Overview

URLwww.dosya.tc/server39/udru1u/Emoj
IP 136.243.28.94 (Germany)
ASN#24940 Hetzner Online GmbH
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-26 15:48:43 UTC
StatusLoading report..
IDS alerts0
Blocklist alert7
urlquery alerts No alerts detected
Tags None

Domain Summary (17)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
ocsp.pki.goog (3) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.3
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 44.238.202.79
datatechonert.com (1) 46154 2021-12-24 16:44:17 UTC 2022-11-26 11:18:33 UTC 139.45.195.253
www.dosya.tc (14) 0 2012-05-20 19:31:56 UTC 2020-04-27 11:14:42 UTC 136.243.28.94 Domain (dosya.tc) ranked at: 229463
r3.o.lencr.org (8) 344 No data No data 23.36.77.32
ocsp.digicert.com (4) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
phicmune.net (3) 199064 2021-04-07 14:53:43 UTC 2022-11-26 08:33:33 UTC 139.45.197.251
my.rtmark.net (1) 9054 2017-08-22 14:11:49 UTC 2022-11-26 05:56:01 UTC 139.45.195.8
ocsp.sectigo.com (1) 487 2019-11-29 11:50:24 UTC 2021-09-17 20:05:40 UTC 172.64.155.188
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
tzegilo.com (1) 0 2022-01-14 15:27:15 UTC 2022-11-26 05:56:05 UTC 172.67.194.45 Unknown ranking
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
cdn.itskiddien.club (3) 0 2022-10-06 16:03:35 UTC 2022-11-26 08:45:04 UTC 139.45.197.236 Unknown ranking
stats.g.doubleclick.net (1) 96 2013-06-10 20:21:11 UTC 2022-11-26 08:32:06 UTC 142.251.1.156
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-26 05:33:20 UTC 34.102.187.140
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-26 05:33:16 UTC 34.117.237.239
uwoaptee.com (6) 210033 2021-04-08 13:52:14 UTC 2022-11-26 09:52:00 UTC 139.45.197.251

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
 No alerts detected

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-11-26 2 uwoaptee.com Sinkholed
2022-11-26 2 uwoaptee.com Sinkholed
2022-11-26 2 uwoaptee.com Sinkholed
2022-11-26 2 uwoaptee.com Sinkholed
2022-11-26 2 uwoaptee.com Sinkholed
2022-11-26 2 datatechonert.com Sinkholed
2022-11-26 2 uwoaptee.com Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 136.243.28.94
Date UQ / IDS / BL URL IP
2023-02-03 19:13:33 +0000 0 - 1 - 9 www.dosya.tc/server37/19gn8v/Far_Cry_6_Turkce (...) 136.243.28.94
2023-02-03 09:27:22 +0000 0 - 1 - 9 www.dosya.tc/server40/bkwrn5/ogi_fps_boost_ci (...) 136.243.28.94
2023-01-31 19:31:33 +0000 0 - 1 - 3 www.dosya.tc/server41/lf89ym/LucioBats.rar.html 136.243.28.94
2023-01-31 10:20:59 +0000 0 - 1 - 3 www.dosya.tc/server41/w3wga7/PG_REKT.V6.rar.html 136.243.28.94
2023-01-29 21:08:42 +0000 0 - 1 - 4 www.dosya.tc/server41/wpf6mr/main.exe.html 136.243.28.94


Last 5 reports on ASN: Hetzner Online GmbH
Date UQ / IDS / BL URL IP
2023-02-05 13:41:41 +0000 0 - 2 - 0 joxi.net/vAWo1gLS378eLA 78.47.21.153
2023-02-05 13:40:51 +0000 0 - 0 - 2 dl1.topfiles.net/files/2/1214/40639/Qm0vdm_W2 (...) 95.216.1.112
2023-02-05 13:30:39 +0000 0 - 4 - 2 charmingdatings.life/ 116.202.4.130
2023-02-05 13:23:49 +0000 0 - 5 - 1 transfer.sh/TycdyB/DISK%20DRILL.zip 144.76.136.153
2023-02-05 13:23:35 +0000 0 - 5 - 1 transfer.sh/get/TycdyB/DISK%20DRILL.zip 144.76.136.153


