firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 09 Sep 2022 20:05:55 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: mEl3JiZJtJf0aEkNes3IgqJN5Py6Mf98I9pjfZsOYHIjpxeMVoyY7Q==
Age: 1170
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f55e483f32b3fd50b1a2414aaada9b61
9d6b22edb98866e002e3b1ace44dfb0f8d00935f
4b09e1d2b887ded061e4ec5f82ec70ce699eeed428acc6b4fd3ef10ed9233c89
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B09E1D2B887DED061E4EC5F82EC70CE699EEED428ACC6B4FD3EF10ED9233C89"
Last-Modified: Thu, 08 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13230
Expires: Sat, 10 Sep 2022 00:05:55 GMT
Date: Fri, 09 Sep 2022 20:25:25 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 09 Sep 2022 03:46:35 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 10-KJ_tEeNNg0353LP3MVt_lmooCBBZNXdij3JkoNf9yjqr2O4tAkg==
age: 59931
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 20:25:25 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Fri, 09 Sep 2022 19:56:07 GMT
Expires: Fri, 09 Sep 2022 20:52:54 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gyIAT-gVSRC0lbFTOBrMIdAWAAVSt__J7Tnz9vvLsSq5hkj_fhhJZA==
Age: 1758
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d0c56e0b2955a5dd7f37ba4bbf5727b4
f435bd1f6fb8ec931f1817fe4b91e6b86a7cb14b
99f7da9dca677db8e9cec5491c0d6d8a86b9c5e907907c2fdd30973c747f4282
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5344
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 20:25:26 GMT
Last-Modified: Fri, 09 Sep 2022 18:56:22 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
ya.co.ve/kzayf
198.54.116.76301 Moved Permanently 707 B IP 198.54.116.76:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /kzayf HTTP/1.1
Host: ya.co.ve
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Fri, 09 Sep 2022 20:25:26 GMT
server: LiteSpeed
location: https://ya.co.ve/kzayf
x-turbo-charged-by: LiteSpeed
push.services.mozilla.com/
34.208.31.97101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.208.31.97:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: QfHfckOKUQ9r25ZYzm1glw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5+8oPdTj86XxpoUdJO16YWjG2Wo=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6f52cf79de93f03bf34ee86fc86b53e5
f9a4a04a96d8759821b9c6c204673adc71df9acc
f126f229925f0388dec8cffff95e45e8d13d19d0019401ee45382fd7ded93d49
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F126F229925F0388DEC8CFFFF95E45E8D13D19D0019401EE45382FD7DED93D49"
Last-Modified: Fri, 09 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21585
Expires: Sat, 10 Sep 2022 02:25:11 GMT
Date: Fri, 09 Sep 2022 20:25:26 GMT
Connection: keep-alive
ya.co.ve/kzayf
198.54.116.76301 Moved Permanently 155 B IP 198.54.116.76:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash beacc26c1536245aca2dbfde49f064ef
1879acd3fbdb279f7b5d16acf3bfca539816386c
68de689482647e221011fe7a5fb73d9a58065f721a3453aabd3c71bfd8b76c5f
GET /kzayf HTTP/1.1
Host: ya.co.ve
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
x-powered-by: PHP/8.0.23
location: https://scemga.com/
cache-control: must-revalidate, no-cache, no-store, private
content-type: text/html; charset=UTF-8
set-cookie: XSRF-TOKEN=eyJpdiI6IjM5YTllMnNnckFTOGROTmx1Z0pra1E9PSIsInZhbHVlIjoicitqaVp0YjFcL2hPQlMrVWo2ZlhkZzIxSUpFUlRqSVE3VzBzSXZEWVVFa1JhXC95XC9ocGh5NVwvQkpBbG1XejJOeXNaa3RzSWtQVDk2cWtnb1VlWWlrYnR0UkgxSmRnMDNcL0VabmRPWWUxb1FrQ05KdFhLQjdNTXdraVI3N0NUY08xOSIsIm1hYyI6IjJjMDA0MGFmZGIxYWI1NmJlNDA1ZmI5NDVkZTZiYTE5YzMxMmFiYWVmNjIzZTU3MzE5ZDcxNDU1YTZkNjk3NjIifQ%3D%3D; expires=Fri, 09-Sep-2022 22:25:27 GMT; Max-Age=7200; path=/; secure
phpshort_session=eyJpdiI6IktVbFMxQkVWWVJVM0Z4dFJtazRON0E9PSIsInZhbHVlIjoid3V4NTYzZW5wYTY0UGx3VFdFcjdxWHBUQlEwNlM1endlUllydjd2NmNXMzJ4bjZuM0dselBHWGZiZHRZcmI1azRcL1lUY0FUcTJNN1RBUmxBNENjTTdCcWlJRmh3aXNOZFdwT3JzZmRBTW96dXFKaDRwVk9YR1R0aWllWVwvT0dxWCIsIm1hYyI6ImZiZTE5M2IzZjE1NjRiMGYwZGJhOWY0ZWJmNjU3M2QzZjY1Mzc1Zjc0ZjQwMWY1ZGI5ZWYxYmEzYzYyYzg0MDAifQ%3D%3D; expires=Fri, 09-Sep-2022 22:25:27 GMT; Max-Age=7200; path=/; httponly; secure
content-length: 155
content-encoding: br
vary: Accept-Encoding
date: Fri, 09 Sep 2022 20:25:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash b04d2ad6f3f2222a94ac97e6bd0a14aa
5ac023836b023a50598f4af71a200dab2017ece4
f3c38423138b30e0dbfa854103bbec5fb9b324b8a91cb91e9f61aa307450706f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 20:25:27 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2022 15:01:53 GMT
Expires: Thu, 15 Sep 2022 15:01:52 GMT
Etag: "5ac023836b023a50598f4af71a200dab2017ece4"
Cache-Control: max-age=498384,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7482a73aeb230b59-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8546
Expires: Fri, 09 Sep 2022 22:47:53 GMT
Date: Fri, 09 Sep 2022 20:25:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8546
Expires: Fri, 09 Sep 2022 22:47:53 GMT
Date: Fri, 09 Sep 2022 20:25:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8546
Expires: Fri, 09 Sep 2022 22:47:53 GMT
Date: Fri, 09 Sep 2022 20:25:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8546
Expires: Fri, 09 Sep 2022 22:47:53 GMT
Date: Fri, 09 Sep 2022 20:25:27 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F793f20c6-757e-47e5-8ab6-4d73ceae75af.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F793f20c6-757e-47e5-8ab6-4d73ceae75af.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9590b525c8b07a297c8784f02b161a1
cec8428d159a5bde29e89c64cfb04146f759d52b
d309772ce79d36f7b1df0a3ea85a01f8278db2909c860721d105b772efed82ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F793f20c6-757e-47e5-8ab6-4d73ceae75af.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4002
x-amzn-requestid: ea2f5309-e220-4b7e-b718-9339b9444cc2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YKQ6hHM8IAMFeJQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a61dc-7d45fd9253b7b7fa732b6f8d;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 21:42:52 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: VD7SlrM2RwFk5cfQvul2bTJA__GPYd5_UPY0D0_5NGLHoBj3yur7PA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 5abfab33f248090bb0f31ca137ce9464.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:05:15 GMT
age: 80412
etag: "cec8428d159a5bde29e89c64cfb04146f759d52b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F498f96cc-d02c-4ca3-a7e2-0be324253465.jpeg
34.120.237.76200 OK 3.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F498f96cc-d02c-4ca3-a7e2-0be324253465.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0078c7a407144a1ede33aef6f734eecf
113393e0dbabb3aff949d19ab6517ba1082b622d
42afcaf15e45dfa9aff14f59f69d60a3de127005e35783d2d35a4cfa652b57b3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F498f96cc-d02c-4ca3-a7e2-0be324253465.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3125
x-amzn-requestid: 5820e798-6469-40f9-8d70-ee71f1a163b9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YLM5GGQAoAMF8eQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ac1d3-3a0e9db848ea7ab145f1cffa;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 04:32:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: eZaKpjBYe3Qn7vs3zF52Cxob-xu3LMFs8esQAu6Lp6bzM0aOEHoXVg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1352c0a623ff0601dd16439f3f225f70.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 04:32:54 GMT
etag: "113393e0dbabb3aff949d19ab6517ba1082b622d"
content-type: image/jpeg
age: 57153
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9009587-828b-4a7a-8b84-f28d4b93cdef.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9009587-828b-4a7a-8b84-f28d4b93cdef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 60fa03262bb3728f24a4c7a8177ec788
09dcbdc6043f01dd56920cca3ce3920d0d07b795
e7448f186933f9848f1d55f0e8dba593918846d02fb9cc3a7cd86d69b96a7fde
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9009587-828b-4a7a-8b84-f28d4b93cdef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7515
x-amzn-requestid: bb6a7928-9bdc-44e7-8478-b415bc504343
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YJu0bGYdoAMF5jQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a2b4f-208339fd72e62dff4a2ba339;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 17:50:07 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: UaU9GK4lcCuAN2WghBDa7f-21dRTA4Fh1tlAmGFMKh4wQOGZlKdmOw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 21:46:49 GMT
etag: "09dcbdc6043f01dd56920cca3ce3920d0d07b795"
content-type: image/jpeg
age: 81518
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc632269f-fb89-42dc-acc4-f733f3d7beb7.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc632269f-fb89-42dc-acc4-f733f3d7beb7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a5fdeb374d4e3669ce5d9ff2cd22cd19
70ede5692526afd351d134a391383461dafdc64f
10c5d8e41aae1a36525a45375966b5067333f0c7edc176a540fd6527ebe1ad8c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc632269f-fb89-42dc-acc4-f733f3d7beb7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4532
x-amzn-requestid: e5694699-7f38-4542-8808-54bda7ee7d86
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YIMmGGUmIAMF2cw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63198e26-1aa6788e24fcfdf0008bee21;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 06:39:34 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: smtzoqnzJiET63xsW_r_-eVNsTK01mGqRbvuwekbqjnzS6Sb1fw9HQ==
via: 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 3c974a460e97e56c6eb1e6a30797d9d6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:54:58 GMT
etag: "70ede5692526afd351d134a391383461dafdc64f"
content-type: image/jpeg
age: 77429
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ee79a10-bae9-4fae-b19f-8beb6d75a42c.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ee79a10-bae9-4fae-b19f-8beb6d75a42c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 706c7ceb40056f848425ca7d994cedc8
b9b1bf8291b6a66f260f82947966fa01ca78c61f
739205893d17a123d2fac165f468314de14a99dc56c9e5b0ac79434f7c38b558
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ee79a10-bae9-4fae-b19f-8beb6d75a42c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7139
x-amzn-requestid: 5125cc11-410a-4a86-a0cf-68950433b602
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YFBoyHycIAMFxcw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6318496b-5579dee14390c1b63e97e0fc;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 07:34:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: 1_B0YRYqe6d5Tkoj4JvvTTArO1I5XfWVMUqFAY3rtPl2T0UenSeaeQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 f62c9ca47e35df5c65764381977823a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:02:44 GMT
age: 80563
etag: "b9b1bf8291b6a66f260f82947966fa01ca78c61f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9258cc3-ebbf-4d4c-85d1-6bc185623583.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9258cc3-ebbf-4d4c-85d1-6bc185623583.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7afe346e3b24ea4388913b449d1ffc42
f5348ba99fb8966dded580409108316f4e4e1237
1d1cafc3e99c20b23212679838567d4d5fc98c45cf902188e44b25ff2982c8ad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9258cc3-ebbf-4d4c-85d1-6bc185623583.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8354
x-amzn-requestid: e7ec7e84-0924-4f5f-b289-4c750ea99567
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YKQgHHnNIAMFlrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a6133-49565105361ec7f76cb818e0;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 21:40:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: DvCs6zEt1p58iwZaXfuF9YFA-fieE5Y974E07YMNYPiaGbR5iuXK-A==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 79880188a81becf1687ba18c0e064230.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 21:45:51 GMT
age: 81576
etag: "f5348ba99fb8966dded580409108316f4e4e1237"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
scemga.com/
162.0.232.190200 OK 1.9 kB IP 162.0.232.190:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 3bfda688e92c79a1b3c20d074339ac7f
ef88c2f3ebf31fb800643736dbf707498a9fcc39
775ece4bd126fd50f78a23b15642397a344e6cbed09daef7de3deb3b21a3ccc9
GET / HTTP/1.1
Host: scemga.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html
last-modified: Sun, 14 Aug 2022 01:40:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1932
date: Fri, 09 Sep 2022 20:25:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 55362bc853c99806e54641de1e0fdb0c
