLypYXQB4I3NEERJgVFADARpjZiYKKg

IP / ASN

0.0.0.0

Requested byhttps://daughablelea.com/s?518fe1b2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-04

Times Seen5648503

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /NzNwRVlWURMoZlYOEmMsRV9NYGtxFkIDPQZHESMsVlkaImoEVUhrOltcBSE/RVweMXdZVgRga3EGIihtB2Y0JjV2ZR93GnN6OBAeB3QUKQB6ahcXI2R2ISwMXnEkEB1xcDkUA2F+HDYzdl81PR5kZjISAW1XPhQfVnoxKmF8WD09AH8LPhMgeUkyESlfcR4iaGR2MTQMBEcVADNPZDsEMn1XHAw2c2IcLRxkUDsTNAd3KQcpcmNBPW5wAh91DF5yOBIzYWcpBy1hUSYqKXF1QH0OTlc8BzFucBEDbWVqFyEscVQmLRxZZgMADn57OyI9VnklfDNvcl0UNnMAMT0YWmIjIQpAYSkiOgd0MgMzU11JHB5achUcaEB2PnQQW3EmMWh1YjImG3B2OCE1D3YpFxMHaxwMbGVgPQwOTlQjIRpQfSotNQVgNQMtdVRWLypYXQB4I3NEERJgVFADARpjZiYKKg HTTP/1.1
Host: undefined
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daughablelea.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

GET fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap

142.250.74.42

200 OK

14 kB

URL GET HTTPS

fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap

IP / ASN

142.250.74.42

#15169 GOOGLE

Requested byhttps://daughablelea.com/s?518fe1b2

Resource Info

File typeASCII text

First Seen2024-10-16

Last Seen2025-01-08

Times Seen322

Size14 kB (14371 bytes)

MD5ff4c14d5a9bbd0462548b75157102e47

SHA1eedd8b74c0a52f296cdaa19abb47cf43190ba93b

SHA256809a15fe0f513132e18ea949f0afd4e227e29ea954b512f20fd79e42c7a7bf47

Certificate Info

IssuerGoogle Trust Services

Subjectupload.video.google.com

FingerprintD4:A3:E0:67:E1:FB:D8:0C:7B:58:AE:DA:81:4F:CA:47:9A:07:6E:5B

ValidityMon, 04 Nov 2024 08:38:51 GMT - Mon, 27 Jan 2025 08:38:50 GMT

HTTP Headers

GET /css2?family=Roboto:wght@100;300;400;500;700;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daughablelea.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 15 Dec 2024 03:15:17 GMT
date: Sun, 15 Dec 2024 03:15:17 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET ukankingwithea.com/

0.0.0.0

0 B

URL GET HTTPS

ukankingwithea.com/

IP / ASN

0.0.0.0

Requested byhttps://daughablelea.com/s?518fe1b2

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-04

Times Seen5648503

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://daughablelea.com/
Origin: https://daughablelea.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

GET ukankingwithea.com/asd100.bin

104.21.96.1

200 OK

102 kB

URL GET HTTPS

ukankingwithea.com/asd100.bin

IP / ASN

104.21.96.1

#13335 CLOUDFLARENET

Requested byhttps://daughablelea.com/s?518fe1b2

Resource Info

File typedata

First Seen2023-04-05

Last Seen2025-08-04

Times Seen12098

Size102 kB (102400 bytes)

MD54c6426ac7ef186464ecbb0d81cbfcb1e

SHA15a6918eebd9d635e8f632e3ef34e3792b1b5ec13

SHA256f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Certificate Info

IssuerGoogle Trust Services

Subjectukankingwithea.com

Fingerprint72:95:BE:5B:B7:C6:8C:31:B9:5E:60:DA:66:68:99:88:EC:99:F6:E5

ValiditySun, 03 Nov 2024 13:54:20 GMT - Sat, 01 Feb 2025 13:54:19 GMT

HTTP Headers

GET /asd100.bin HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://daughablelea.com/
Origin: https://daughablelea.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 15 Dec 2024 03:15:38 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://daughablelea.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: STALE
age: 906098
last-modified: Wed, 04 Dec 2024 15:34:00 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9MDPSXCWr1eBNA9MAf5yX2Vrwu%2Frebj3bj7b4%2F9de%2BOiJkd%2BSMMnRA6N41OK%2F8TZUOCWxWWvnkQQWDMuT7Njuo1KwLCJ96%2FNriD3CqDKEOJ1fBytcZj2VjIPk3X7yjgvjOzXaG0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f2344b849685694-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=3005&min_rtt=523&rtt_var=4923&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3292&recv_bytes=1282&delivery_rate=6561933&cwnd=254&unsent_bytes=0&cid=067dd433edf00ae9&ts=19664&x=0"
X-Firefox-Spdy: h2

GET fonts.googleapis.com/css?family=Poppins:wght@300;400;500;600;700&display=swap

142.250.74.42

200 OK

838 B

URL GET HTTPS

fonts.googleapis.com/css?family=Poppins:wght@300;400;500;600;700&display=swap

IP / ASN

142.250.74.42

#15169 GOOGLE

Requested byhttps://daughablelea.com/s?518fe1b2

Resource Info

File typeASCII text, with very long lines (856), with no line terminators

First Seen2024-12-04

Last Seen2025-04-06

Times Seen719

Size838 B (838 bytes)

MD55156943b0db8129e5eab09b1c17ae5be

SHA1218739de99cdbb2473ec48ea85ab0a5a5366236e

SHA25677db9e438748081cb84e88d7caf4978e460a7f92e82c4839e86b3bbfa1eccd2b

Certificate Info

IssuerGoogle Trust Services

Subjectupload.video.google.com

FingerprintD4:A3:E0:67:E1:FB:D8:0C:7B:58:AE:DA:81:4F:CA:47:9A:07:6E:5B

ValidityMon, 04 Nov 2024 08:38:51 GMT - Mon, 27 Jan 2025 08:38:50 GMT

HTTP Headers

GET /css?family=Poppins:wght@300;400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daughablelea.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 15 Dec 2024 03:15:18 GMT
date: Sun, 15 Dec 2024 03:15:18 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000