Last 5 reports on domain: dosya.tc
Date UQ / IDS / BL URL IP
2023-02-05 11:40:58 +0000 0 - 1 - 3 s6.dosya.tc/server12/vsbo5t/Yeni_WinRAR_arsiv (...) 157.90.180.51
2023-02-05 09:44:06 +0000 0 - 1 - 3 s2.dosya.tc/server22/dusmrr/vL9tqnIYXU_protec (...) 168.119.136.27
2023-02-04 23:34:32 +0000 0 - 1 - 6 s7.dosya.tc/server19/w4968y/securitycams_1__1 (...) 88.99.249.62
2023-02-04 22:23:19 +0000 0 - 1 - 6 s6.dosya.tc/server10/3gac5w/REACH.bat.html%C3%BC 157.90.180.51
2023-02-04 18:44:26 +0000 0 - 1 - 4 s2.dosya.tc/server22/gbc1vz/zulazahilesiactiv (...) 168.119.136.27


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-02-04 23:34:32 +0000 0 - 1 - 6 s7.dosya.tc/server19/w4968y/securitycams_1__1 (...) 88.99.249.62
2023-02-04 22:23:19 +0000 0 - 1 - 6 s6.dosya.tc/server10/3gac5w/REACH.bat.html%C3%BC 157.90.180.51
2023-02-03 07:14:51 +0000 0 - 1 - 3 s6.dosya.tc/server12/0tgmwm/Sweden_Data_Leake (...) 157.90.180.51
2023-01-31 16:21:09 +0000 0 - 1 - 7 s7.dosya.tc/server22/xk5md3/fall_guys_kurulum (...) 88.99.249.62
2023-01-29 15:07:47 +0000 0 - 1 - 7 s6.dosya.tc/server12/l0oktz/X... 157.90.180.51

JavaScript

Executed Scripts (8)

Executed Evals (2)
#1 JavaScript::Eval (size: 80) - SHA256: 1e8175c6fc38f108b603afd2c45ef10a59787c2077fee7b16ca2fd5ba5c1a5da
(() => {
    const a = async
    function name() {};
    window['blk4v594w7u'] = true;
})()
#2 JavaScript::Eval (size: 9) - SHA256: 9312a1adbbf0a4c05fc296d158ec3bd39acfe50e9e98ff02688139aad6fc3351
debugger;

Executed Writes (0)


HTTP Transactions (57)


Request Response
                                        
                                            GET /server39/udru1u/Emoj HTTP/1.1 
Host: www.dosya.tc
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         136.243.28.94
HTTP/1.1 302 Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Sat, 26 Nov 2022 15:48:32 GMT
Server: Apache
Location: https://www.dosya.tc/server39/udru1u/Emoj
Content-Length: 225
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   225
Md5:    41543f563f4c839d8209548bd2d1e080
Sha1:   0b5c475ca8f1ceeb8f764c6d0d8b03116d89d481
Sha256: 8acf56046d9960e017a362b17226cefc56c1ae6015f6f783b83ce74fd2281e32
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4726
Expires: Sat, 26 Nov 2022 17:07:18 GMT
Date: Sat, 26 Nov 2022 15:48:32 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14723
Expires: Sat, 26 Nov 2022 19:53:55 GMT
Date: Sat, 26 Nov 2022 15:48:32 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5577
Cache-Control: max-age=159333
Date: Sat, 26 Nov 2022 15:48:32 GMT
Etag: "6381eaec-1d7"
Expires: Mon, 28 Nov 2022 12:04:05 GMT
Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: YCFzlBdPi2tzWkDcl/iDjiXxU+0KlNVShGa2L6/Mc7mYNhTjHb7SaLwRC7idHe82sIW7keLlb9w=
x-amz-request-id: H2AD2N7Q4R1MSE4G
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 26 Nov 2022 15:44:17 GMT
age: 255
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 26 Nov 2022 15:17:32 GMT
cache-control: public,max-age=3600
age: 1860
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    d130218d0e2841f39c99610fe1a2ab90
Sha1:   29fbe1e177ee55c7a61ae0a206afff271cf5f945
Sha256: 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sat, 26 Nov 2022 15:48:32 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /server39/udru1u/Emoj HTTP/1.1 
Host: www.dosya.tc
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         136.243.28.94
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=ISO-8859-9
                                        
Date: Sat, 26 Nov 2022 15:48:32 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ISO-8859 text
Size:   3575
Md5:    75d6db52f586c04bcdf6f5148cfd5bd0
Sha1:   105764b87f0cc61173dc01ba8e4a687f84b9032b
Sha256: a633a45303762b9a5e03177e1b18eae4badfb9773ef541b4958017f2878edab5
                                        