1c84425554ce994c84fd4d3b95833fed9bf16023
936a1c711aea3c55e6e270aec23f72818b7bbfed28b1c9859697050ebe9aaf4e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 20:25:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a4ae55dbf8e22a357ee36e37fafa37af
18d33f606a8bc692802cfaa3a22ceb4a5eedca8c
8343a46c0a87b15be71cab0ae84912ed07d3104d4b621c55e3cd69367f58ebb6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 20:25:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dc513273d935a8524458b56fdc99a2dc
59faee4590713691b080ad517d62ec9a9e8fedd2
0db2f67af16f1409e267b222d4efd174dbfbba07982c3fc7d9ef6c7043bd322a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0DB2F67AF16F1409E267B222D4EFD174DBFBBA07982C3FC7D9EF6C7043BD322A"
Last-Modified: Thu, 08 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7446
Expires: Fri, 09 Sep 2022 22:29:33 GMT
Date: Fri, 09 Sep 2022 20:25:27 GMT
Connection: keep-alive
www.googletagmanager.com/gtag/js?id=G-LR61DG565G
142.250.74.72200 OK 74 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-LR61DG565G
IP 142.250.74.72:0
File type ASCII text, with very long lines (17807)
Hash b05c2e79ad6c81fe9b3fea27b7be0090
2c5c947c529debfaf6f2f990903a2c8450f4be1a
cebc2e546806354b3acb8f5b1d3bfd474ac02f7326e27ec521e357af79d96e71
GET /gtag/js?id=G-LR61DG565G HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 09 Sep 2022 20:25:27 GMT
expires: Fri, 09 Sep 2022 20:25:27 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74185
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:300,400
142.250.74.10200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:300,400
IP 142.250.74.10:0
Hash 4b2363cd0cf0d1de455adc8638032210
41904d24464f969d9ee73489589868befeec12c8
414cf8d28c7b95d6281549d80c678bc5283cc0ba0ead638dd67ef1533e90eea1
GET /css?family=Open+Sans:300,400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Sep 2022 20:25:27 GMT
date: Fri, 09 Sep 2022 20:25:27 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a4ae55dbf8e22a357ee36e37fafa37af
18d33f606a8bc692802cfaa3a22ceb4a5eedca8c
8343a46c0a87b15be71cab0ae84912ed07d3104d4b621c55e3cd69367f58ebb6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 20:25:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
scemga.com/css/video-js.css
162.0.232.190200 OK 12 kB URL HTTP/2 scemga.com/css/video-js.css
IP 162.0.232.190:0
File type ASCII text, with very long lines (5636)
Hash 2dc969e66b226c6dfc62aa10a52bd6f7
229aada0d0a104c9c00a5c9c8409078e1be4899d
3628637744be12191478ef135d5d059e870ec46b013a212fb9019a2f243f3b8c
GET /css/video-js.css HTTP/1.1
Host: scemga.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://scemga.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 20:25:27 GMT
content-type: text/css
last-modified: Wed, 07 Nov 2018 23:58:40 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 11719
date: Fri, 09 Sep 2022 20:25:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
counter9.stat.ovh/private/contadorvisitasgratis.php?c=p9tpjma4ce67tky621bm7rwdpq4m2xyc
37.187.129.45200 OK 4.6 kB URL HTTP/1.1 counter9.stat.ovh/private/contadorvisitasgratis.php?c=p9tpjma4ce67tky621bm7rwdpq4m2xyc
IP 37.187.129.45:0
File type PNG image data, 357 x 51, 8-bit/color RGBA, non-interlaced\012- data
Hash 21547d738e602eb29db8609cc4b10860
36836c9d48dceb150f08d899169a177cbb054d79
4b9cdcc3c7e2f43a4078b09eec0c8cf220499d6f092513c117f4ec9dfd074b2c
GET /private/contadorvisitasgratis.php?c=p9tpjma4ce67tky621bm7rwdpq4m2xyc HTTP/1.1
Host: counter9.stat.ovh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 20:25:27 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
X-Powered-By: PHP/5.4.16
Connection: close
Transfer-Encoding: chunked
Content-Type: image/png
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7b6a370ce485875cc8f4f9c32225c696
2b83f4f8a26e0355f5faff11456a256ec49c589e
54e13fc85d5106310681e054169af1d302009c82ab39027c948091a22ce90ba3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54E13FC85D5106310681E054169AF1D302009C82AB39027C948091A22CE90BA3"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21568
Expires: Sat, 10 Sep 2022 02:24:56 GMT
Date: Fri, 09 Sep 2022 20:25:28 GMT
Connection: keep-alive
scemga.com/css/estilos.css
162.0.232.190200 OK 640 B URL HTTP/2 scemga.com/css/estilos.css
IP 162.0.232.190:0
Hash 7b1ed982268bcceff3e137c9c6c355e9
78a24b4f62b2bb78c55ca1236b07bb67bccbe1df
82aaf4cfbbad10526f9ff58ef18f4b1115c6da5ff1da8b3effb98c96dcd687a9
GET /css/estilos.css HTTP/1.1
Host: scemga.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://scemga.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 20:25:27 GMT
content-type: text/css
last-modified: Mon, 27 Jun 2022 01:40:13 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 640
date: Fri, 09 Sep 2022 20:25:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
scemga.com/nube.png
162.0.232.190200 OK 5.1 kB IP 162.0.232.190:0
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash e229ae51ee1a974c026c9798fa98d49a
81fb7e694f0b0f4bfdeab1f2dcef9b335ac77b40
fe06dc268acc732b006424477eac761fa6d77ddc1c8c7316255726f249ae0a95
GET /nube.png HTTP/1.1
Host: scemga.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://scemga.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 20:25:27 GMT
content-type: image/png
last-modified: Sat, 23 Apr 2022 04:15:04 GMT
accept-ranges: bytes
content-length: 5124
date: Fri, 09 Sep 2022 20:25:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
scemga.com/js/video.js
162.0.232.190200 OK 509 kB IP 162.0.232.190:0
File type ASCII text, with very long lines (491)
Size 509 kB (509118 bytes)
Hash 0a99931facc480745b8e91df35c7454d
4d3fa41dbcc80137cb601d2f2f003b4adf1b91ee
1d970785a33967eb6d06df1a41b7151e026e8aacbceb7f53664215b4e2d7cd8a
GET /js/video.js HTTP/1.1
Host: scemga.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://scemga.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 20:25:27 GMT
content-type: application/javascript
last-modified: Wed, 07 Nov 2018 23:58:40 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 509118
date: Fri, 09 Sep 2022 20:25:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ebc205cf750164c31d1fce2318d1636b
9309949107d69193b1c5156d45fbcc91e20a0fe4
4ab7f53d17c5d642e17a3e78aa93dc133c4713e44ccccb849f04fdcca62be8b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 20:25:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.163200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://scemga.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 08:31:01 GMT
expires: Wed, 06 Sep 2023 08:31:01 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
age: 302068
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 61961ee76ab6c28f6e17eb7a1df4a3ea
ab4e8c9c284a0eed6b2fab77c9df432839158b3a
9e3bec23cc8ea49ab4e3a3a244a428c59e6c48c80359c473155584807ba0de41
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 20:25:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lightingstipulate.com/9935cef1b3bb2b1a4bb4c4b36a250640/invoke.js
192.243.59.12200 OK 9.8 kB URL HTTP/1.1 lightingstipulate.com/9935cef1b3bb2b1a4bb4c4b36a250640/invoke.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26973), with no line terminators
Hash 74a1af73e184692c9578bedd66d8f2ba
bf47a72e5a2c0136a1ea51582e9a2cbb51d8fb15
a74c410b022b3c4578993b4674f72b8f3b72a8092f6e3e9ffb0a503cb3d06c75
Analyzer Verdict Alert quad9 Sinkholed
GET /9935cef1b3bb2b1a4bb4c4b36a250640/invoke.js HTTP/1.1
Host: lightingstipulate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 09 Sep 2022 20:25:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c62b859ceb5cbc9152a1577e1ae43cc0
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 180750f63aa7b3ca11be257a1837e7a4
2bdea9b6f133b088143fd6fdcd5eccb4c29a1e53
1c44497894377a85da8493a8da6b8ec59f02ebf9408c0b2a6d6e72b5d7637519
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 09 Sep 2022 20:25:30 GMT
Last-Modified: Fri, 09 Sep 2022 19:38:25 GMT
Server: ECS (nyb/1D22)
X-Cache: Miss from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: LDRegrI0Ly8FPdkUFfgQxdidboESi0btNn8KB4leKGFnbQSnJXAnBA==
Age: 2825
lightingstipulate.com/266a36cd73aff36a5161bebe0973d5be/invoke.js
192.243.59.12200 OK 9.8 kB URL HTTP/1.1 lightingstipulate.com/266a36cd73aff36a5161bebe0973d5be/invoke.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26949), with no line terminators
Hash 5e1845b45729863c9f7e1f39c159123c
61e9716b8c7f642a1d7d6b0d2155123ccc9caedc
d6b57361fe840ef881fca1d5369c84aa4e42e2dba074ad529d66d6c754b92f49
Analyzer Verdict Alert quad9 Sinkholed
GET /266a36cd73aff36a5161bebe0973d5be/invoke.js HTTP/1.1
Host: lightingstipulate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 09 Sep 2022 20:25:30 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c9ce1e9740abe6f1bdbbe678f33a16b8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
simplewebanalysis.com/stats
52.59.153.168200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.59.153.168:0
File type ASCII text, with no line terminators
Hash 8f76908adf24612d4e19a3b90078a948
33b91471d744642cf212526295a0db97298b7d8a
7d4fd99195c03d3c6c29a510223773c57c3b2c7ba1a8182afd11a445df8ac960
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://scemga.com
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 20:25:30 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://scemga.com
access-control-allow-credentials: true
set-cookie: uid_id2=0b837308-1ddb-4080-9e00-199883a1d3ec:1:1; expires=Mon, 06 Sep 2032 20:25:30 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.59.153.168200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.59.153.168:0
File type ASCII text, with no line terminators
Hash 4458010ec3fa3f7bd5094d8bcd2da687
80c896b3db195aaf582195824a426a1dbda7a22a
e21bea683899636178ca1ac9dd271d796ed1c906fadd076e3f7bdaf5e0926ad8
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://scemga.com
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 20:25:30 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://scemga.com
access-control-allow-credentials: true
set-cookie: uid_id2=60be688f-19a7-4689-94ed-5c305201ffca:3:1; expires=Mon, 06 Sep 2032 20:25:30 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
lightingstipulate.com/4410ffd8c93e6372e161f4b0a12f2ccd/invoke.js
192.243.59.12200 OK 9.8 kB URL HTTP/1.1 lightingstipulate.com/4410ffd8c93e6372e161f4b0a12f2ccd/invoke.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26941), with no line terminators
Hash c66558bd1fed5ad6e66579044f0beb52
3c9048247e2d89390e41210afc052380df8cf618
2e34536e7fd2e98f651e4843b4c9b6901ebe8f3d448f9741696e56280691f754
Analyzer Verdict Alert quad9 Sinkholed
GET /4410ffd8c93e6372e161f4b0a12f2ccd/invoke.js HTTP/1.1
Host: lightingstipulate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 09 Sep 2022 20:25:30 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7a75fc6500a1d1bde4a784f846d3479f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
lightingstipulate.com/4410ffd8c93e6372e161f4b0a12f2ccd/invoke.js
192.243.59.12200 OK 9.8 kB URL HTTP/1.1 lightingstipulate.com/4410ffd8c93e6372e161f4b0a12f2ccd/invoke.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26949), with no line terminators
Hash 5e1845b45729863c9f7e1f39c159123c
61e9716b8c7f642a1d7d6b0d2155123ccc9caedc
d6b57361fe840ef881fca1d5369c84aa4e42e2dba074ad529d66d6c754b92f49
Analyzer Verdict Alert quad9 Sinkholed
GET /4410ffd8c93e6372e161f4b0a12f2ccd/invoke.js HTTP/1.1
Host: lightingstipulate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 09 Sep 2022 20:25:30 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: feaa0086987556af86ea952ea9fa9365
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
lightingstipulate.com/4410ffd8c93e6372e161f4b0a12f2ccd/invoke.js
192.243.59.12200 OK 9.8 kB URL HTTP/1.1 lightingstipulate.com/4410ffd8c93e6372e161f4b0a12f2ccd/invoke.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26951), with no line terminators
Hash 2ac9f6c660555a6224de3762d7946dd9
ca21f1e15a73469f8d99a5f8310c6f6803ef2418
63c4522f200f6e6af8dcff2c398b02cdd1d9daab847a66a963c056cca4eee9ff
Analyzer Verdict Alert quad9 Sinkholed
GET /4410ffd8c93e6372e161f4b0a12f2ccd/invoke.js HTTP/1.1
Host: lightingstipulate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 09 Sep 2022 20:25:30 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4d6c9a2366d18c4018c97051a8b00fcd
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f5c5d39ff1cc675bc37c07a40655a408
6daca1766bc3ab73632d49448d4f20b20d0c4756
15902ae4e81ef54f6293b4d981d8a026c8fcddfa10fd334296e08071fedd0715