                                            GET /style/style.css HTTP/1.1 
Host: www.dosya.tc
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dosya.tc/server39/udru1u/Emoj
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         136.243.28.94
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sat, 26 Nov 2022 15:48:32 GMT
Server: Apache
Last-Modified: Fri, 07 Jun 2019 21:04:48 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2005
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  assembler source, ASCII text
Size:   2005
Md5:    ac278d5531b52b2d9cc32edf71749d43
Sha1:   5685f1c07b37853ce04e029c1e6c3b64f5d2baae
Sha256: 9b3f0f81ca9ca1c387b9940500e893aa22e23751225254fd73367736ec7e3389
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "2688502812EF2A9867FDA273967A4A38FB71DEC3DD14B9DED3EF16A0DC3A2A8A"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11339
Expires: Sat, 26 Nov 2022 18:57:31 GMT
Date: Sat, 26 Nov 2022 15:48:32 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "07B9D654195C03AFA712DEB0AE04F119002F647F6A3CCAE038FD24AF59B6E114"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16744
Expires: Sat, 26 Nov 2022 20:27:36 GMT
Date: Sat, 26 Nov 2022 15:48:32 GMT
Connection: keep-alive

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 26 Nov 2022 15:08:54 GMT
cache-control: public,max-age=3600
age: 2379
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /style/bootstrap.css HTTP/1.1 
Host: www.dosya.tc
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dosya.tc/server39/udru1u/Emoj
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         136.243.28.94
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sat, 26 Nov 2022 15:48:32 GMT
Server: Apache
Last-Modified: Thu, 30 May 2019 23:25:25 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 20804
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (540)
Size:   20804
Md5:    31be671a9cab0b21b4d5879fbfa1c100
Sha1:   115f1f29dacf8dddf74371971b28840fd10b9661
Sha256: 802acd624acac101802644608abc8f5708c664405b97715e7f34649f0bc4f5df
                                        
                                            GET /images/footer-icon2.png HTTP/1.1 
Host: www.dosya.tc
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dosya.tc/server39/udru1u/Emoj
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         136.243.28.94
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sat, 26 Nov 2022 15:48:33 GMT
Server: Apache
Last-Modified: Tue, 28 May 2019 20:58:47 GMT
Accept-Ranges: bytes
Content-Length: 850
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced\012- data
Size:   850
Md5:    51a472b4a51ea9245ee6f4386f07818f
Sha1:   a19e86c411dc6da3592d1f90e89ddf68df1fee3c
Sha256: eea1befd43d3dc930a0eb0335c56ed8bc7e14aa1ee3e6c546cd21c1826362750
                                        
                                            GET /images/footer-icon1.png HTTP/1.1 
Host: www.dosya.tc
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dosya.tc/server39/udru1u/Emoj
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         136.243.28.94
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sat, 26 Nov 2022 15:48:33 GMT
Server: Apache
Last-Modified: Tue, 28 May 2019 20:58:47 GMT
Accept-Ranges: bytes
Content-Length: 582
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced\012- data
Size:   582
Md5:    e62d200d08f565563cc9b713729bbaa6
Sha1:   3a130f79117f2aaa91154eb56a22b47de8c06a50
Sha256: 101d88dc759a5588d5c064fe233b6b19c565966a527a03eb9cdc29c733b8d4c3
                                        
                                            GET /images/logo.png HTTP/1.1 
Host: www.dosya.tc
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dosya.tc/server39/udru1u/Emoj
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         136.243.28.94
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sat, 26 Nov 2022 15:48:33 GMT
Server: Apache
Last-Modified: Tue, 28 May 2019 20:58:54 GMT
Accept-Ranges: bytes
Content-Length: 7157
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 191 x 53, 8-bit/color RGB, non-interlaced\012- data
Size:   7157
Md5:    2a193802d40b18cd55b0d159571bf63c
Sha1:   1a4e4bdf88317471241d9e5ee29d9572be3f37e3
Sha256: 77eba513db8685e5a4b7633684b1d6b175bf8272ccfff3c6a1c0735d37d1d57a
                                        
                                            GET /images/footer-icon3.png HTTP/1.1 
Host: www.dosya.tc
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dosya.tc/server39/udru1u/Emoj
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         136.243.28.94
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sat, 26 Nov 2022 15:48:33 GMT
Server: Apache
Last-Modified: Tue, 28 May 2019 20:58:47 GMT
Accept-Ranges: bytes
Content-Length: 1702
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced\012- data
Size:   1702
Md5:    3a61d85a6bb0a45429b1e4b7d945aa95
Sha1:   6fcdf44c20d1ed269303583e16a98e245fa7b69b
Sha256: c84a015988434d7fa0c884f5590de727799abacb9c4a4ad6b4cadea4b97ea732
                                        
                                            GET /zone?pub=0&zone_id=5030740&is_mobile=false&domain=www.dosya.tc&var=&ymid=&var_3= HTTP/1.1 
Host: uwoaptee.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dosya.tc/
Origin: https://www.dosya.tc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.251
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Sat, 26 Nov 2022 15:48:33 GMT
content-length: 755
x-trace-id: acfe23be626c20695a4a7ab2b36dd086
access-control-allow-origin: https://www.dosya.tc
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (754)
Size:   755
Md5:    f993df9f39d5e03ad963043dbff24a2f
Sha1:   b6e35776ecab36b0c7703d4abb0f9a0a48093359
Sha256: 485a8e787a79a059f71a4cc2f2fe9e6dbdc7530c6e7cb597de0c0f9a0bcc42ae

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6133
Cache-Control: max-age=154831
Date: Sat, 26 Nov 2022 15:48:33 GMT
Etag: "6381d72b-1d7"
Expires: Mon, 28 Nov 2022 10:49:04 GMT
Last-Modified: Sat, 26 Nov 2022 09:06:51 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /images/menu-ayrac.png HTTP/1.1 
Host: www.dosya.tc
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dosya.tc/style/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         136.243.28.94
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sat, 26 Nov 2022 15:48:33 GMT
Server: Apache
Last-Modified: Tue, 28 May 2019 20:58:55 GMT
Accept-Ranges: bytes
Content-Length: 125
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 2 x 52, 8-bit/color RGB, non-interlaced\012- data
Size:   125
Md5:    35a0591c63feeb75e3e547e894ff6e2d
Sha1:   7dd00c2e8d4e9203b71d3fcb9a660e717b8dca7c
Sha256: 9700fc9abb23b0fa04c070487f5aebdcec2cbb22f10788ab7898032abe3fcced
                                        
                                            GET /images/download.gif HTTP/1.1 
Host: www.dosya.tc
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dosya.tc/server39/udru1u/Emoj
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         136.243.28.94
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Sat, 26 Nov 2022 15:48:33 GMT
Server: Apache
Last-Modified: Tue, 28 May 2019 20:58:46 GMT
Accept-Ranges: bytes
Content-Length: 7229
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 300 x 86\012- data
Size:   7229
Md5:    a9a5324512e43e463fe0a00118ad0c37
Sha1:   5375ae6855a34619ce428da5f835fc9d9ce06124
Sha256: 7964b17bc443c3bcf422211a690ac4bc62ad981d77d5c0b6bdddc982b8615a25
                                        
                                            GET /images/uye-girisi.png HTTP/1.1 
Host: www.dosya.tc
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dosya.tc/server39/udru1u/Emoj
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         136.243.28.94
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sat, 26 Nov 2022 15:48:33 GMT
Server: Apache
Last-Modified: Tue, 28 May 2019 20:58:56 GMT
Accept-Ranges: bytes
Content-Length: 2979
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 140 x 51, 8-bit/color RGB, non-interlaced\012- data
Size:   2979
Md5:    6925e8f5c208aae4dd55cadd1340f180
Sha1:   a03365e7fb59c9588b3b7963e18c0b3e5d4cb369
Sha256: 6bfa03e8b7d8249e9927cafe801657559f7b7064248bb970b55fb4b689611f2d
                                        
                                            GET /zone?pub=0&zone_id=5030740&is_mobile=false&domain=www.dosya.tc&var=&ymid=&var_3= HTTP/1.1 
Host: phicmune.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dosya.tc/
Origin: https://www.dosya.tc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.251
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Sat, 26 Nov 2022 15:48:33 GMT
content-length: 755
x-trace-id: 45c012913ea37aa8e6ba9e0d6c19fb14
access-control-allow-origin: https://www.dosya.tc
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (754)
Size:   755
Md5:    f993df9f39d5e03ad963043dbff24a2f
Sha1:   b6e35776ecab36b0c7703d4abb0f9a0a48093359
Sha256: 485a8e787a79a059f71a4cc2f2fe9e6dbdc7530c6e7cb597de0c0f9a0bcc42ae
                                        