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "15902AE4E81EF54F6293B4D981D8A026C8FCDDFA10FD334296E08071FEDD0715"
Last-Modified: Thu, 08 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18067
Expires: Sat, 10 Sep 2022 01:26:37 GMT
Date: Fri, 09 Sep 2022 20:25:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ff4a192bbe7136998c8faf6c3093f619
89fca9413b769fd302dfc33762c87f00ec6e7d80
aaedaf54ffcf303929b5e84dbfd139ea6f6230e3e1f289e77b1a143c4ff64581
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AAEDAF54FFCF303929B5E84DBFD139EA6F6230E3E1F289E77B1A143C4FF64581"
Last-Modified: Thu, 08 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13128
Expires: Sat, 10 Sep 2022 00:04:18 GMT
Date: Fri, 09 Sep 2022 20:25:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ff4a192bbe7136998c8faf6c3093f619
89fca9413b769fd302dfc33762c87f00ec6e7d80
aaedaf54ffcf303929b5e84dbfd139ea6f6230e3e1f289e77b1a143c4ff64581
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AAEDAF54FFCF303929B5E84DBFD139EA6F6230E3E1F289E77B1A143C4FF64581"
Last-Modified: Thu, 08 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13128
Expires: Sat, 10 Sep 2022 00:04:18 GMT
Date: Fri, 09 Sep 2022 20:25:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5062a86b01f1f8de3654dfde17be1b32
263ae6891668d021b3812d08f074899962d280a8
f19e99b8535ff842faee82c41ecc91dcb3204e73d05f9199162f3f2fb7effae4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F19E99B8535FF842FAEE82C41ECC91DCB3204E73D05F9199162F3F2FB7EFFAE4"
Last-Modified: Fri, 09 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3787
Expires: Fri, 09 Sep 2022 21:28:37 GMT
Date: Fri, 09 Sep 2022 20:25:30 GMT
Connection: keep-alive
lightingstipulate.com/79058c42da72db7016303f55ac74fc51/invoke.js
192.243.59.12200 OK 9.3 kB URL HTTP/1.1 lightingstipulate.com/79058c42da72db7016303f55ac74fc51/invoke.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (25096), with no line terminators
Hash d8dfa387563260f248f027611a073390
84caa6e159731648f8c4af497e375d1bb675c736
1570eb7e793708fbc7a910da0147f6ba302aec8bf455680facaf8f54b899b4b7
Analyzer Verdict Alert quad9 Sinkholed
GET /79058c42da72db7016303f55ac74fc51/invoke.js HTTP/1.1
Host: lightingstipulate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 09 Sep 2022 20:25:30 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 011621e121fd296037d7dc5d9ce2c699
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
limitationvolleyballdejected.com/watch.768439183503.js?key=9935cef1b3bb2b1a4bb4c4b36a250640&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=0b837308-1ddb-4080-9e00-199883a1d3ec%3A1%3A1
173.233.137.60307 Temporary Redirect 0 B URL HTTP/1.1 limitationvolleyballdejected.com/watch.768439183503.js?key=9935cef1b3bb2b1a4bb4c4b36a250640&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=0b837308-1ddb-4080-9e00-199883a1d3ec%3A1%3A1
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.768439183503.js?key=9935cef1b3bb2b1a4bb4c4b36a250640&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=0b837308-1ddb-4080-9e00-199883a1d3ec%3A1%3A1 HTTP/1.1
Host: limitationvolleyballdejected.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://scemga.com
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Fri, 09 Sep 2022 20:25:30 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://scemga.com
Access-Control-Allow-Origin: https://scemga.com
Access-Control-Allow-Credentials: true
Location: https://limitationvolleyballdejected.com/watch.768439183503.js?key=9935cef1b3bb2b1a4bb4c4b36a250640&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=0b837308-1ddb-4080-9e00-199883a1d3ec%3A1%3A1&shu=9dd035bfa58ae6ce3ede6134b13635fea4a686b593731cc5c1005564f215c9002fac6234ce0103e04c3e6470e21638d200bdfcfa1cbdc70ac6b5990eed2ec5aa0836d6488caa7a9b97d9da38dd9110a5e20555a0f71df94d214f49e2ea29&pst=1662755190&rmtc=t
Set-Cookie: u_pl=16430306; expires=Sat, 10 Sep 2022 20:25:30 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjQzMDMwNiwiayI6Ijk5MzVjZWYxYjNiYjJiMWE0YmI0YzRiMzZhMjUwNjQwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjA0Mzk1LCJwaWQiOjMzODk3MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozMSwiYWlkIjoyNywicHQiOjQsInBrIjoibTR2NXpobWYiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vc2NlbWdhLmNvbS8ifX0.xtjr82NOoz6Cget8zOhvlDYGN1eO9y8kKchioWQkKDQ; expires=Fri, 09 Sep 2022 20:26:30 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 15f6109580617dd650140cc1e228e619
Strict-Transport-Security: max-age=0; includeSubdomains
treatycalculator.com/watch.145304988197.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=60be688f-19a7-4689-94ed-5c305201ffca%3A3%3A1
192.243.61.225307 Temporary Redirect 0 B URL HTTP/1.1 treatycalculator.com/watch.145304988197.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=60be688f-19a7-4689-94ed-5c305201ffca%3A3%3A1
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.145304988197.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=60be688f-19a7-4689-94ed-5c305201ffca%3A3%3A1 HTTP/1.1
Host: treatycalculator.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://scemga.com
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.22.0
Date: Fri, 09 Sep 2022 20:25:30 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://scemga.com
Access-Control-Allow-Origin: https://scemga.com
Access-Control-Allow-Credentials: true
Location: https://treatycalculator.com/watch.145304988197.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=60be688f-19a7-4689-94ed-5c305201ffca%3A3%3A1&shu=2c84714e9b17b2ee43a9ad10c1a0e02f73c1780c8271ccdec41ba60dd37f1fbaafcf0758366cdd99e8d132a7da7f36957a486f610f859a894553ad95abf2359700a7edcb10f684c2d768511d83256b737cb6f6&pst=1662755190&rmtc=t
Set-Cookie: u_pl=16429610; expires=Sat, 10 Sep 2022 20:25:30 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjQyOTYxMCwiayI6IjQ0MTBmZmQ4YzkzZTYzNzJlMTYxZjRiMGExMmYyY2NkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjA0Mzk1LCJwaWQiOjMzODk3MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJqMTBlaGprcSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9zY2VtZ2EuY29tLyJ9fQ.9uehDUanOVklfpY1wzpKxn6HnAxwRF_H-v0BDTutXI0; expires=Fri, 09 Sep 2022 20:26:30 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3a511fb2733f95df58840a9d8c678f23
Strict-Transport-Security: max-age=0; includeSubdomains
forgerylimit.com/watch.181575105859.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=60be688f-19a7-4689-94ed-5c305201ffca%3A3%3A1
192.243.59.20307 Temporary Redirect 0 B URL HTTP/1.1 forgerylimit.com/watch.181575105859.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=60be688f-19a7-4689-94ed-5c305201ffca%3A3%3A1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.181575105859.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=60be688f-19a7-4689-94ed-5c305201ffca%3A3%3A1 HTTP/1.1
Host: forgerylimit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://scemga.com
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.9
Date: Fri, 09 Sep 2022 20:25:30 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://scemga.com
Access-Control-Allow-Origin: https://scemga.com
Access-Control-Allow-Credentials: true
Location: https://forgerylimit.com/watch.181575105859.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=60be688f-19a7-4689-94ed-5c305201ffca%3A3%3A1&shu=55ae8e5f9c2ae549c8c7a83aae31039b18fef30c8a23b559d5b55f8a033058201065e9c9f69544b7148efdfeea667914eb78f158ef1e99341f30e8d0dbca778221a91089541166eda3648ce67e054650f55a57c2&pst=1662755190&rmtc=t
Set-Cookie: u_pl=16429610; expires=Sat, 10 Sep 2022 20:25:30 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjQyOTYxMCwiayI6IjQ0MTBmZmQ4YzkzZTYzNzJlMTYxZjRiMGExMmYyY2NkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjA0Mzk1LCJwaWQiOjMzODk3MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJqMTBlaGprcSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9zY2VtZ2EuY29tLyJ9fQ.9uehDUanOVklfpY1wzpKxn6HnAxwRF_H-v0BDTutXI0; expires=Fri, 09 Sep 2022 20:26:30 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 86d27560e38f6e8103fdf7de21ea2fe0
Strict-Transport-Security: max-age=0; includeSubdomains
treatycalculator.com/watch.216779784160.js?key=266a36cd73aff36a5161bebe0973d5be&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=60be688f-19a7-4689-94ed-5c305201ffca%3A3%3A1
192.243.61.225307 Temporary Redirect 0 B URL HTTP/1.1 treatycalculator.com/watch.216779784160.js?key=266a36cd73aff36a5161bebe0973d5be&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=60be688f-19a7-4689-94ed-5c305201ffca%3A3%3A1
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.216779784160.js?key=266a36cd73aff36a5161bebe0973d5be&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=60be688f-19a7-4689-94ed-5c305201ffca%3A3%3A1 HTTP/1.1
Host: treatycalculator.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://scemga.com
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.22.0
Date: Fri, 09 Sep 2022 20:25:30 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://scemga.com
Access-Control-Allow-Origin: https://scemga.com
Access-Control-Allow-Credentials: true
Location: https://treatycalculator.com/watch.216779784160.js?key=266a36cd73aff36a5161bebe0973d5be&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=60be688f-19a7-4689-94ed-5c305201ffca%3A3%3A1&shu=51b3e4c6c28e6e0b5e093576ea950685082c0404becec91c906ded2373dd0380e26b2a7b2e789be550ec2cd2db62d32e23b9b4d810db7abf341fbbe1870a21419260473fcdb08d6941d8bda30a3e4d8a516995c0&pst=1662755190&rmtc=t
Set-Cookie: u_pl=16429602; expires=Sat, 10 Sep 2022 20:25:30 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjQyOTYwMiwiayI6IjI2NmEzNmNkNzNhZmYzNmE1MTYxYmViZTA5NzNkNWJlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjA0Mzk1LCJwaWQiOjMzODk3MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozMSwiYWlkIjozMiwicHQiOjQsInBrIjoiZXRwOHdjdWMiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vc2NlbWdhLmNvbS8ifX0.6y_kUR8S_WinywlQ4Tf1nGEIxVsWyxYXXw0XMOi2y2g; expires=Fri, 09 Sep 2022 20:26:30 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d41138c7965f097bde86569ca9867ce3
Strict-Transport-Security: max-age=0; includeSubdomains
lightingstipulate.com/4410ffd8c93e6372e161f4b0a12f2ccd/invoke.js
192.243.59.12200 OK 9.8 kB URL HTTP/1.1 lightingstipulate.com/4410ffd8c93e6372e161f4b0a12f2ccd/invoke.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26973), with no line terminators
Hash 74a1af73e184692c9578bedd66d8f2ba
bf47a72e5a2c0136a1ea51582e9a2cbb51d8fb15
a74c410b022b3c4578993b4674f72b8f3b72a8092f6e3e9ffb0a503cb3d06c75
Analyzer Verdict Alert quad9 Sinkholed
GET /4410ffd8c93e6372e161f4b0a12f2ccd/invoke.js HTTP/1.1
Host: lightingstipulate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 09 Sep 2022 20:25:30 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8c547b381cbf2382949e60891f855d8f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
limitationvolleyballdejected.com/watch.768439183503.js?key=9935cef1b3bb2b1a4bb4c4b36a250640&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=0b837308-1ddb-4080-9e00-199883a1d3ec%3A1%3A1&shu=9dd035bfa58ae6ce3ede6134b13635fea4a686b593731cc5c1005564f215c9002fac6234ce0103e04c3e6470e21638d200bdfcfa1cbdc70ac6b5990eed2ec5aa0836d6488caa7a9b97d9da38dd9110a5e20555a0f71df94d214f49e2ea29&pst=1662755190&rmtc=t
173.233.137.60200 OK 2.1 kB URL HTTP/1.1 limitationvolleyballdejected.com/watch.768439183503.js?key=9935cef1b3bb2b1a4bb4c4b36a250640&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=0b837308-1ddb-4080-9e00-199883a1d3ec%3A1%3A1&shu=9dd035bfa58ae6ce3ede6134b13635fea4a686b593731cc5c1005564f215c9002fac6234ce0103e04c3e6470e21638d200bdfcfa1cbdc70ac6b5990eed2ec5aa0836d6488caa7a9b97d9da38dd9110a5e20555a0f71df94d214f49e2ea29&pst=1662755190&rmtc=t
IP 173.233.137.60:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (2638)
Hash 625fc28afdf34f130ca6c3ff46281ee7
cce652102d1dccc1ef0c6f0f06055d71d82bc727
7205b076944284fcaa35e27ec6224ea35a82f14b1844fc96007ebe2ad25d0fa1
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.768439183503.js?key=9935cef1b3bb2b1a4bb4c4b36a250640&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=0b837308-1ddb-4080-9e00-199883a1d3ec%3A1%3A1&shu=9dd035bfa58ae6ce3ede6134b13635fea4a686b593731cc5c1005564f215c9002fac6234ce0103e04c3e6470e21638d200bdfcfa1cbdc70ac6b5990eed2ec5aa0836d6488caa7a9b97d9da38dd9110a5e20555a0f71df94d214f49e2ea29&pst=1662755190&rmtc=t HTTP/1.1
Host: limitationvolleyballdejected.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://scemga.com
Referer: https://scemga.com/
Connection: keep-alive