                                            GET /pfe/current/tag.min.js?z=5030740 HTTP/1.1 
Host: uwoaptee.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dosya.tc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         139.45.197.251
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sat, 26 Nov 2022 15:48:33 GMT
last-modified: Thu, 24 Nov 2022 15:53:54 GMT
etag: W/"637f9392-39be"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   118806
Md5:    5a7bcd583fdae39ba11bf4210d7a42b9
Sha1:   08e090cf01ead7adb794fa7ee55c93f96cd4f27c
Sha256: 02d21f7fbc274d07cebd30ebbd53116ff4b3a216ce449866f942edae97430148

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /apple-touch-icon.png HTTP/1.1 
Host: www.dosya.tc
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dosya.tc/server39/udru1u/Emoj
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         136.243.28.94
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sat, 26 Nov 2022 15:48:33 GMT
Server: Apache
Last-Modified: Fri, 07 Jun 2019 16:58:22 GMT
Accept-Ranges: bytes
Content-Length: 6556
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced\012- data
Size:   6556
Md5:    bfd9b50e03f63b25c253a5d6fa5c5ef4
Sha1:   b4c68746da8a1da96b57d37990bfbfb0f716c14b
Sha256: ca0f27136956761254299ac92d78aecca2c21841760c56904d894eb13ea0237f
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 26 Nov 2022 15:48:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /pfe/current/universal.min.js?v=3.1.405 HTTP/1.1 
Host: phicmune.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dosya.tc/
Origin: https://www.dosya.tc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.251
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sat, 26 Nov 2022 15:48:33 GMT
last-modified: Thu, 24 Nov 2022 15:53:54 GMT
etag: W/"637f9392-180b9"
access-control-allow-origin: https://www.dosya.tc
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   53511
Md5:    f79fde7309399a8c7bc68f3c1d2600eb
Sha1:   5cff0fb9e0480f45cf57fac0e4115fad4c98baae
Sha256: 1036e5f4c8e5a917266c08d2358355fad1bbc1d7434d8244400c854e5a94f575
                                        
                                            GET /favicon-16x16.png HTTP/1.1 
Host: www.dosya.tc
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dosya.tc/server39/udru1u/Emoj
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         136.243.28.94
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sat, 26 Nov 2022 15:48:33 GMT
Server: Apache
Last-Modified: Tue, 11 Jun 2019 22:06:40 GMT
Accept-Ranges: bytes
Content-Length: 1594
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size:   1594
Md5:    05c5d89a72c5dc5e863e151cc5fa9b68
Sha1:   df5a0242031f54494fe0bf1b2d7290cd5e864a15
Sha256: cd6cef0b6624ec979018be137e45b606f36c018b2d64cfe7e3d39815c0936a46
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 26 Nov 2022 15:48:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "2A1100063616FF401C1648425E0957F9CD45F757FA81C775F18B422A521A4C03"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4805
Expires: Sat, 26 Nov 2022 17:08:38 GMT
Date: Sat, 26 Nov 2022 15:48:33 GMT
Connection: keep-alive

                                        
                                            OPTIONS /custom HTTP/1.1 
Host: uwoaptee.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.dosya.tc/
Origin: https://www.dosya.tc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.251
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
server: nginx
date: Sat, 26 Nov 2022 15:48:33 GMT
content-length: 0
access-control-allow-origin: https://www.dosya.tc
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /sw.js HTTP/1.1 
Host: www.dosya.tc
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dosya.tc/server39/udru1u/Emoj
Connection: keep-alive
Cookie: _ga=GA1.2.1933579517.1669477713; _gid=GA1.2.1768552643.1669477713; _gat=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         136.243.28.94
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sat, 26 Nov 2022 15:48:33 GMT
Server: Apache
Last-Modified: Mon, 18 Apr 2022 10:12:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2381
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (5235)
Size:   2381
Md5:    1d6c1729cc0355d80de21444da3b79de
Sha1:   b4f29f327d3fadf1b15383b782470437cc51ba8d
Sha256: bb27c7c719c8137e74182cf656b46a985ac5ccc2fbc4f7fe93535193f6725b2b
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: DtJQFtO/CGe/WVtd7sHOTw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         44.238.202.79
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ENcmOYVx4fkAoYHMj4DUqZ18prc=

                                        
                                            POST /custom HTTP/1.1 
Host: uwoaptee.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dosya.tc/
Content-Type: application/json
Origin: https://www.dosya.tc
Content-Length: 381
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.251
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Sat, 26 Nov 2022 15:48:33 GMT
content-length: 39
x-trace-id: f15b699ba7839bf0de24c8447b0aa9c6
access-control-allow-origin: https://www.dosya.tc
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   39
Md5:    058b158c2be925f556454ef762d93538
Sha1:   cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
Sha256: ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6404
Cache-Control: max-age=152223
Date: Sat, 26 Nov 2022 15:48:33 GMT
Etag: "6381cbec-118"
Expires: Mon, 28 Nov 2022 10:05:36 GMT
Last-Modified: Sat, 26 Nov 2022 08:18:52 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 280

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6404
Cache-Control: max-age=152223
Date: Sat, 26 Nov 2022 15:48:33 GMT
Etag: "6381cbec-118"
Expires: Mon, 28 Nov 2022 10:05:36 GMT
Last-Modified: Sat, 26 Nov 2022 08:18:52 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 280

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "43BBB48A1A37A33C18036773457C75408E907C1FD7297A42152AEE29F396066E"
Last-Modified: Thu, 24 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6670
Expires: Sat, 26 Nov 2022 17:39:43 GMT
Date: Sat, 26 Nov 2022 15:48:33 GMT
Connection: keep-alive

                                        
                                            POST /custom HTTP/1.1 
Host: uwoaptee.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dosya.tc/
Content-Type: application/json
Origin: https://www.dosya.tc
Content-Length: 745
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.251
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Sat, 26 Nov 2022 15:48:33 GMT
content-length: 39
x-trace-id: f5cb934024ee4e594bee95772571480b
access-control-allow-origin: https://www.dosya.tc
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   39
Md5:    058b158c2be925f556454ef762d93538
Sha1:   cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
Sha256: ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /gid.js?userId=97c9e8269f544c27b997ad16b33ca24e HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dosya.tc
Connection: keep-alive
Referer: https://www.dosya.tc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         139.45.195.8
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Sat, 26 Nov 2022 15:48:33 GMT
content-length: 65
access-control-allow-origin: https://www.dosya.tc
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=97c9e8269f544c27b997ad16b33ca24e; expires=Sun, 26 Nov 2023 15:48:33 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   65
Md5:    08cc08c2f748c817fabc1a8cd41ad145
Sha1:   1302ef3a0806d88b1e2a373af7f68170f4dff909
Sha256: 89798c082e71c4df1528079995627357957731d25fee4a2dd0b5a380aba765cb
                                        
                                            GET /?rb=48YFN9kTW5dDpGzvPpnWdypEUtnOD0XrWeGZBVTOi0fCP93Ft8buu6bUYzQPTCpVQpPN9ZXo6okTO9Ig3QxOnGpJirUF6lnTBDgpw5rB0YDxAMPVkqE_kS2mu2tLuuQGKCnM5FFe1Zt3Cu_5ver3FWNrLiu8ID8Y2sqx1N-8a6E9mVjvh1LWB0ZzWYixOhNIjNu0lEKtHl_AZ9Oj5Z_F4NWX9fGdJs1EzLGC8ZssicYgLjDn&request_ab2=96002&zoneid=5426561&js_build=iclick-v1.454.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fwww.dosya.tc%2Fserver39%2Fudru1u%2FEmoj&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.454.0&bs=37368618-42ce-46f9-a4af-73c6ce5f8674&userId=97c9e8269f544c27b997ad16b33ca24e&m=link HTTP/1.1 
Host: cdn.itskiddien.club
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dosya.tc/
Origin: https://www.dosya.tc
Connection: keep-alive
Cookie: OAID=f6af5d6b51144bce92ede390972f6c93; oaidts=1669477713
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.236
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sat, 26 Nov 2022 15:48:33 GMT
x-trace-id: 295645bc9fe101e1aae1089d23ccb022
access-control-allow-origin: https://www.dosya.tc
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=97c9e8269f544c27b997ad16b33ca24e; expires=Sun, 26 Nov 2023 15:48:33 GMT; path=/; secure; SameSite=None oaidts=1669477713; expires=Sun, 26 Nov 2023 15:48:33 GMT; path=/; secure; SameSite=None syncedCookie=true; expires=Sat, 03 Dec 2022 15:48:33 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2133
Md5:    79a2f61e39c2e2d857722b77c47cbbe2
Sha1:   35e4ab9e4d42c44cdfd54b431f5cb16f5556fb08
Sha256: 2699aeff34559db1ed8dc78bc6848083517772315d131eec07b4a12f3ec17e72
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 26 Nov 2022 15:48:34 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 13:33:17 GMT
Expires: Fri, 02 Dec 2022 13:33:16 GMT
Etag: "374a72c3026ea1fa5defd1e8eb7be2ca7184dfd5"
Cache-Control: max-age=509682,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7703c4df6b27b4eb-OSL