Cookie: u_pl=16430306; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjQzMDMwNiwiayI6Ijk5MzVjZWYxYjNiYjJiMWE0YmI0YzRiMzZhMjUwNjQwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjA0Mzk1LCJwaWQiOjMzODk3MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozMSwiYWlkIjoyNywicHQiOjQsInBrIjoibTR2NXpobWYiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vc2NlbWdhLmNvbS8ifX0.xtjr82NOoz6Cget8zOhvlDYGN1eO9y8kKchioWQkKDQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Sep 2022 20:25:30 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://scemga.com
Access-Control-Allow-Origin: https://scemga.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=0b837308-1ddb-4080-9e00-199883a1d3ec:1:1; expires=Fri, 16 Sep 2022 20:25:30 GMT; secure; SameSite=None
iprcdf5d59169a529bc80c1205bdae5006aa=3569807; expires=Sat, 10 Sep 2022 00:25:30 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 10 Sep 2022 20:25:30 GMT; secure; SameSite=None
uncs=1; expires=Sat, 10 Sep 2022 20:25:30 GMT; secure; SameSite=None
pdhtkv27=true; expires=Sat, 10 Sep 2022 20:25:30 GMT; secure; SameSite=None
uncs27=1; expires=Sat, 10 Sep 2022 20:25:30 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ba82d43b49f874c4f5b670a438501a92
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 271f82369baec2c2391db403214eaab8
3e07fa6506f6dddaadebc70688bc3685e77aea8a
302ffdeaf3be823f5d18e0b8dc7b6b46362d62e94ef6b4c2f48493e50cf0c990
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "302FFDEAF3BE823F5D18E0B8DC7B6B46362D62E94EF6B4C2F48493E50CF0C990"
Last-Modified: Fri, 09 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13562
Expires: Sat, 10 Sep 2022 00:11:33 GMT
Date: Fri, 09 Sep 2022 20:25:31 GMT
Connection: keep-alive
forgerylimit.com/watch.181575105859.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=60be688f-19a7-4689-94ed-5c305201ffca%3A3%3A1&shu=55ae8e5f9c2ae549c8c7a83aae31039b18fef30c8a23b559d5b55f8a033058201065e9c9f69544b7148efdfeea667914eb78f158ef1e99341f30e8d0dbca778221a91089541166eda3648ce67e054650f55a57c2&pst=1662755190&rmtc=t
192.243.59.20200 OK 2.1 kB URL HTTP/1.1 forgerylimit.com/watch.181575105859.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=60be688f-19a7-4689-94ed-5c305201ffca%3A3%3A1&shu=55ae8e5f9c2ae549c8c7a83aae31039b18fef30c8a23b559d5b55f8a033058201065e9c9f69544b7148efdfeea667914eb78f158ef1e99341f30e8d0dbca778221a91089541166eda3648ce67e054650f55a57c2&pst=1662755190&rmtc=t
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (2590)
Hash 0b86acb227f6e43246e8e47cf727dc60
e78b0fb596dbed2b357fe29360c8a8158e2ec22e
a036efff82dafc045a3956a9b42ca2ada9369f21f97d9e12df0ceb12f0d2d095
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.181575105859.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=60be688f-19a7-4689-94ed-5c305201ffca%3A3%3A1&shu=55ae8e5f9c2ae549c8c7a83aae31039b18fef30c8a23b559d5b55f8a033058201065e9c9f69544b7148efdfeea667914eb78f158ef1e99341f30e8d0dbca778221a91089541166eda3648ce67e054650f55a57c2&pst=1662755190&rmtc=t HTTP/1.1
Host: forgerylimit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://scemga.com
Referer: https://scemga.com/
Connection: keep-alive
Cookie: u_pl=16429610; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjQyOTYxMCwiayI6IjQ0MTBmZmQ4YzkzZTYzNzJlMTYxZjRiMGExMmYyY2NkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjA0Mzk1LCJwaWQiOjMzODk3MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJqMTBlaGprcSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9zY2VtZ2EuY29tLyJ9fQ.9uehDUanOVklfpY1wzpKxn6HnAxwRF_H-v0BDTutXI0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 09 Sep 2022 20:25:30 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://scemga.com
Access-Control-Allow-Origin: https://scemga.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=60be688f-19a7-4689-94ed-5c305201ffca:3:1; expires=Fri, 16 Sep 2022 20:25:30 GMT; secure; SameSite=None
iprcf169fd4c71264c0de9eb19d75e2eafad=3569806; expires=Sat, 10 Sep 2022 00:25:30 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 10 Sep 2022 20:25:30 GMT; secure; SameSite=None
uncs=1; expires=Sat, 10 Sep 2022 20:25:30 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sat, 10 Sep 2022 20:25:30 GMT; secure; SameSite=None
uncs5=1; expires=Sat, 10 Sep 2022 20:25:30 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: be6a818c678a3d36f3afdc9167c48091
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
limitationvolleyballdejected.com/watch.1344558279259.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=60be688f-19a7-4689-94ed-5c305201ffca%3A3%3A1
173.233.137.60307 Temporary Redirect 0 B URL HTTP/1.1 limitationvolleyballdejected.com/watch.1344558279259.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=60be688f-19a7-4689-94ed-5c305201ffca%3A3%3A1
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1344558279259.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=60be688f-19a7-4689-94ed-5c305201ffca%3A3%3A1 HTTP/1.1
Host: limitationvolleyballdejected.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://scemga.com
Connection: keep-alive
Referer: https://scemga.com/
Cookie: u_pl=16430306; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjQzMDMwNiwiayI6Ijk5MzVjZWYxYjNiYjJiMWE0YmI0YzRiMzZhMjUwNjQwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjA0Mzk1LCJwaWQiOjMzODk3MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozMSwiYWlkIjoyNywicHQiOjQsInBrIjoibTR2NXpobWYiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vc2NlbWdhLmNvbS8ifX0.xtjr82NOoz6Cget8zOhvlDYGN1eO9y8kKchioWQkKDQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Fri, 09 Sep 2022 20:25:31 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://scemga.com
Access-Control-Allow-Origin: https://scemga.com
Access-Control-Allow-Credentials: true
Location: https://limitationvolleyballdejected.com/watch.1344558279259.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=60be688f-19a7-4689-94ed-5c305201ffca%3A3%3A1&shu=6b568d0f30e72a0f45ea29c20aaeb548d6d6bd58048fa59cc6e07ee9f8faaee599cd0a5dbb04d26993cbb584547056458b12ee577deafb5bbac785124c55bc5a64db0e667f2b515c28826e26583a52b91b3388ddf99b0b9bff3c045fb1ec4d02&pst=1662755191&rmtc=t
Set-Cookie: u_pl=16430306,16429610; expires=Sat, 10 Sep 2022 20:25:31 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjQyOTYxMCwiayI6IjQ0MTBmZmQ4YzkzZTYzNzJlMTYxZjRiMGExMmYyY2NkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjA0Mzk1LCJwaWQiOjMzODk3MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJqMTBlaGprcSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9zY2VtZ2EuY29tLyJ9fQ.9uehDUanOVklfpY1wzpKxn6HnAxwRF_H-v0BDTutXI0; expires=Fri, 09 Sep 2022 20:26:31 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 41b7d2d675c070c5bbd88bd915cabe36
Strict-Transport-Security: max-age=0; includeSubdomains
treatycalculator.com/watch.216779784160.js?key=266a36cd73aff36a5161bebe0973d5be&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=60be688f-19a7-4689-94ed-5c305201ffca%3A3%3A1&shu=51b3e4c6c28e6e0b5e093576ea950685082c0404becec91c906ded2373dd0380e26b2a7b2e789be550ec2cd2db62d32e23b9b4d810db7abf341fbbe1870a21419260473fcdb08d6941d8bda30a3e4d8a516995c0&pst=1662755190&rmtc=t
192.243.61.225200 OK 2.1 kB URL HTTP/1.1 treatycalculator.com/watch.216779784160.js?key=266a36cd73aff36a5161bebe0973d5be&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=60be688f-19a7-4689-94ed-5c305201ffca%3A3%3A1&shu=51b3e4c6c28e6e0b5e093576ea950685082c0404becec91c906ded2373dd0380e26b2a7b2e789be550ec2cd2db62d32e23b9b4d810db7abf341fbbe1870a21419260473fcdb08d6941d8bda30a3e4d8a516995c0&pst=1662755190&rmtc=t
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (2607)
Hash 5ea99aba55637352fe65d46c1c952d66
5bef4e69c6ea250f4a37c00f8b759b0149ea859c
62f7bb8edb87b1ce4d26a950a40754c8358463d6f4d638be09586234867308a7
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.216779784160.js?key=266a36cd73aff36a5161bebe0973d5be&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=60be688f-19a7-4689-94ed-5c305201ffca%3A3%3A1&shu=51b3e4c6c28e6e0b5e093576ea950685082c0404becec91c906ded2373dd0380e26b2a7b2e789be550ec2cd2db62d32e23b9b4d810db7abf341fbbe1870a21419260473fcdb08d6941d8bda30a3e4d8a516995c0&pst=1662755190&rmtc=t HTTP/1.1
Host: treatycalculator.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://scemga.com
Referer: https://scemga.com/
Connection: keep-alive
Cookie: u_pl=16429602; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjQyOTYwMiwiayI6IjI2NmEzNmNkNzNhZmYzNmE1MTYxYmViZTA5NzNkNWJlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjA0Mzk1LCJwaWQiOjMzODk3MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozMSwiYWlkIjozMiwicHQiOjQsInBrIjoiZXRwOHdjdWMiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vc2NlbWdhLmNvbS8ifX0.6y_kUR8S_WinywlQ4Tf1nGEIxVsWyxYXXw0XMOi2y2g
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Fri, 09 Sep 2022 20:25:31 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://scemga.com
Access-Control-Allow-Origin: https://scemga.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=60be688f-19a7-4689-94ed-5c305201ffca:3:1; expires=Fri, 16 Sep 2022 20:25:31 GMT; secure; SameSite=None
iprcbde18f61300e5bdc62ad8c48f8794e78=3570421; expires=Sat, 10 Sep 2022 00:25:31 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 10 Sep 2022 20:25:31 GMT; secure; SameSite=None
uncs=1; expires=Sat, 10 Sep 2022 20:25:31 GMT; secure; SameSite=None
pdhtkv32=true; expires=Sat, 10 Sep 2022 20:25:31 GMT; secure; SameSite=None
uncs32=1; expires=Sat, 10 Sep 2022 20:25:31 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ccca8c656365940ae312c084481bf3d4
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a1543fa75949583b4223a1d3f0f8b937
fe06a05582a0cdc1cde39f17fac440a1d43495ab
46fa93a75d4bb081e5f0e3c098d97e5b9364364d29f6b1c814ae582dc675c110
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46FA93A75D4BB081E5F0E3C098D97E5B9364364D29F6B1C814AE582DC675C110"
Last-Modified: Fri, 09 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11704
Expires: Fri, 09 Sep 2022 23:40:35 GMT
Date: Fri, 09 Sep 2022 20:25:31 GMT
Connection: keep-alive
treatycalculator.com/watch.145304988197.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=60be688f-19a7-4689-94ed-5c305201ffca%3A3%3A1&shu=2c84714e9b17b2ee43a9ad10c1a0e02f73c1780c8271ccdec41ba60dd37f1fbaafcf0758366cdd99e8d132a7da7f36957a486f610f859a894553ad95abf2359700a7edcb10f684c2d768511d83256b737cb6f6&pst=1662755190&rmtc=t
192.243.61.225200 OK 2.1 kB URL HTTP/1.1 treatycalculator.com/watch.145304988197.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=60be688f-19a7-4689-94ed-5c305201ffca%3A3%3A1&shu=2c84714e9b17b2ee43a9ad10c1a0e02f73c1780c8271ccdec41ba60dd37f1fbaafcf0758366cdd99e8d132a7da7f36957a486f610f859a894553ad95abf2359700a7edcb10f684c2d768511d83256b737cb6f6&pst=1662755190&rmtc=t
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (2612)
Hash ab759052f2f507e5ef352389817c6dc2
987911b3a7586e4358c785bc8ba7a93c09c6734f
5a69adaed3bd3409c48e2c69491800a4c0f7c48ebb521c824a90c0a9d188f0e9
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.145304988197.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=60be688f-19a7-4689-94ed-5c305201ffca%3A3%3A1&shu=2c84714e9b17b2ee43a9ad10c1a0e02f73c1780c8271ccdec41ba60dd37f1fbaafcf0758366cdd99e8d132a7da7f36957a486f610f859a894553ad95abf2359700a7edcb10f684c2d768511d83256b737cb6f6&pst=1662755190&rmtc=t HTTP/1.1
Host: treatycalculator.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://scemga.com
Referer: https://scemga.com/
Connection: keep-alive
Cookie: u_pl=16429610; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjQyOTYxMCwiayI6IjQ0MTBmZmQ4YzkzZTYzNzJlMTYxZjRiMGExMmYyY2NkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjA0Mzk1LCJwaWQiOjMzODk3MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJqMTBlaGprcSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9zY2VtZ2EuY29tLyJ9fQ.9uehDUanOVklfpY1wzpKxn6HnAxwRF_H-v0BDTutXI0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Fri, 09 Sep 2022 20:25:31 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://scemga.com
Access-Control-Allow-Origin: https://scemga.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=60be688f-19a7-4689-94ed-5c305201ffca:3:1; expires=Fri, 16 Sep 2022 20:25:30 GMT; secure; SameSite=None
iprc42e22459f8455024a4693f78627c1b3c=3569806; expires=Sat, 10 Sep 2022 00:25:31 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 10 Sep 2022 20:25:31 GMT; secure; SameSite=None
uncs=1; expires=Sat, 10 Sep 2022 20:25:31 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sat, 10 Sep 2022 20:25:31 GMT; secure; SameSite=None