                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-60205436-1&cid=1933579517.1669477713&jid=60550038&gjid=887873984&_gid=1768552643.1669477713&_u=IEBAAEAAAAAAACAAI~&z=2074503038 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.dosya.tc
Connection: keep-alive
Referer: https://www.dosya.tc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.251.1.156
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://www.dosya.tc
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 26 Nov 2022 15:48:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    c4ca4238a0b923820dcc509a6f75849b
Sha1:   356a192b7913b04c54574d18c28d46e6395428ab
Sha256: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
                                        
                                            POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1 
Host: datatechonert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1204
Origin: https://www.dosya.tc
Connection: keep-alive
Referer: https://www.dosya.tc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         139.45.195.253
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Server: nginx/1.19.10
Date: Sat, 26 Nov 2022 15:48:34 GMT
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://www.dosya.tc
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    adb4650bfc9d2a73d4dd69583b0ceb14
Sha1:   1ce399d6e936232aaf2192cd7903a279c5015f22
Sha256: 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 26 Nov 2022 15:48:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7540
Expires: Sat, 26 Nov 2022 17:54:14 GMT
Date: Sat, 26 Nov 2022 15:48:34 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7540
Expires: Sat, 26 Nov 2022 17:54:14 GMT
Date: Sat, 26 Nov 2022 15:48:34 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3502
x-amzn-requestid: ca3f2610-e03c-48a7-abb3-fbbab76f63d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvYUHO5IAMFqDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5ce-7e36137711dc4668278c1c94;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SRN-oOfa8Z0mQZFYkWAv32XFiXChfGjfwZkfWz-IzHubwrKgzwoTxQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 03:55:38 GMT
age: 42776
etag: "61f9bed607e81606be78285596acdc5e0e4f4994"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3502
Md5:    a783df85f30f9c555f9df6b99f61744d
Sha1:   61f9bed607e81606be78285596acdc5e0e4f4994
Sha256: 19db42201d0fa059f680d890ede6683c04e893e6308a2256d0203f826a7f34de
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9049
x-amzn-requestid: 6cbd9639-c29d-4ff4-8091-3168f64f4c78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVVGHzKoAMFSuA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638135ba-100ea4235fdf1df8491041c8;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:38:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: utbUF-6Z7rMqPNdRKHJyI-IZoyTy6HpkNBY-60xcZ-6NDXBz1XN6-Q==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:48:40 GMT
age: 64794
etag: "3d32bff85cb7ec118c4496d0c3802829fdc9af3b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9049
Md5:    c8dc4b8a7e9f7f4f84f0da568b43392b
Sha1:   3d32bff85cb7ec118c4496d0c3802829fdc9af3b
Sha256: 4b0ffde427085c796a7a5823604b29a4af43dbb93e99ec41f34feb37f52ac7d9
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 02:19:43 GMT
age: 48531
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4309
Md5:    841a4b110022a99ddea6f7bf66df0fa1
Sha1:   126771b86638108050cf57c0d12faa27f80f0edb
Sha256: 240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f5318cc-4728-4160-afd1-9d20b79b7de9.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9914
x-amzn-requestid: 4db4ed29-20b4-4ca7-8835-2463d0989d5b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVVFHQYIAMFc4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638135b9-613da006118724124e345b29;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:38:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qKxrYxVsJWOXAbrn6IpwLycF3rknFLkQeDyKOLq5WyflvTLeUjg_Lg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:18:42 GMT
age: 62992
etag: "47fac81a2dd809df5c42ca1362f71d553572d2b1"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9914
Md5:    3b1c6878914466cfece680fa7cb73502
Sha1:   47fac81a2dd809df5c42ca1362f71d553572d2b1
Sha256: 6458883dfa2bdfd483e92e5f847a229508ef00ce1dbd11f49eec369d0bd3160a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 15818
x-amzn-requestid: a6570859-3b03-492e-9f84-e25b01223da2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLXrUF3bIAMF8CA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381397b-379b1bcf2ac0715835e10e48;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:54:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TI0cacek54dPUYW7fYy0xm-1CKdRXZGqBH1vGURakUsBbm-WGcW-vA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:17:55 GMT
age: 63039
etag: "1ac7a410cd4f3709f476c776dd5646dd982dcfa8"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   15818
Md5:    17ebe470d040a6ea8c57e9b9d4f4e828
Sha1:   1ac7a410cd4f3709f476c776dd5646dd982dcfa8
Sha256: d65114b68fcc12344c6df7bf294718b79822fa9782d3bd54ca044b66f82052b1
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2bfe2d23-9843-4fb7-b46a-fd8ffd7bce9a.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9011
x-amzn-requestid: f0e83373-0f65-4358-a902-45f2e9c24c24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLUfPHzAoAMF4ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813461-19e037da49c44e4363bbe8f0;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:32:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: N2zsqycYk04GXPSMhxJKCrX84Asqzq8UNIFTYg2hJllP4fTGXzwEuA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:16:10 GMT
age: 63144
etag: "bed54bd4f659fbf29834b262e9179df7e7bc56a6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9011
Md5:    d30923b7d20eeb37527255c3ee1da34f
Sha1:   bed54bd4f659fbf29834b262e9179df7e7bc56a6
Sha256: 3110f22342b17a7b1d30bd53350e6a11fd6032d97bccf4206e4a27d6e332c79b
                                        