uncs5=1; expires=Sat, 10 Sep 2022 20:25:31 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5a47c499804550e6aa0c90949bfe7c33
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
lightingstipulate.com/4410ffd8c93e6372e161f4b0a12f2ccd/invoke.js
192.243.59.12200 OK 9.8 kB URL HTTP/1.1 lightingstipulate.com/4410ffd8c93e6372e161f4b0a12f2ccd/invoke.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26949), with no line terminators
Hash 5e1845b45729863c9f7e1f39c159123c
61e9716b8c7f642a1d7d6b0d2155123ccc9caedc
d6b57361fe840ef881fca1d5369c84aa4e42e2dba074ad529d66d6c754b92f49
Analyzer Verdict Alert quad9 Sinkholed
GET /4410ffd8c93e6372e161f4b0a12f2ccd/invoke.js HTTP/1.1
Host: lightingstipulate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 09 Sep 2022 20:25:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3dc80c14b13da1692a48afea5d0d8f91
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdn.cloudimagesb.com/cti/56/ef/55/56ef55f6ef3bc03e69b8d66da27f0cd1/1658920055.png
45.133.44.10200 OK 67 kB URL HTTP/2 cdn.cloudimagesb.com/cti/56/ef/55/56ef55f6ef3bc03e69b8d66da27f0cd1/1658920055.png
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 468 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash a98b4585db1c6db06d6857c73bb75fcb
02a896b08a79e873b2dd26200ee1f0665dc1c80a
fc08e863ffafe25aa63fe8b60c2d5135fc5f52caf0abae4da3f1a90e0f8ed96c
GET /cti/56/ef/55/56ef55f6ef3bc03e69b8d66da27f0cd1/1658920055.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 20:25:31 GMT
content-type: image/png
content-length: 67174
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 11:07:43 GMT
etag: "62e11c7f-10666"
expires: Sun, 11 Sep 2022 20:25:31 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
limitationvolleyballdejected.com/watch.1344558279259.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=60be688f-19a7-4689-94ed-5c305201ffca%3A3%3A1&shu=6b568d0f30e72a0f45ea29c20aaeb548d6d6bd58048fa59cc6e07ee9f8faaee599cd0a5dbb04d26993cbb584547056458b12ee577deafb5bbac785124c55bc5a64db0e667f2b515c28826e26583a52b91b3388ddf99b0b9bff3c045fb1ec4d02&pst=1662755191&rmtc=t
173.233.137.60200 OK 2.4 kB URL HTTP/1.1 limitationvolleyballdejected.com/watch.1344558279259.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=60be688f-19a7-4689-94ed-5c305201ffca%3A3%3A1&shu=6b568d0f30e72a0f45ea29c20aaeb548d6d6bd58048fa59cc6e07ee9f8faaee599cd0a5dbb04d26993cbb584547056458b12ee577deafb5bbac785124c55bc5a64db0e667f2b515c28826e26583a52b91b3388ddf99b0b9bff3c045fb1ec4d02&pst=1662755191&rmtc=t
IP 173.233.137.60:0
File type HTML document, ASCII text, with very long lines (2964)
Hash 70cff7f7d19e6e52441912ef510f1970
3c1c04b73ef61f401407c2106129f4a797921d93
feda515ccba56dc1e253b12b77c70ca9d1215765f1489d4f7a1842076871acb9
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1344558279259.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=60be688f-19a7-4689-94ed-5c305201ffca%3A3%3A1&shu=6b568d0f30e72a0f45ea29c20aaeb548d6d6bd58048fa59cc6e07ee9f8faaee599cd0a5dbb04d26993cbb584547056458b12ee577deafb5bbac785124c55bc5a64db0e667f2b515c28826e26583a52b91b3388ddf99b0b9bff3c045fb1ec4d02&pst=1662755191&rmtc=t HTTP/1.1
Host: limitationvolleyballdejected.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://scemga.com
Referer: https://scemga.com/
Connection: keep-alive
Cookie: u_pl=16430306,16429610; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjQyOTYxMCwiayI6IjQ0MTBmZmQ4YzkzZTYzNzJlMTYxZjRiMGExMmYyY2NkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjA0Mzk1LCJwaWQiOjMzODk3MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJqMTBlaGprcSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9zY2VtZ2EuY29tLyJ9fQ.9uehDUanOVklfpY1wzpKxn6HnAxwRF_H-v0BDTutXI0; uid_id2=0b837308-1ddb-4080-9e00-199883a1d3ec:1:1; iprcdf5d59169a529bc80c1205bdae5006aa=3569807; pdhtkv=true; uncs=1; pdhtkv27=true; uncs27=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Sep 2022 20:25:31 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://scemga.com
Access-Control-Allow-Origin: https://scemga.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=60be688f-19a7-4689-94ed-5c305201ffca:3:1; expires=Fri, 16 Sep 2022 20:25:31 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 10 Sep 2022 20:25:31 GMT; secure; SameSite=None
uncs=1; expires=Sat, 10 Sep 2022 20:25:31 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sat, 10 Sep 2022 20:25:31 GMT; secure; SameSite=None
uncs5=1; expires=Sat, 10 Sep 2022 20:25:31 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 45de74ee68c6733b2d15e6cae0845761
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdn.cloudimagesb.com/cti/43/ff/51/43ff51c07da75eaedd548042d5154cfe/1658930770.jpg
45.133.44.10200 OK 25 kB URL HTTP/2 cdn.cloudimagesb.com/cti/43/ff/51/43ff51c07da75eaedd548042d5154cfe/1658930770.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, baseline, precision 8, 320x50, components 3\012- data
Hash d465d02b90e928dfd9d9846e102a9dac
22f7333777bec813bd9a7b870913a2b79b6d2fe4
e393d4f1c6b5d4973e157f0f10764b92037dc18239500f42b72bed8ecef462fd
GET /cti/43/ff/51/43ff51c07da75eaedd548042d5154cfe/1658930770.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 20:25:31 GMT
content-type: image/jpeg
content-length: 24714
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 14:06:18 GMT
etag: "62e1465a-608a"
expires: Sun, 11 Sep 2022 20:25:31 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
45.133.44.10200 OK 144 kB URL HTTP/2 cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size 144 kB (144379 bytes)
Hash 33c304429dc1a4408a96e6a74ffa2feb
c45fa8e65528d1bb2b46bf8a28af9eeaa1903d04
dbed482e5948ead5587d30a22306a5b611305f704de940bd22c76daf90e0a314
GET /cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 20:25:31 GMT
content-type: image/png
content-length: 144379
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 11:07:21 GMT
etag: "62e11c69-233fb"
expires: Sun, 11 Sep 2022 20:25:31 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
treatycalculator.com/watch.1140650037915.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=60be688f-19a7-4689-94ed-5c305201ffca%3A3%3A1
192.243.61.225307 Temporary Redirect 0 B URL HTTP/1.1 treatycalculator.com/watch.1140650037915.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=60be688f-19a7-4689-94ed-5c305201ffca%3A3%3A1
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1140650037915.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=60be688f-19a7-4689-94ed-5c305201ffca%3A3%3A1 HTTP/1.1
Host: treatycalculator.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://scemga.com
Connection: keep-alive
Referer: https://scemga.com/
Cookie: u_pl=16429602; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjQyOTYwMiwiayI6IjI2NmEzNmNkNzNhZmYzNmE1MTYxYmViZTA5NzNkNWJlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjA0Mzk1LCJwaWQiOjMzODk3MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozMSwiYWlkIjozMiwicHQiOjQsInBrIjoiZXRwOHdjdWMiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vc2NlbWdhLmNvbS8ifX0.6y_kUR8S_WinywlQ4Tf1nGEIxVsWyxYXXw0XMOi2y2g; uid_id2=60be688f-19a7-4689-94ed-5c305201ffca:3:1; iprcbde18f61300e5bdc62ad8c48f8794e78=3570421; pdhtkv=true; uncs=1; pdhtkv32=true; uncs32=1; iprc42e22459f8455024a4693f78627c1b3c=3569806; pdhtkv5=true; uncs5=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.22.0
Date: Fri, 09 Sep 2022 20:25:31 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://scemga.com
Access-Control-Allow-Origin: https://scemga.com
Access-Control-Allow-Credentials: true
Location: https://treatycalculator.com/watch.1140650037915.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=60be688f-19a7-4689-94ed-5c305201ffca%3A3%3A1&shu=69cbbf46550f8d5c397e624488d862183ab95d71e45878a5222c86d812ee198a358e5362ca1d8dce746b6a16ee08f72a8ec2348552b61a74ec90f595c67d4e894540fe2053697cb2290b56fd5aaab0d386b615dc&pst=1662755191&rmtc=t
Set-Cookie: u_pl=16429602,16429610; expires=Sat, 10 Sep 2022 20:25:31 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjQyOTYxMCwiayI6IjQ0MTBmZmQ4YzkzZTYzNzJlMTYxZjRiMGExMmYyY2NkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjA0Mzk1LCJwaWQiOjMzODk3MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJqMTBlaGprcSIsInQiOjF9LCJ1Ijp7InUiOjIsImF1IjoyLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9zY2VtZ2EuY29tLyJ9fQ.axdQIgzid0LkYtifmCNIs0S3ivok4wHk93Vu5rJmFeY; expires=Fri, 09 Sep 2022 20:26:31 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 68052548d1c07ac3a04cd40da648b858
Strict-Transport-Security: max-age=0; includeSubdomains
phosphatepossible.com/watch.208266786549.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=60be688f-19a7-4689-94ed-5c305201ffca%3A3%3A1
192.243.61.225307 Temporary Redirect 0 B URL HTTP/1.1 phosphatepossible.com/watch.208266786549.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=60be688f-19a7-4689-94ed-5c305201ffca%3A3%3A1
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.208266786549.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=60be688f-19a7-4689-94ed-5c305201ffca%3A3%3A1 HTTP/1.1
Host: phosphatepossible.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://scemga.com
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.22.0
Date: Fri, 09 Sep 2022 20:25:31 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://scemga.com
Access-Control-Allow-Origin: https://scemga.com
Access-Control-Allow-Credentials: true
Location: https://phosphatepossible.com/watch.208266786549.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=60be688f-19a7-4689-94ed-5c305201ffca%3A3%3A1&shu=fb6e58bd744ccb85dd6a0fd9134853ade739b8bfd57c922618d147c979c44c9f1a630e60dfdc585dd93341423e98f47a4919996ba2a751e95b9899a4216db4b5d8647760a0b14af6bb2683b2490892fa73fbd0&pst=1662755191&rmtc=t
Set-Cookie: u_pl=16429610; expires=Sat, 10 Sep 2022 20:25:31 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjQyOTYxMCwiayI6IjQ0MTBmZmQ4YzkzZTYzNzJlMTYxZjRiMGExMmYyY2NkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjA0Mzk1LCJwaWQiOjMzODk3MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJqMTBlaGprcSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9zY2VtZ2EuY29tLyJ9fQ.9uehDUanOVklfpY1wzpKxn6HnAxwRF_H-v0BDTutXI0; expires=Fri, 09 Sep 2022 20:26:31 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fa15dd7937b1235aca944066a87c13ab
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.cloudimagesb.com/cti/96/64/f2/9664f226fa61ddbdd7ebea02d8e43bbf/1627979045.png
45.133.44.10200 OK 150 kB URL HTTP/2 cdn.cloudimagesb.com/cti/96/64/f2/9664f226fa61ddbdd7ebea02d8e43bbf/1627979045.png
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size 150 kB (149685 bytes)
Hash e7d35967d5b4bada68ebcfd8adf31493
e03ab93358befd526f05f2fa8197b98e07a50bea
6ba59bc77806df1b35b248a8f1315cf2fc0d8def3282e6d2f6246594e0608730
GET /cti/96/64/f2/9664f226fa61ddbdd7ebea02d8e43bbf/1627979045.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 20:25:31 GMT
content-type: image/png
content-length: 149685
server: nginx/1.17.6
last-modified: Tue, 03 Aug 2021 08:24:14 GMT
etag: "6108fd2e-248b5"
expires: Sun, 11 Sep 2022 20:25:31 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 26 kB IP 172.64.155.188:0
Hash 0b495cb47f62088fe2cd204019f18fe0
be30a074c8e2d353d22fd0ca09007d13912d9410
1364b2dde89887e2b63c66220a6817333d7f6f55c544f848fbe4efd222d7add0
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 20:25:31 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 07 Sep 2022 05:22:24 GMT
Expires: Wed, 14 Sep 2022 05:22:23 GMT
Etag: "8983eb7178675cb32b5c49e49eaf8e85aaf9d97c"
Cache-Control: max-age=377211,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7482a7528fe30b59-OSL
treatycalculator.com/watch.1140650037915.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=60be688f-19a7-4689-94ed-5c305201ffca%3A3%3A1&shu=69cbbf46550f8d5c397e624488d862183ab95d71e45878a5222c86d812ee198a358e5362ca1d8dce746b6a16ee08f72a8ec2348552b61a74ec90f595c67d4e894540fe2053697cb2290b56fd5aaab0d386b615dc&pst=1662755191&rmtc=t
192.243.61.225200 OK 2.3 kB URL HTTP/1.1 treatycalculator.com/watch.1140650037915.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=60be688f-19a7-4689-94ed-5c305201ffca%3A3%3A1&shu=69cbbf46550f8d5c397e624488d862183ab95d71e45878a5222c86d812ee198a358e5362ca1d8dce746b6a16ee08f72a8ec2348552b61a74ec90f595c67d4e894540fe2053697cb2290b56fd5aaab0d386b615dc&pst=1662755191&rmtc=t
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (2912)
Hash 16971ef6bd51b2b0444082013d984323
3216fea1d772050f6c613a32eaa493641b31d814
fa162d800d75a77a540934d5a77f48ff5a5732fcf6f4f29aaf633794007c34fc
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1140650037915.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=60be688f-19a7-4689-94ed-5c305201ffca%3A3%3A1&shu=69cbbf46550f8d5c397e624488d862183ab95d71e45878a5222c86d812ee198a358e5362ca1d8dce746b6a16ee08f72a8ec2348552b61a74ec90f595c67d4e894540fe2053697cb2290b56fd5aaab0d386b615dc&pst=1662755191&rmtc=t HTTP/1.1
Host: treatycalculator.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://scemga.com
Referer: https://scemga.com/
Connection: keep-alive
Cookie: u_pl=16429602,16429610; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjQyOTYxMCwiayI6IjQ0MTBmZmQ4YzkzZTYzNzJlMTYxZjRiMGExMmYyY2NkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjA0Mzk1LCJwaWQiOjMzODk3MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJqMTBlaGprcSIsInQiOjF9LCJ1Ijp7InUiOjIsImF1IjoyLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9zY2VtZ2EuY29tLyJ9fQ.axdQIgzid0LkYtifmCNIs0S3ivok4wHk93Vu5rJmFeY; uid_id2=60be688f-19a7-4689-94ed-5c305201ffca:3:1; iprcbde18f61300e5bdc62ad8c48f8794e78=3570421; pdhtkv=true; uncs=1; pdhtkv32=true; uncs32=1; iprc42e22459f8455024a4693f78627c1b3c=3569806; pdhtkv5=true; uncs5=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Fri, 09 Sep 2022 20:25:31 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://scemga.com
Access-Control-Allow-Origin: https://scemga.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=60be688f-19a7-4689-94ed-5c305201ffca:3:1; expires=Fri, 16 Sep 2022 20:25:31 GMT; secure; SameSite=None
uncs=2; expires=Sat, 10 Sep 2022 20:25:31 GMT; secure; SameSite=None
uncs5=2; expires=Sat, 10 Sep 2022 20:25:31 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: dd9208ab992684be5c14eba7dbecda20
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
phosphatepossible.com/watch.208266786549.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=60be688f-19a7-4689-94ed-5c305201ffca%3A3%3A1&shu=fb6e58bd744ccb85dd6a0fd9134853ade739b8bfd57c922618d147c979c44c9f1a630e60dfdc585dd93341423e98f47a4919996ba2a751e95b9899a4216db4b5d8647760a0b14af6bb2683b2490892fa73fbd0&pst=1662755191&rmtc=t
192.243.61.225200 OK 2.3 kB URL HTTP/1.1 phosphatepossible.com/watch.208266786549.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=60be688f-19a7-4689-94ed-5c305201ffca%3A3%3A1&shu=fb6e58bd744ccb85dd6a0fd9134853ade739b8bfd57c922618d147c979c44c9f1a630e60dfdc585dd93341423e98f47a4919996ba2a751e95b9899a4216db4b5d8647760a0b14af6bb2683b2490892fa73fbd0&pst=1662755191&rmtc=t
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (2845)
Hash 795ebbabe791835eeedb34e35b25dd86
ed9ca2172c09f2d4513d4980ce98777549355507
1d22c5d43fd2d73509e662b8ac1446912147b29c3d0c2c0c29e1ff1b4170c5e7
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.208266786549.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=60be688f-19a7-4689-94ed-5c305201ffca%3A3%3A1&shu=fb6e58bd744ccb85dd6a0fd9134853ade739b8bfd57c922618d147c979c44c9f1a630e60dfdc585dd93341423e98f47a4919996ba2a751e95b9899a4216db4b5d8647760a0b14af6bb2683b2490892fa73fbd0&pst=1662755191&rmtc=t HTTP/1.1
Host: phosphatepossible.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://scemga.com
Referer: https://scemga.com/
Connection: keep-alive
Cookie: u_pl=16429610; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjQyOTYxMCwiayI6IjQ0MTBmZmQ4YzkzZTYzNzJlMTYxZjRiMGExMmYyY2NkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjA0Mzk1LCJwaWQiOjMzODk3MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJqMTBlaGprcSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9zY2VtZ2EuY29tLyJ9fQ.9uehDUanOVklfpY1wzpKxn6HnAxwRF_H-v0BDTutXI0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Fri, 09 Sep 2022 20:25:31 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://scemga.com
Access-Control-Allow-Origin: https://scemga.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=60be688f-19a7-4689-94ed-5c305201ffca:3:1; expires=Fri, 16 Sep 2022 20:25:31 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 10 Sep 2022 20:25:31 GMT; secure; SameSite=None
uncs=1; expires=Sat, 10 Sep 2022 20:25:31 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sat, 10 Sep 2022 20:25:31 GMT; secure; SameSite=None
uncs5=1; expires=Sat, 10 Sep 2022 20:25:31 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 56ac34748a49824bfbf34c419ab073d2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdn.cloudimagesb.com/cti/9d/cd/c2/9dcdc22fbf49f9fa8cfd731038e5a43d/1627914391.png
45.133.44.10200 OK 141 kB URL HTTP/2 cdn.cloudimagesb.com/cti/9d/cd/c2/9dcdc22fbf49f9fa8cfd731038e5a43d/1627914391.png
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size 141 kB (140645 bytes)
Hash fe6d8dbe4af7b2577d42f319bd297c29
e7510860570a77ae512507ec92dfb5749cdbc36a
9c43b0f84a6d662958ea94ff12ebfe9b5ba62fbbd50aa7eb283d9dc8f5cd5993
GET /cti/9d/cd/c2/9dcdc22fbf49f9fa8cfd731038e5a43d/1627914391.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 20:25:31 GMT
content-type: image/png
content-length: 140645
server: nginx/1.17.6
last-modified: Mon, 02 Aug 2021 14:26:40 GMT
etag: "610800a0-22565"
expires: Sun, 11 Sep 2022 20:25:31 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 35 kB IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 34df6d8ee7edbd04fe38ce61b50b5e03
40f7564da3156f2fb9f736be50f17b6f34196dad
10993934e92a29c9a0b5b5f3f08c6b285526e1d6e354aa61d733fd7125801b40
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "95F297DB2CB9E29D6D6FCDFA7877029250D4A352E03D940F31DBD3AFCDCD0567"
Last-Modified: Wed, 07 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16599
Expires: Sat, 10 Sep 2022 01:02:10 GMT
Date: Fri, 09 Sep 2022 20:25:31 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash ac933792d4488fdeee0428a84cc37082
8983eb7178675cb32b5c49e49eaf8e85aaf9d97c
6ac9ecda1ec91af73ad3ec36b35fa67454082d0d963696fc8948a1bd7aa10954
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 20:25:31 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 07 Sep 2022 05:22:24 GMT
Expires: Wed, 14 Sep 2022 05:22:23 GMT
Etag: "8983eb7178675cb32b5c49e49eaf8e85aaf9d97c"
Cache-Control: max-age=377211,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7482a753d9380b59-OSL
youradexchange.com/script/suurl4.php?r=6021558&atag=1&czid=tzvkjx4zym&cbur=0.9080279024068891&cbiframe=0&cbWidth=1280&cbHeight=939&cbtitle=SCEMGA&cbpage=https%3A%2F%2Fscemga.com%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=ashcdn.com&aggr=3&seqid=0&ab_test=AdOpt_B_nocapping-2021-12-08v1&cap=0
35.190.41.116204 No Content 0 B URL HTTP/2 youradexchange.com/script/suurl4.php?r=6021558&atag=1&czid=tzvkjx4zym&cbur=0.9080279024068891&cbiframe=0&cbWidth=1280&cbHeight=939&cbtitle=SCEMGA&cbpage=https%3A%2F%2Fscemga.com%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=ashcdn.com&aggr=3&seqid=0&ab_test=AdOpt_B_nocapping-2021-12-08v1&cap=0
IP 35.190.41.116:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /script/suurl4.php?r=6021558&atag=1&czid=tzvkjx4zym&cbur=0.9080279024068891&cbiframe=0&cbWidth=1280&cbHeight=939&cbtitle=SCEMGA&cbpage=https%3A%2F%2Fscemga.com%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=ashcdn.com&aggr=3&seqid=0&ab_test=AdOpt_B_nocapping-2021-12-08v1&cap=0 HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://scemga.com
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: openresty
date: Fri, 09 Sep 2022 20:25:31 GMT
access-control-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
youradexchange.com/script/push.php?r=6021554&ipp=1&mads=2&position=top&czid=tzvkjx4zym&aggr=3&atag=1&ppv=1&ab_test=AdOpt_B_nocapping-2021-12-08v1&cbpage=https%3A%2F%2Fscemga.com%2F&cbref=
35.190.41.116204 No Content 39 kB URL HTTP/2 youradexchange.com/script/push.php?r=6021554&ipp=1&mads=2&position=top&czid=tzvkjx4zym&aggr=3&atag=1&ppv=1&ab_test=AdOpt_B_nocapping-2021-12-08v1&cbpage=https%3A%2F%2Fscemga.com%2F&cbref=
IP 35.190.41.116:0
Hash 2e3e073989c0c95adbd73e8c3b148775
6e3b8907c26ed65d1940c398eb3d0f9da2f27ad7
12896d2b2660ce9810e6ee0f3cb1b16fb4805ac61bb4a24610c1bda2cca277ae
GET /script/push.php?r=6021554&ipp=1&mads=2&position=top&czid=tzvkjx4zym&aggr=3&atag=1&ppv=1&ab_test=AdOpt_B_nocapping-2021-12-08v1&cbpage=https%3A%2F%2Fscemga.com%2F&cbref= HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://scemga.com
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: openresty
date: Fri, 09 Sep 2022 20:25:31 GMT
access-control-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-LR61DG565G>m=2oe970&_p=1022542686&cid=1164768431.1662755122&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1662755122&sct=1&seg=0&dl=https%3A%2F%2Fscemga.com%2F&dt=SCEMGA&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-LR61DG565G>m=2oe970&_p=1022542686&cid=1164768431.1662755122&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1662755122&sct=1&seg=0&dl=https%3A%2F%2Fscemga.com%2F&dt=SCEMGA&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-LR61DG565G>m=2oe970&_p=1022542686&cid=1164768431.1662755122&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1662755122&sct=1&seg=0&dl=https%3A%2F%2Fscemga.com%2F&dt=SCEMGA&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://scemga.com
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://scemga.com
date: Fri, 09 Sep 2022 20:25:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
diminutioneconomy.com/ntv.json?key=79058c42da72db7016303f55ac74fc51&vstc=3&uuid=60be688f-19a7-4689-94ed-5c305201ffca%3A3%3A1&custom=%7B%22d37e3bc4%22%3A%22a%22%7D
173.233.139.164200 OK 13 kB URL HTTP/1.1 diminutioneconomy.com/ntv.json?key=79058c42da72db7016303f55ac74fc51&vstc=3&uuid=60be688f-19a7-4689-94ed-5c305201ffca%3A3%3A1&custom=%7B%22d37e3bc4%22%3A%22a%22%7D
IP 173.233.139.164:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (13108), with no line terminators
Hash 9b40fee416af3563a431edee461083e3
88a293ed8f09175cc445912e75a225e63ca59b51
223149ecde4c4607f144546e213095ad5a2351fdb705eff4518ebd9c8c40fee6
GET /ntv.json?key=79058c42da72db7016303f55ac74fc51&vstc=3&uuid=60be688f-19a7-4689-94ed-5c305201ffca%3A3%3A1&custom=%7B%22d37e3bc4%22%3A%22a%22%7D HTTP/1.1
Host: diminutioneconomy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://scemga.com
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Sep 2022 20:25:31 GMT
Content-Type: application/json
Content-Length: 13109
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://scemga.com
Access-Control-Allow-Origin: https://scemga.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16437760; expires=Sat, 10 Sep 2022 20:25:31 GMT; secure; SameSite=None
uid_id2=60be688f-19a7-4689-94ed-5c305201ffca:3:1; expires=Fri, 16 Sep 2022 20:25:31 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 10 Sep 2022 20:25:31 GMT; secure; SameSite=None
uncs=1; expires=Sat, 10 Sep 2022 20:25:31 GMT; secure; SameSite=None
pdhtkv49=true; expires=Sat, 10 Sep 2022 20:25:31 GMT; secure; SameSite=None
uncs49=1; expires=Sat, 10 Sep 2022 20:25:31 GMT; secure; SameSite=None
nlec79058c42da72db7016303f55ac74fc51=[2229214,3637745,2106764]; expires=Fri, 09 Sep 2022 20:25:36 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b885375ee66dec94068f0ac96023acf6
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.cloudimagesb.com/cti/5d/60/ed/5d60edea793259cd719bfa3d19bcae3e/1628587069.jpg
45.133.44.10200 OK 28 kB URL HTTP/2 cdn.cloudimagesb.com/cti/5d/60/ed/5d60edea793259cd719bfa3d19bcae3e/1628587069.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 321x240, components 3\012- data
Hash f4fabf64be47ce667e0cfc150667b36c
234d722efa06cbedfdad9c1bb497a942997741dd
272b7875492a55c6f53a4e4704e715cc5b3cc4e5093758cbfedd95441bfe98d8
GET /cti/5d/60/ed/5d60edea793259cd719bfa3d19bcae3e/1628587069.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 20:25:31 GMT
content-type: image/jpeg
content-length: 27606
server: nginx/1.17.6
last-modified: Tue, 10 Aug 2021 09:17:59 GMT
etag: "61124447-6bd6"
expires: Sun, 11 Sep 2022 20:25:31 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/si/b9/5d/e2/b95de288caeec55111c172964c8a9c84/1662036680.jpg
45.133.44.10200 OK 21 kB URL HTTP/2 cdn.cloudimagesb.com/si/b9/5d/e2/b95de288caeec55111c172964c8a9c84/1662036680.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash 8f4953c1b8baece7bb7d226247561ce2
da5d440970606602026d7900a55ae2fd27a3f170
8fd9df7d8e48ff2519631e82e01519d4f1c65abd41ec977c18abb58df9832919
GET /si/b9/5d/e2/b95de288caeec55111c172964c8a9c84/1662036680.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 20:25:31 GMT