                                            GET /apu.php?zoneid=5426561 HTTP/1.1 
Host: cdn.itskiddien.club
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dosya.tc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.236
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sat, 26 Nov 2022 15:48:33 GMT
x-trace-id: 660ea58c942011877563463768cf5471
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=f6af5d6b51144bce92ede390972f6c93; expires=Sun, 26 Nov 2023 15:48:33 GMT; path=/; secure; SameSite=None oaidts=1669477713; expires=Sun, 26 Nov 2023 15:48:33 GMT; path=/; secure; SameSite=None syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /stattag.js HTTP/1.1 
Host: tzegilo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dosya.tc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.67.194.45
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sat, 26 Nov 2022 15:48:33 GMT
last-modified: Wed, 23 Nov 2022 15:07:42 GMT
etag: W/"637e373e-32a6"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 5577
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6r%2FgKZfBFubHQf3ydw67RHjWXDzDdqE1dULvgU6pJEK%2Fxzqmqr9iVhHbqxTR2gaYJI80pVD8xADfjxxKbXESgt%2FDCalgPIZnbeAcJKCrXiuCeqUzCXXdMJ7B8D1rOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7703c4de5d9ab511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /pfe/current/universal.min.js?v=3.1.405 HTTP/1.1 
Host: uwoaptee.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dosya.tc/
Origin: https://www.dosya.tc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.251
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sat, 26 Nov 2022 15:48:33 GMT
last-modified: Thu, 24 Nov 2022 15:53:54 GMT
etag: W/"637f9392-180b9"
access-control-allow-origin: https://www.dosya.tc
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /pfe/current/tag.min.js?z=5030740 HTTP/1.1 
Host: phicmune.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dosya.tc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         139.45.197.251
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sat, 26 Nov 2022 15:48:33 GMT
last-modified: Thu, 24 Nov 2022 15:53:54 GMT
etag: W/"637f9392-39be"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /apu.php?zoneid=5426561 HTTP/1.1 
Host: cdn.itskiddien.club
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dosya.tc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         139.45.197.236
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sat, 26 Nov 2022 15:48:33 GMT
x-trace-id: e0cca7af1e494c5e1f81b18ac0f49e60
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=97c9e8269f544c27b997ad16b33ca24e; expires=Sun, 26 Nov 2023 15:48:33 GMT; path=/; secure; SameSite=None oaidts=1669477713; expires=Sun, 26 Nov 2023 15:48:33 GMT; path=/; secure; SameSite=None syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---