content-type: image/jpeg
content-length: 20566
server: nginx/1.17.6
last-modified: Thu, 01 Sep 2022 12:51:28 GMT
etag: "6310aad0-5056"
expires: Sun, 11 Sep 2022 20:25:31 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/28/5d/66/285d66474f8eb1391e6c869128c7a3ea/1628587131.jpg
45.133.44.10200 OK 29 kB URL HTTP/2 cdn.cloudimagesb.com/cti/28/5d/66/285d66474f8eb1391e6c869128c7a3ea/1628587131.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash 76f54f42b70d14a6d6bfe2f8b1945265
197daa3737be8968bf39ff28000663c1c17deeb2
c864fde3026e05a2cc34b4348fa4888d3ae44202179277877d082cadd9971abc
GET /cti/28/5d/66/285d66474f8eb1391e6c869128c7a3ea/1628587131.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 20:25:31 GMT
content-type: image/jpeg
content-length: 28852
server: nginx/1.17.6
last-modified: Tue, 10 Aug 2021 09:18:59 GMT
etag: "61124483-70b4"
expires: Sun, 11 Sep 2022 20:25:31 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
scemga.com/favicon.ico
162.0.232.190404 Not Found 1.2 kB IP 162.0.232.190:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
GET /favicon.ico HTTP/1.1
Host: scemga.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://scemga.com/
Connection: keep-alive
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=60be688f-19a7-4689-94ed-5c305201ffca%3A3%3A1; _ga_LR61DG565G=GS1.1.1662755122.1.0.1662755122.0.0.0; _ga=GA1.1.1164768431.1662755122
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Fri, 09 Sep 2022 20:25:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
diminutioneconomy.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSwYscRR%2BtzswHH3pRyUFRcRAVxexsd89M94w5BGNcCa7ZmCh6k%2Bqq6km51V1NVff0ZL0kBkIOHgY86annzSbRGET%2FAIPMBkSCQvq2B%2FfuUYQgnmTGxdHf5fdevXd49aquTosD4qKg%2B6fe0jtSKbrea7utF9%2F3vOOtTZkW49a4H3wQdI%2B3zOiVQdB2X2q9Idi2Xvddz3U912ttSCNiPV5fiJDZ7YHXHrjtrt%2F2el2MzX%2B5LRxY6oCPDshjkLxu3nWOQrI50uSbU8Ju5zo79npSKJprgxG%2F%2BW66neoyRbKCsXEQpzcP3dD2%2FsYd6PT6Mi706B9jJGvi%2FHAHUXrzMCSi0e4yZ6QgUkT8YZSjOYSaQ9I5mL4Cye8TgHGc2UKa3DijTUkv%2Fq3ShVqT5oPfIcuaNH85ijT5%2BqSS49Z5rYpc6tRiHFeQ4znkcI6s2EO%2BcwSy3APLP4bkP5P1B5tIk90tqzQk338ucCMR9Pvxmjeg4Vo36A%2FWBl3B13qs4%2FZ814tjRpcFSTmHjOdQYgJqGyisg0I6KGIHReYg4fst5nle6HJG3f6AsQ4PRRRw16Nh7FHPDfoo2OIOE%2BTZBExNwMwlZObyF7wTik7EulOKbTmBKb6HvVDB8iZsXhPn7TFGvEIpCEpLUFKCUhKUOUE5qq5zZX1b3eDKFpF3uP3D3almOh9O6XWdD0VKptkBeXTZ4581wbbYb4UDt9dnXZ%2FT0OdR6HpBx%2B3EvR5lYTdmPQ9WVpD2CKh1sCNr8vhHLyOTNfnfsacR0T1YtQcmnwEtPNByFvou6IVZt%2B9iJ71lmUiGtM10Aq4rZHkT%2BUVnqg7IE8sUzzYOINi9E7eeuv1%2F74VfwUyFzFT4UN4lGKprs3O6JLvndGnJt1tZLhO5QxcvfT6nuWjcelNcLLXhp0%2FZyZevsoWwgLffETbfpCmX6dCSr05KzoXZ0IYJ8t1p%2B56Izhb2wsnCpEW2efa1jdNJZoS1UqdzUHl%2F6w8wWZPm5TvLL%2FzIT1chzRymqJAU98jhQOo9sOwSbLZKb3UDRq08UeagLKqZ8aPVoZIESqw4jSrYf%2FFohaf2GobGB82vIE0qjEyFkapA1QS2eGiWZ%2BbeiR8%2FW8zniFRjFinT2I2UUZ8uq61JePm3mrSe%2FwRW7rfCTselwaDnhSEVYdT1%2B3HgcUr9buAHAe0gtzV7cnr8LwAAAP%2F%2FAQAA%2F%2F%2BsX5wVlwQAAA%3D%3D
173.233.139.164200 OK 7 B URL HTTP/1.1 diminutioneconomy.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSwYscRR%2BtzswHH3pRyUFRcRAVxexsd89M94w5BGNcCa7ZmCh6k%2Bqq6km51V1NVff0ZL0kBkIOHgY86annzSbRGET%2FAIPMBkSCQvq2B%2FfuUYQgnmTGxdHf5fdevXd49aquTosD4qKg%2B6fe0jtSKbrea7utF9%2F3vOOtTZkW49a4H3wQdI%2B3zOiVQdB2X2q9Idi2Xvddz3U912ttSCNiPV5fiJDZ7YHXHrjtrt%2F2el2MzX%2B5LRxY6oCPDshjkLxu3nWOQrI50uSbU8Ju5zo79npSKJprgxG%2F%2BW66neoyRbKCsXEQpzcP3dD2%2FsYd6PT6Mi706B9jJGvi%2FHAHUXrzMCSi0e4yZ6QgUkT8YZSjOYSaQ9I5mL4Cye8TgHGc2UKa3DijTUkv%2Fq3ShVqT5oPfIcuaNH85ijT5%2BqSS49Z5rYpc6tRiHFeQ4znkcI6s2EO%2BcwSy3APLP4bkP5P1B5tIk90tqzQk338ucCMR9Pvxmjeg4Vo36A%2FWBl3B13qs4%2FZ814tjRpcFSTmHjOdQYgJqGyisg0I6KGIHReYg4fst5nle6HJG3f6AsQ4PRRRw16Nh7FHPDfoo2OIOE%2BTZBExNwMwlZObyF7wTik7EulOKbTmBKb6HvVDB8iZsXhPn7TFGvEIpCEpLUFKCUhKUOUE5qq5zZX1b3eDKFpF3uP3D3almOh9O6XWdD0VKptkBeXTZ4581wbbYb4UDt9dnXZ%2FT0OdR6HpBx%2B3EvR5lYTdmPQ9WVpD2CKh1sCNr8vhHLyOTNfnfsacR0T1YtQcmnwEtPNByFvou6IVZt%2B9iJ71lmUiGtM10Aq4rZHkT%2BUVnqg7IE8sUzzYOINi9E7eeuv1%2F74VfwUyFzFT4UN4lGKprs3O6JLvndGnJt1tZLhO5QxcvfT6nuWjcelNcLLXhp0%2FZyZevsoWwgLffETbfpCmX6dCSr05KzoXZ0IYJ8t1p%2B56Izhb2wsnCpEW2efa1jdNJZoS1UqdzUHl%2F6w8wWZPm5TvLL%2FzIT1chzRymqJAU98jhQOo9sOwSbLZKb3UDRq08UeagLKqZ8aPVoZIESqw4jSrYf%2FFohaf2GobGB82vIE0qjEyFkapA1QS2eGiWZ%2BbeiR8%2FW8zniFRjFinT2I2UUZ8uq61JePm3mrSe%2FwRW7rfCTselwaDnhSEVYdT1%2B3HgcUr9buAHAe0gtzV7cnr8LwAAAP%2F%2FAQAA%2F%2F%2BsX5wVlwQAAA%3D%3D
IP 173.233.139.164:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSwYscRR%2BtzswHH3pRyUFRcRAVxexsd89M94w5BGNcCa7ZmCh6k%2Bqq6km51V1NVff0ZL0kBkIOHgY86annzSbRGET%2FAIPMBkSCQvq2B%2FfuUYQgnmTGxdHf5fdevXd49aquTosD4qKg%2B6fe0jtSKbrea7utF9%2F3vOOtTZkW49a4H3wQdI%2B3zOiVQdB2X2q9Idi2Xvddz3U912ttSCNiPV5fiJDZ7YHXHrjtrt%2F2el2MzX%2B5LRxY6oCPDshjkLxu3nWOQrI50uSbU8Ju5zo79npSKJprgxG%2F%2BW66neoyRbKCsXEQpzcP3dD2%2FsYd6PT6Mi706B9jJGvi%2FHAHUXrzMCSi0e4yZ6QgUkT8YZSjOYSaQ9I5mL4Cye8TgHGc2UKa3DijTUkv%2Fq3ShVqT5oPfIcuaNH85ijT5%2BqSS49Z5rYpc6tRiHFeQ4znkcI6s2EO%2BcwSy3APLP4bkP5P1B5tIk90tqzQk338ucCMR9Pvxmjeg4Vo36A%2FWBl3B13qs4%2FZ814tjRpcFSTmHjOdQYgJqGyisg0I6KGIHReYg4fst5nle6HJG3f6AsQ4PRRRw16Nh7FHPDfoo2OIOE%2BTZBExNwMwlZObyF7wTik7EulOKbTmBKb6HvVDB8iZsXhPn7TFGvEIpCEpLUFKCUhKUOUE5qq5zZX1b3eDKFpF3uP3D3almOh9O6XWdD0VKptkBeXTZ4581wbbYb4UDt9dnXZ%2FT0OdR6HpBx%2B3EvR5lYTdmPQ9WVpD2CKh1sCNr8vhHLyOTNfnfsacR0T1YtQcmnwEtPNByFvou6IVZt%2B9iJ71lmUiGtM10Aq4rZHkT%2BUVnqg7IE8sUzzYOINi9E7eeuv1%2F74VfwUyFzFT4UN4lGKprs3O6JLvndGnJt1tZLhO5QxcvfT6nuWjcelNcLLXhp0%2FZyZevsoWwgLffETbfpCmX6dCSr05KzoXZ0IYJ8t1p%2B56Izhb2wsnCpEW2efa1jdNJZoS1UqdzUHl%2F6w8wWZPm5TvLL%2FzIT1chzRymqJAU98jhQOo9sOwSbLZKb3UDRq08UeagLKqZ8aPVoZIESqw4jSrYf%2FFohaf2GobGB82vIE0qjEyFkapA1QS2eGiWZ%2BbeiR8%2FW8zniFRjFinT2I2UUZ8uq61JePm3mrSe%2FwRW7rfCTselwaDnhSEVYdT1%2B3HgcUr9buAHAe0gtzV7cnr8LwAAAP%2F%2FAQAA%2F%2F%2BsX5wVlwQAAA%3D%3D HTTP/1.1
Host: diminutioneconomy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://scemga.com/
Cookie: u_pl=16437760; uid_id2=60be688f-19a7-4689-94ed-5c305201ffca:3:1; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec79058c42da72db7016303f55ac74fc51=[2229214,3637745,2106764]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Sep 2022 20:25:31 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 30876b16538aa929d98b880f8bd1a6d1
Strict-Transport-Security: max-age=0; includeSubdomains
diminutioneconomy.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scxR%2Btye4Xvv64KDkoGhxEJcHsbHfPTPeMOQTjuhJck5goehCkuqp6ttzqrqaqe3qyXhIDkoPggCc99bzZJBoX0T%2FAIL0BkQVh%2B7YH9%2B5RxBw8yYyLq5%2FL57167%2FDqVX08yQ%2BIg5zur7yhN6VSdLnbcpon33XdM801meSj5qjnv%2B93zjTN8KW%2B33JONV8TbEMve47rOK7jNlelEZEeLc9EyHS777b6TqvjtdxuByPzX27zBixtgA8PyOOQvF683zgOySok8bcrwm5kOj39apwrmmmDIb%2FzdrKR6CJBfAQj00CU3Dl0Q9u91XvQya15XOjhP8ZQ1qTx4z2EyZ3DkAiHW%2FOcoYJIEPJHUAwrCFVB0gpM34DkewRgHBcuIolvX9CmoFf%2FVulMrcnig98hi5os%2FnIcSfzNOSVHzSta5ZnUicUoKiFHFeSgQprvINs8BlnsgGUfQfKfyfKDNSTx1kWrNCTff853QuH3etGS26fBUsfv9Zf6HcGXuqztdD3HjSJG5wVJWUFGFZQYg9oF5LaBXDaQRw3kaQMx328y13UDhzPq9PqMtXkgQp87Lg0il7qO30POZncYI0vHYGoMZq4hNde%2F5O1AtEPWmVBsyDFM%2FgPsegnLF2GzmjTeHGHISxSCoLAEBSUoJEGRERTD8hZX1rPlba5sHrqH2zvc7XKqs8GE3tLZQCRkkh6Qx%2BY9%2FlkTbIj9ZtB3uj3W8TgNPB4Gjuu3nXbU7VIWdCLWdWFlCWmPgdoGNmVNnvjwRaSyJv87fQIh3YFVO2DyGdDcBS2mgeeArk87PQebyV3LRDygLaZjcF0izRaRXW1M1AF5cp4iuP4bBNs9u33yj%2BrT906BmRKpKfGBvE8wUDenl3VBti7rwpLvLqaZjOUmnb30lYxmYuHu6%2BJqoQ0%2Fv2LHX73MZsIMbr8lbLZGEy6TgSVfn5OcC7OqDRPk%2B%2FP2HRFeyu36udwkebp26ZXV83FqhLVSJxWo3Hu0ApM1eWh3Zf6FT6yuQ5oKJi8R57vkcCD1Dlh6DTbdPXv36e3%2Fuy%2F8CqsXYNSRJ0yPocjLqfHCo0MlCZQ44jQsYf%2FFwyM8sTcxMB5odgNJXGJoSgxVCarGsPnD0yw1u2d%2F%2Bnw2XyBUC9NQmYWtUBn1WU2eXTiY91uT5vOfwMr9ZtBuO9Tvd90goCIIO14v8l1OqdfxPd%2BnbWS2Zk9NzvwFAAD%2F%2FwEAAP%2F%2FCU1Z0ZcEAAA%3D
173.233.139.164200 OK 7 B URL HTTP/1.1 diminutioneconomy.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scxR%2Btye4Xvv64KDkoGhxEJcHsbHfPTPeMOQTjuhJck5goehCkuqp6ttzqrqaqe3qyXhIDkoPggCc99bzZJBoX0T%2FAIL0BkQVh%2B7YH9%2B5RxBw8yYyLq5%2FL57167%2FDqVX08yQ%2BIg5zur7yhN6VSdLnbcpon33XdM801meSj5qjnv%2B93zjTN8KW%2B33JONV8TbEMve47rOK7jNlelEZEeLc9EyHS777b6TqvjtdxuByPzX27zBixtgA8PyOOQvF683zgOySok8bcrwm5kOj39apwrmmmDIb%2FzdrKR6CJBfAQj00CU3Dl0Q9u91XvQya15XOjhP8ZQ1qTx4z2EyZ3DkAiHW%2FOcoYJIEPJHUAwrCFVB0gpM34DkewRgHBcuIolvX9CmoFf%2FVulMrcnig98hi5os%2FnIcSfzNOSVHzSta5ZnUicUoKiFHFeSgQprvINs8BlnsgGUfQfKfyfKDNSTx1kWrNCTff853QuH3etGS26fBUsfv9Zf6HcGXuqztdD3HjSJG5wVJWUFGFZQYg9oF5LaBXDaQRw3kaQMx328y13UDhzPq9PqMtXkgQp87Lg0il7qO30POZncYI0vHYGoMZq4hNde%2F5O1AtEPWmVBsyDFM%2FgPsegnLF2GzmjTeHGHISxSCoLAEBSUoJEGRERTD8hZX1rPlba5sHrqH2zvc7XKqs8GE3tLZQCRkkh6Qx%2BY9%2FlkTbIj9ZtB3uj3W8TgNPB4Gjuu3nXbU7VIWdCLWdWFlCWmPgdoGNmVNnvjwRaSyJv87fQIh3YFVO2DyGdDcBS2mgeeArk87PQebyV3LRDygLaZjcF0izRaRXW1M1AF5cp4iuP4bBNs9u33yj%2BrT906BmRKpKfGBvE8wUDenl3VBti7rwpLvLqaZjOUmnb30lYxmYuHu6%2BJqoQ0%2Fv2LHX73MZsIMbr8lbLZGEy6TgSVfn5OcC7OqDRPk%2B%2FP2HRFeyu36udwkebp26ZXV83FqhLVSJxWo3Hu0ApM1eWh3Zf6FT6yuQ5oKJi8R57vkcCD1Dlh6DTbdPXv36e3%2Fuy%2F8CqsXYNSRJ0yPocjLqfHCo0MlCZQ44jQsYf%2FFwyM8sTcxMB5odgNJXGJoSgxVCarGsPnD0yw1u2d%2F%2Bnw2XyBUC9NQmYWtUBn1WU2eXTiY91uT5vOfwMr9ZtBuO9Tvd90goCIIO14v8l1OqdfxPd%2BnbWS2Zk9NzvwFAAD%2F%2FwEAAP%2F%2FCU1Z0ZcEAAA%3D
IP 173.233.139.164:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scxR%2Btye4Xvv64KDkoGhxEJcHsbHfPTPeMOQTjuhJck5goehCkuqp6ttzqrqaqe3qyXhIDkoPggCc99bzZJBoX0T%2FAIL0BkQVh%2B7YH9%2B5RxBw8yYyLq5%2FL57167%2FDqVX08yQ%2BIg5zur7yhN6VSdLnbcpon33XdM801meSj5qjnv%2B93zjTN8KW%2B33JONV8TbEMve47rOK7jNlelEZEeLc9EyHS777b6TqvjtdxuByPzX27zBixtgA8PyOOQvF683zgOySok8bcrwm5kOj39apwrmmmDIb%2FzdrKR6CJBfAQj00CU3Dl0Q9u91XvQya15XOjhP8ZQ1qTx4z2EyZ3DkAiHW%2FOcoYJIEPJHUAwrCFVB0gpM34DkewRgHBcuIolvX9CmoFf%2FVulMrcnig98hi5os%2FnIcSfzNOSVHzSta5ZnUicUoKiFHFeSgQprvINs8BlnsgGUfQfKfyfKDNSTx1kWrNCTff853QuH3etGS26fBUsfv9Zf6HcGXuqztdD3HjSJG5wVJWUFGFZQYg9oF5LaBXDaQRw3kaQMx328y13UDhzPq9PqMtXkgQp87Lg0il7qO30POZncYI0vHYGoMZq4hNde%2F5O1AtEPWmVBsyDFM%2FgPsegnLF2GzmjTeHGHISxSCoLAEBSUoJEGRERTD8hZX1rPlba5sHrqH2zvc7XKqs8GE3tLZQCRkkh6Qx%2BY9%2FlkTbIj9ZtB3uj3W8TgNPB4Gjuu3nXbU7VIWdCLWdWFlCWmPgdoGNmVNnvjwRaSyJv87fQIh3YFVO2DyGdDcBS2mgeeArk87PQebyV3LRDygLaZjcF0izRaRXW1M1AF5cp4iuP4bBNs9u33yj%2BrT906BmRKpKfGBvE8wUDenl3VBti7rwpLvLqaZjOUmnb30lYxmYuHu6%2BJqoQ0%2Fv2LHX73MZsIMbr8lbLZGEy6TgSVfn5OcC7OqDRPk%2B%2FP2HRFeyu36udwkebp26ZXV83FqhLVSJxWo3Hu0ApM1eWh3Zf6FT6yuQ5oKJi8R57vkcCD1Dlh6DTbdPXv36e3%2Fuy%2F8CqsXYNSRJ0yPocjLqfHCo0MlCZQ44jQsYf%2FFwyM8sTcxMB5odgNJXGJoSgxVCarGsPnD0yw1u2d%2F%2Bnw2XyBUC9NQmYWtUBn1WU2eXTiY91uT5vOfwMr9ZtBuO9Tvd90goCIIO14v8l1OqdfxPd%2BnbWS2Zk9NzvwFAAD%2F%2FwEAAP%2F%2FCU1Z0ZcEAAA%3D HTTP/1.1
Host: diminutioneconomy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://scemga.com/
Cookie: u_pl=16437760; uid_id2=60be688f-19a7-4689-94ed-5c305201ffca:3:1; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec79058c42da72db7016303f55ac74fc51=[2229214,3637745,2106764]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Sep 2022 20:25:32 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c9cd42b617b9f3246b920b1043b706a3
Strict-Transport-Security: max-age=0; includeSubdomains
diminutioneconomy.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSwYscRR%2BtzswHH3oQJQdFxUFUFLOz3T0z3TPmEIxxJbhmY6LoTaqrqiflVnc1Vd3Tk%2FWSGJAcPAx40lPPm02iMQT9AwwyGxAJCOnbHty7RxGCeJKZLI7%2BLr%2F36r3Dq1f12bQ4IC4Kun%2FqHb0jlaLrvbbbevlDzzve2pRpMW6N%2B8FHQfd4y4xeGwRt95XWW4Jt63Xf9VzXc73WhjQi1uP1hQiZ3Rp47YHb7vptr9fF2PyX28KBpQ746IA8Acnr5l3nKCSbI02%2BOyXsdq6zY28mhaK5NhjxG%2B%2Bn26kuUyQrGBsHcXrj0A1t72%2FcgU6vLeNCj%2F4xRrImzk93EKU3DkMiGu0uc0YKIkXEH0U5mkOoOSSdg%2BkrkPw%2BARjHmS2kyfUz2pT04kOVLtSaNB%2F8AVnWpPnrUaTJ7ZNKjlvntSpyqVOLcVxBjueQwzmyYg%2F5zhHIcg8s%2FxSS%2F0LWH2wiTXa3rNKQfP%2BFwI1E0O%2FHa96AhmvdoD9YG3QFX%2BuxjtvzXS%2BOGV0WJOUcMp5DiQmobaCwDgrpoIgdFJmDhO%2B3mOd5ocsZdfsDxjo8FFHAXY%2BGsUc9N%2BijYIs7TJBnEzA1ATOXkJnLX%2FNOKDoR604ptuUEpvgR9kIFy5uweU2cd8cY8QqlICgtQUkJSklQ5gTlqLrGlfVtdZ0rW0Te4fYPd6ea6Xw4pdd0PhQpmWYH5PFlj3%2FVBNtivxUO3F6fdX1OQ59HoesFHbcT93qUhd2Y9TxYWUHaI6DWwY6syZOfvIpM1uR%2Fx55FRPdg1R6YfA608EDLWei7oBdm3b6LnfSmZSIZ0jbTCbiukOVN5BedqTogTy1TtF78HILdO3HzmVv%2F9176DcxUyEyFj%2BVdgqG6OjunS7J7TpeWfL%2BV5TKRO3Tx0udzmovGzbfFxVIbfvqUnXzzOlsIC3jrPWHzTZpymQ4t%2Bfak5FyYDW2YID%2Bcth%2BI6GxhL5wsTFpkm2ff2DidZEZYK3U6B5X3t%2F4EkzVpXr6z%2FMKP1bchzRymqJAU98jhQOo9sOwSbLZKb3UDRq08UdZAWVQz40erQyUJlFhxGlWw%2F%2BLRCk%2FtVQyND5pfQZpUGJkKI1WBqgls8cgsz8y9Ez9%2FuZivEKnGLFKmsRspo76oyfONg5qEl39%2FWLKV%2B62w03FpMOh5YUhFGHX9fhx4nFK%2FG%2FhBQDvIbc2enh7%2FGwAA%2F%2F8BAAD%2F%2F4dFFXaXBAAA
173.233.139.164200 OK 7 B URL HTTP/1.1 diminutioneconomy.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSwYscRR%2BtzswHH3oQJQdFxUFUFLOz3T0z3TPmEIxxJbhmY6LoTaqrqiflVnc1Vd3Tk%2FWSGJAcPAx40lPPm02iMQT9AwwyGxAJCOnbHty7RxGCeJKZLI7%2BLr%2F36r3Dq1f12bQ4IC4Kun%2FqHb0jlaLrvbbbevlDzzve2pRpMW6N%2B8FHQfd4y4xeGwRt95XWW4Jt63Xf9VzXc73WhjQi1uP1hQiZ3Rp47YHb7vptr9fF2PyX28KBpQ746IA8Acnr5l3nKCSbI02%2BOyXsdq6zY28mhaK5NhjxG%2B%2Bn26kuUyQrGBsHcXrj0A1t72%2FcgU6vLeNCj%2F4xRrImzk93EKU3DkMiGu0uc0YKIkXEH0U5mkOoOSSdg%2BkrkPw%2BARjHmS2kyfUz2pT04kOVLtSaNB%2F8AVnWpPnrUaTJ7ZNKjlvntSpyqVOLcVxBjueQwzmyYg%2F5zhHIcg8s%2FxSS%2F0LWH2wiTXa3rNKQfP%2BFwI1E0O%2FHa96AhmvdoD9YG3QFX%2BuxjtvzXS%2BOGV0WJOUcMp5DiQmobaCwDgrpoIgdFJmDhO%2B3mOd5ocsZdfsDxjo8FFHAXY%2BGsUc9N%2BijYIs7TJBnEzA1ATOXkJnLX%2FNOKDoR604ptuUEpvgR9kIFy5uweU2cd8cY8QqlICgtQUkJSklQ5gTlqLrGlfVtdZ0rW0Te4fYPd6ea6Xw4pdd0PhQpmWYH5PFlj3%2FVBNtivxUO3F6fdX1OQ59HoesFHbcT93qUhd2Y9TxYWUHaI6DWwY6syZOfvIpM1uR%2Fx55FRPdg1R6YfA608EDLWei7oBdm3b6LnfSmZSIZ0jbTCbiukOVN5BedqTogTy1TtF78HILdO3HzmVv%2F9176DcxUyEyFj%2BVdgqG6OjunS7J7TpeWfL%2BV5TKRO3Tx0udzmovGzbfFxVIbfvqUnXzzOlsIC3jrPWHzTZpymQ4t%2Bfak5FyYDW2YID%2Bcth%2BI6GxhL5wsTFpkm2ff2DidZEZYK3U6B5X3t%2F4EkzVpXr6z%2FMKP1bchzRymqJAU98jhQOo9sOwSbLZKb3UDRq08UdZAWVQz40erQyUJlFhxGlWw%2F%2BLRCk%2FtVQyND5pfQZpUGJkKI1WBqgls8cgsz8y9Ez9%2FuZivEKnGLFKmsRspo76oyfONg5qEl39%2FWLKV%2B62w03FpMOh5YUhFGHX9fhx4nFK%2FG%2FhBQDvIbc2enh7%2FGwAA%2F%2F8BAAD%2F%2F4dFFXaXBAAA
IP 173.233.139.164:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSwYscRR%2BtzswHH3oQJQdFxUFUFLOz3T0z3TPmEIxxJbhmY6LoTaqrqiflVnc1Vd3Tk%2FWSGJAcPAx40lPPm02iMQT9AwwyGxAJCOnbHty7RxGCeJKZLI7%2BLr%2F36r3Dq1f12bQ4IC4Kun%2FqHb0jlaLrvbbbevlDzzve2pRpMW6N%2B8FHQfd4y4xeGwRt95XWW4Jt63Xf9VzXc73WhjQi1uP1hQiZ3Rp47YHb7vptr9fF2PyX28KBpQ746IA8Acnr5l3nKCSbI02%2BOyXsdq6zY28mhaK5NhjxG%2B%2Bn26kuUyQrGBsHcXrj0A1t72%2FcgU6vLeNCj%2F4xRrImzk93EKU3DkMiGu0uc0YKIkXEH0U5mkOoOSSdg%2BkrkPw%2BARjHmS2kyfUz2pT04kOVLtSaNB%2F8AVnWpPnrUaTJ7ZNKjlvntSpyqVOLcVxBjueQwzmyYg%2F5zhHIcg8s%2FxSS%2F0LWH2wiTXa3rNKQfP%2BFwI1E0O%2FHa96AhmvdoD9YG3QFX%2BuxjtvzXS%2BOGV0WJOUcMp5DiQmobaCwDgrpoIgdFJmDhO%2B3mOd5ocsZdfsDxjo8FFHAXY%2BGsUc9N%2BijYIs7TJBnEzA1ATOXkJnLX%2FNOKDoR604ptuUEpvgR9kIFy5uweU2cd8cY8QqlICgtQUkJSklQ5gTlqLrGlfVtdZ0rW0Te4fYPd6ea6Xw4pdd0PhQpmWYH5PFlj3%2FVBNtivxUO3F6fdX1OQ59HoesFHbcT93qUhd2Y9TxYWUHaI6DWwY6syZOfvIpM1uR%2Fx55FRPdg1R6YfA608EDLWei7oBdm3b6LnfSmZSIZ0jbTCbiukOVN5BedqTogTy1TtF78HILdO3HzmVv%2F9176DcxUyEyFj%2BVdgqG6OjunS7J7TpeWfL%2BV5TKRO3Tx0udzmovGzbfFxVIbfvqUnXzzOlsIC3jrPWHzTZpymQ4t%2Bfak5FyYDW2YID%2Bcth%2BI6GxhL5wsTFpkm2ff2DidZEZYK3U6B5X3t%2F4EkzVpXr6z%2FMKP1bchzRymqJAU98jhQOo9sOwSbLZKb3UDRq08UdZAWVQz40erQyUJlFhxGlWw%2F%2BLRCk%2FtVQyND5pfQZpUGJkKI1WBqgls8cgsz8y9Ez9%2FuZivEKnGLFKmsRspo76oyfONg5qEl39%2FWLKV%2B62w03FpMOh5YUhFGHX9fhx4nFK%2FG%2FhBQDvIbc2enh7%2FGwAA%2F%2F8BAAD%2F%2F4dFFXaXBAAA HTTP/1.1
Host: diminutioneconomy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://scemga.com/
Cookie: u_pl=16437760; uid_id2=60be688f-19a7-4689-94ed-5c305201ffca:3:1; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec79058c42da72db7016303f55ac74fc51=[2229214,3637745,2106764]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Sep 2022 20:25:32 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e39be9170095f52f5fc6ddd71637a93a
Strict-Transport-Security: max-age=0; includeSubdomains
diminutioneconomy.com/65/aa/28/65aa283021630dfd9030555c4c61a78c.js
173.233.139.164200 OK 29 kB URL HTTP/1.1 diminutioneconomy.com/65/aa/28/65aa283021630dfd9030555c4c61a78c.js
IP 173.233.139.164:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash d3115b2de8763d321c1aceef8a64ef62
ba66f1fa40053f0efb3bbb90e664ba20ae161723
3585675a5f47c867150ec0ce0e380fa6fb41797267931dec0de4de338b5fd8f4
GET /65/aa/28/65aa283021630dfd9030555c4c61a78c.js HTTP/1.1
Host: diminutioneconomy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://scemga.com/
Cookie: u_pl=16437760; uid_id2=60be688f-19a7-4689-94ed-5c305201ffca:3:1; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec79058c42da72db7016303f55ac74fc51=[2229214,3637745,2106764]
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Sep 2022 20:25:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 87b16a8a548141ff46e7045c7c98665f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
youradexchange.com/ad/czcf.php?cz=tzvkjx4zym
35.190.41.116200 OK 645 B URL HTTP/2 youradexchange.com/ad/czcf.php?cz=tzvkjx4zym
IP 35.190.41.116:0
Hash b9adfc438c7b42d5b93c3c2f09b0b6b3
db36a6654a496093e69932616c1c6d006e622362
613efc57384d282941e923f07b2f442bb8bd2208bc7aac2bf8e1dd4f855f1e98
GET /ad/czcf.php?cz=tzvkjx4zym HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://scemga.com
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Fri, 09 Sep 2022 20:25:31 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cb260f695580f58c6e36d3b8079c85cd
2f38fcf0b1ce3460a59fa60f3d458f71397db491
512582d966d42131bc95e57e129eb31306f3d198f9bce10ccd46e34fd9afb88b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "512582D966D42131BC95E57E129EB31306F3D198F9BCE10CCD46E34FD9AFB88B"
Last-Modified: Wed, 07 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3643
Expires: Fri, 09 Sep 2022 21:26:15 GMT
Date: Fri, 09 Sep 2022 20:25:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d48f198d88d137119adc51c8da2f398a
2eeab0a581a7f899201fbec3f8e309332a7b4b34
79e789ece961100679838654a3e2c2eaefaaad0481686d44b96ed83c94386b83
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "79E789ECE961100679838654A3E2C2EAEFAAAD0481686D44B96ED83C94386B83"
Last-Modified: Fri, 09 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13280
Expires: Sat, 10 Sep 2022 00:06:52 GMT
Date: Fri, 09 Sep 2022 20:25:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 29ed18931467e0c214b5e11f62526e0d
f74327003408cfc636f227c0544a5515c5c88698
9e38f2d1e2c14a729126101d6ac73e8c4afa68af5b02ffc26016c2e33ba9ed85
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9E38F2D1E2C14A729126101D6AC73E8C4AFA68AF5B02FFC26016C2E33BA9ED85"
Last-Modified: Thu, 08 Sep 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12195
Expires: Fri, 09 Sep 2022 23:48:47 GMT
Date: Fri, 09 Sep 2022 20:25:32 GMT
Connection: keep-alive
reapinject.com/pixel/purst?dl=0&th=0&sc=0&rs=7048&rd=7048&fd=398&bv=22.8.v.2&tmpl=136
173.233.137.44502 Bad Gateway 157 B URL HTTP/1.1 reapinject.com/pixel/purst?dl=0&th=0&sc=0&rs=7048&rd=7048&fd=398&bv=22.8.v.2&tmpl=136
IP 173.233.137.44:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash d41a93f6d3a61aa8e32d7a0afcfbb2d0
77718bef53accc9fd03bea992dc25e4086a17d50
3f72ba697c379550b6005be4ed325a33b228eea31e056a4dfa1150c6ace3f6cd
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=7048&rd=7048&fd=398&bv=22.8.v.2&tmpl=136 HTTP/1.1
Host: reapinject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 502 Bad Gateway
Server: nginx/1.19.5
Date: Fri, 09 Sep 2022 20:25:32 GMT
Content-Type: text/html
Content-Length: 157
Connection: keep-alive
addresseepaper.com/sfp.js
104.21.234.254200 OK 23 kB URL HTTP/2 addresseepaper.com/sfp.js
IP 104.21.234.254:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 22d0be38cff37c2a380b8d37351ac495
92d8c874ea32e8a72d42338358e8ee973c4da1f0
e9f42bbe705429c897274d46011313905f41a829c154581a9b2185441662dbd3
Analyzer Verdict Alert quad9 Sinkholed
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 20:25:32 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 55774a5ee6df373e70a25367f6c42746
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 09 Sep 2022 20:25:32 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rwNyokZOiP5yBsHXNkZVWn6UALUGAI6I5vTD%2FbDphW58y9ETopRKyG9SgLpVBA3Cv04indXrfEVvreRL0E6oi2nNy5ZhYarFxGwSju4woqYC%2Beknswu6rLf5XdJ1SZhCj0EINDU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7482a759bd367759-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
youradexchange.com/n/display.php?r=6021550&seqid=0&cbpage=https://scemga.com/&cbref=&cdn=1&atag=1&czid=tzvkjx4zym&aggr=3&ab_test=AdOpt_B_nocapping-2021-12-08v1&cap=0
35.190.41.116204 No Content 0 B URL HTTP/2 youradexchange.com/n/display.php?r=6021550&seqid=0&cbpage=https://scemga.com/&cbref=&cdn=1&atag=1&czid=tzvkjx4zym&aggr=3&ab_test=AdOpt_B_nocapping-2021-12-08v1&cap=0
IP 35.190.41.116:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /n/display.php?r=6021550&seqid=0&cbpage=https://scemga.com/&cbref=&cdn=1&atag=1&czid=tzvkjx4zym&aggr=3&ab_test=AdOpt_B_nocapping-2021-12-08v1&cap=0 HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://scemga.com
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: openresty
date: Fri, 09 Sep 2022 20:25:33 GMT
access-control-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
acdcdn.com/script/atg.js
104.21.6.66200 OK 0 B IP 104.21.6.66:0
GET /script/atg.js HTTP/1.1
Host: acdcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 20:25:27 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdsYeMqd1h5xQQ8mpDKYtDFSfEcoFRndqO0Lhz4JeNqWUKIBGJyxBwgvyViDBSmCnx5pT9AlBOBILkVPdquixeyLvaL45rUd
x-goog-generation: 1662291096576502
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 97006
x-goog-hash: crc32c=cP6rPg==, md5=cHzYdZFLhO0KtH/SFwBqJw==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Fri, 09 Sep 2022 21:22:33 GMT
cache-control: public, max-age=14400
age: 174
last-modified: Sun, 04 Sep 2022 11:31:36 GMT
etag: W/"707cd875914b84ed0ab47fd217006a27"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I6fUKVnf%2F0uKq5tEF7ovGg1ToeHubeftKEGSx8vXox6495G4Ldp%2FYQlljCuwpfLkU9900QiEF0LVhh20UH0TaMyJ6xgrSdFAjR8hLdC5JI6yb%2BiWU9B7jT%2FQYRhD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7482a73d0c491c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
asacdn.com/script/atg.js
172.67.201.216200 OK 0 B IP 172.67.201.216:0
GET /script/atg.js HTTP/1.1
Host: asacdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 20:25:27 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdsYeMqd1h5xQQ8mpDKYtDFSfEcoFRndqO0Lhz4JeNqWUKIBGJyxBwgvyViDBSmCnx5pT9AlBOBILkVPdquixeyLvaL45rUd
x-goog-generation: 1662291096576502
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 97006
x-goog-hash: crc32c=cP6rPg==, md5=cHzYdZFLhO0KtH/SFwBqJw==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Fri, 09 Sep 2022 21:22:33 GMT
cache-control: public, max-age=14400
age: 89
last-modified: Sun, 04 Sep 2022 11:31:36 GMT
etag: W/"707cd875914b84ed0ab47fd217006a27"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JT6eJNQTk961KS94FfZkIcrVFhCnDsBqgeM1d533vIKFl47VuJ3F%2Fb2A0bChyAdMXXkBI4HPwDO1w8TOw5OWVT2%2FCTlmdsl3It0hRrFjPhwfK3WtNSlOcP68qHP5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7482a73d0db7b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ashcdn.com/script/atg.js
172.67.173.137200 OK 0 B IP 172.67.173.137:0
GET /script/atg.js HTTP/1.1
Host: ashcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 20:25:27 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdsYeMqd1h5xQQ8mpDKYtDFSfEcoFRndqO0Lhz4JeNqWUKIBGJyxBwgvyViDBSmCnx5pT9AlBOBILkVPdquixeyLvaL45rUd
x-goog-generation: 1662291096576502
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 97006
x-goog-hash: crc32c=cP6rPg==, md5=cHzYdZFLhO0KtH/SFwBqJw==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Fri, 09 Sep 2022 20:20:09 GMT
cache-control: public, max-age=14400
age: 680
last-modified: Sun, 04 Sep 2022 11:31:36 GMT
etag: W/"707cd875914b84ed0ab47fd217006a27"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JZCCxFexHdYmraJTEeTOkxn2vd8fOvmIaP%2BTiQRHaqjBusyZZejYpLCGrYhTmlRjoCZuLSCoKChP%2FSebv6eRHhrQE%2BtGCskb43%2BqpLXp8FBffhlVoF4DRZEJPDVF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7482a73d0d2ab529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
scemga.com/video/keyboard.mp4
162.0.232.190206 Partial Content 0 B URL HTTP/2 scemga.com/video/keyboard.mp4
IP 162.0.232.190:0
GET /video/keyboard.mp4 HTTP/1.1
Host: scemga.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Referer: https://scemga.com/
Range: bytes=0-
Connection: keep-alive
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
content-type: video/mp4
last-modified: Fri, 09 Sep 2022 15:33:28 GMT
content-range: bytes 0-878180/878181
content-length: 878181
date: Fri, 09 Sep 2022 20:25:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
lightingstipulate.com/79058c42da72db7016303f55ac74fc51/invoke.js
192.243.59.12200 OK 0 B URL HTTP/1.1 lightingstipulate.com/79058c42da72db7016303f55ac74fc51/invoke.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert quad9 Sinkholed
GET /79058c42da72db7016303f55ac74fc51/invoke.js HTTP/1.1
Host: lightingstipulate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 09 Sep 2022 20:25:28 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c7f8b639f3d5e827c0475d7eb5eb2732
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip