linkfly.to/vidwo8d?_branch_match_id=1097963025624620187&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXN00szzfXSywo0MvJzMvWDwgPjTDI8KtML0kCAJy9jaUiAAAA
172.67.148.232301 Moved Permanently 0 B URL HTTP/1.1 linkfly.to/vidwo8d?_branch_match_id=1097963025624620187&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXN00szzfXSywo0MvJzMvWDwgPjTDI8KtML0kCAJy9jaUiAAAA
IP 172.67.148.232:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /vidwo8d?_branch_match_id=1097963025624620187&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXN00szzfXSywo0MvJzMvWDwgPjTDI8KtML0kCAJy9jaUiAAAA HTTP/1.1
Host: linkfly.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 12 Sep 2022 20:04:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 12 Sep 2022 21:04:05 GMT
Location: https://linkfly.to/vidwo8d?_branch_match_id=1097963025624620187&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXN00szzfXSywo0MvJzMvWDwgPjTDI8KtML0kCAJy9jaUiAAAA
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vyMIR0seL%2FRl5p%2FaePeAUyB8kh3LXXAolbS6%2BQDMfa8HM8qfVKODKnoBewbbMWF7MDGc6uwz49Zeol3Ri8azx2RKW%2B8QmBppAB8QSIBohn1ysxO7xIV96D4fX1k2"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749b400d1c84b52d-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 12 Sep 2022 19:08:18 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 7maIfct6TN-pong387LVKh8UTTmmW9ifQdabcud3hHpHmrFj8lAGlA==
Age: 3347
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 76d5eb597558e3dee0d99719d17e71e0
f3a0f3932fa8059f27dc9422d523b938fa9a7d09
d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4120
Expires: Mon, 12 Sep 2022 21:12:45 GMT
Date: Mon, 12 Sep 2022 20:04:05 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 12 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Xlu_Bun9EihTHgXaYdtg_XTnVkEBWYf7xVzBE5bhOMxEAngDNhGwdA==
age: 46013
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 20:04:05 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Mon, 12 Sep 2022 19:56:07 GMT
Expires: Mon, 12 Sep 2022 20:36:03 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: zIwieae4chFsSPTKLQJDvetvk-PF5yuOXmgDlEFLk0woIbK8sI1THA==
Age: 478
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cb674936db4af4be99c3c397eff8c6ae
de79d76bac3fae5799b0ff35ecc19360595dfb06
992b884b64f9f6fdb76a6ba91c48fed329325b95b99d8003b282879a52093c08
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4589
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 20:04:06 GMT
Last-Modified: Mon, 12 Sep 2022 18:47:37 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash b04d2ad6f3f2222a94ac97e6bd0a14aa
5ac023836b023a50598f4af71a200dab2017ece4
f3c38423138b30e0dbfa854103bbec5fb9b324b8a91cb91e9f61aa307450706f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 20:04:06 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2022 15:01:53 GMT
Expires: Thu, 15 Sep 2022 15:01:52 GMT
Etag: "5ac023836b023a50598f4af71a200dab2017ece4"
Cache-Control: max-age=240465,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 749b401338090af6-OSL
linkfly.to/vidwo8d?_branch_match_id=1097963025624620187&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXN00szzfXSywo0MvJzMvWDwgPjTDI8KtML0kCAJy9jaUiAAAA
104.21.39.217302 Found 1.9 kB URL HTTP/2 linkfly.to/vidwo8d?_branch_match_id=1097963025624620187&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXN00szzfXSywo0MvJzMvWDwgPjTDI8KtML0kCAJy9jaUiAAAA
IP 104.21.39.217:0
Hash 4f4c25ec6b9b632fa32d7bd069b8a430
fd6a873495367e4e59f0942364d998c7b03fa3e0
90e8fd6a3094bb81499933eda85e411871b7cc0d2047c6cc90bb214bf8692089
GET /vidwo8d?_branch_match_id=1097963025624620187&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXN00szzfXSywo0MvJzMvWDwgPjTDI8KtML0kCAJy9jaUiAAAA HTTP/1.1
Host: linkfly.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Mon, 12 Sep 2022 20:04:05 GMT
content-type: text/html; charset=utf-8
location: https://scemga.com
x-frame-options: SAMEORIGIN
vary: Accept-Language
content-language: en
x-content-type-options: nosniff, nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS,DELETE
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KJkWnatQkl6RUPi2f6ldR410wnMhBM9YjtDeRV6IKe8Cusi2pOCM5PfBG0edmhv1ZE678U0JQWGlANH5%2Byer8C3D49TE2R2VsFFtaEve%2BCvsBRgB6YQW%2BXbQ2f4B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 749b400ebe4f1c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.89.255.30101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.255.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: PJzuD+0guVBTf5iaTCmeeg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Uct/CN74Aqexd5BumQ8adj/WC5E=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6526c70eb74c821b7a95487ad9a4e13d
0b8c610a7755437ab815b845f52cbb27e6c95008
059d15ca6ac7cb1830286ae635731e03b56c01d7d050291dabe2b3f3db866c9a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 20:04:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c3d8032059a24d14d00c2ee5d8840c01
62efae1ea6aaea612a12d42b6e5b65d24be11437
2319fe90c8b4d3cc41ec9cce275c82d19fb764015196bd1c52dfb9c5d85b9b0b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 20:04:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ff30dae5ba7732dd4088ec26f746075f
3bde4e7cc4c91bafefc2fe0caceb9c510350cc39
be71d0660a6cd7119459d95cd6ebba5823bf47f1ef5a6b642ee28c06b167fb8d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE71D0660A6CD7119459D95CD6EBBA5823BF47F1EF5A6B642EE28C06B167FB8D"
Last-Modified: Sun, 11 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8814
Expires: Mon, 12 Sep 2022 22:31:00 GMT
Date: Mon, 12 Sep 2022 20:04:06 GMT
Connection: keep-alive
www.googletagmanager.com/gtag/js?id=G-LR61DG565G
142.250.74.72200 OK 74 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-LR61DG565G
IP 142.250.74.72:0
File type ASCII text, with very long lines (17807)
Hash 41354c1934fe904b4ba79a5689a1d7d9
efc69cbf02e85d0973cccca30448ac3a27d7c603
472550c201fb06ca320e198b21fd2df61d959015190831ddab2effb20a58d0b7
GET /gtag/js?id=G-LR61DG565G HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 12 Sep 2022 20:04:06 GMT
expires: Mon, 12 Sep 2022 20:04:06 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74266
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash bff3a3f3f4f889b08163e7d307438790
c430c7c151973fa0e63ddf52e5624e1ce2282161
bce7d12a2343d8e43fbd05522fe82807ed48933a984aa113c284267364981750
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 20:04:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ec7a5bb8e310f5c9c992cf85832d5445
e32b8e200a79da9008985e8e6c272f35b02581c5
6391e4c68631e272509ade559b8f568b03dd88be1956906332ae584f9faee00a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 20:04:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
scemga.com/css/video-js.css
162.0.232.190200 OK 9.5 kB URL HTTP/2 scemga.com/css/video-js.css
IP 162.0.232.190:0
File type ASCII text, with very long lines (5636)
Hash f7102e2d30f01f9a4de439e15e10a710
95bd7de9db2cc7c946c8a44bc903b159311659ea
55bfa37a7bb0139098fef27b8f1e94c88dfcf49babcc446487cdc5242ed32511
GET /css/video-js.css HTTP/1.1
Host: scemga.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://scemga.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 19 Sep 2022 20:04:06 GMT
content-type: text/css
last-modified: Wed, 07 Nov 2018 23:58:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9453
date: Mon, 12 Sep 2022 20:04:06 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
scemga.com/css/estilos.css
162.0.232.190200 OK 515 B URL HTTP/2 scemga.com/css/estilos.css
IP 162.0.232.190:0
Hash 182325a44bd1f9850c9c73a197244dbf
d0e51cd90607416dd6b9f625b95bd8412d066b0e
d9fc608b7d1678a023676ab2c7fad5f844bc458b321b67260679163cf1c5ad3c
GET /css/estilos.css HTTP/1.1
Host: scemga.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://scemga.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 19 Sep 2022 20:04:06 GMT
content-type: text/css
last-modified: Mon, 27 Jun 2022 01:40:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 515
date: Mon, 12 Sep 2022 20:04:06 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
counter9.stat.ovh/private/contadorvisitasgratis.php?c=p9tpjma4ce67tky621bm7rwdpq4m2xyc
37.187.129.45200 OK 4.7 kB URL HTTP/1.1 counter9.stat.ovh/private/contadorvisitasgratis.php?c=p9tpjma4ce67tky621bm7rwdpq4m2xyc
IP 37.187.129.45:0
File type PNG image data, 357 x 51, 8-bit/color RGBA, non-interlaced\012- data
Hash 5d7bcb6be33ad6a209c0c615042e5029
e364320806bcdfa2e8f7b2d083dddfdfcd052618
a555c654a5c4002a3b5b22d74406f49a1966e8645a681bb3ecb76b59dd2dc256
GET /private/contadorvisitasgratis.php?c=p9tpjma4ce67tky621bm7rwdpq4m2xyc HTTP/1.1
Host: counter9.stat.ovh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 20:04:06 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
X-Powered-By: PHP/5.4.16
Connection: close
Transfer-Encoding: chunked
Content-Type: image/png
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 4883787b7e994a8b281dcd6940065b2c
ae8bc94c6f526ba8f402f90a6752ee473cd3cfc8
61eb53f0d16fcb57155d873503cb3e2e91a6e3de33a24b59565a8ce6464bfe41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61EB53F0D16FCB57155D873503CB3E2E91A6E3DE33A24B59565A8CE6464BFE41"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21594
Expires: Tue, 13 Sep 2022 02:04:01 GMT
Date: Mon, 12 Sep 2022 20:04:07 GMT
Connection: keep-alive
lightingstipulate.com/79058c42da72db7016303f55ac74fc51/invoke.js
192.243.61.225200 OK 9.3 kB URL HTTP/1.1 lightingstipulate.com/79058c42da72db7016303f55ac74fc51/invoke.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (25096), with no line terminators
Hash d8dfa387563260f248f027611a073390
84caa6e159731648f8c4af497e375d1bb675c736
1570eb7e793708fbc7a910da0147f6ba302aec8bf455680facaf8f54b899b4b7
Analyzer Verdict Alert quad9 Sinkholed
GET /79058c42da72db7016303f55ac74fc51/invoke.js HTTP/1.1
Host: lightingstipulate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 12 Sep 2022 20:04:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a12c413020c2238b7d0936564dcdcd16
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
scemga.com/nube.png
162.0.232.190200 OK 20 kB IP 162.0.232.190:0
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash 8579e1c93db46f448176ca50eb2f1e7a
b1497db18e40758ff0e534f33486996076e3039b
875afae48a726638ebfa37894858353b5e42364d6b9e18ba6c16d5d2577d335c
GET /nube.png HTTP/1.1
Host: scemga.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://scemga.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 19 Sep 2022 20:04:03 GMT
content-type: image/png
last-modified: Mon, 12 Sep 2022 03:50:22 GMT
accept-ranges: bytes
content-length: 20155
date: Mon, 12 Sep 2022 20:04:03 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18869
Expires: Tue, 13 Sep 2022 01:18:36 GMT
Date: Mon, 12 Sep 2022 20:04:07 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18869
Expires: Tue, 13 Sep 2022 01:18:36 GMT
Date: Mon, 12 Sep 2022 20:04:07 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18869
Expires: Tue, 13 Sep 2022 01:18:36 GMT
Date: Mon, 12 Sep 2022 20:04:07 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18869
Expires: Tue, 13 Sep 2022 01:18:36 GMT
Date: Mon, 12 Sep 2022 20:04:07 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18869
Expires: Tue, 13 Sep 2022 01:18:36 GMT
Date: Mon, 12 Sep 2022 20:04:07 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e407da4d97d497925b1ab523fd416787
166741631fb93d109b18dde6d316b3fa3276aa8f
707460c02438da6114e35e0b6569d42c0f3fb747f8cb51002f4d52bedbcffa61
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8485
x-amzn-requestid: a56c9282-2786-4ae7-9fc2-0468bcc820a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ1k_FM1oAMFZ2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d02ec-753cc4f121c9b77d22bb82b5;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:34:36 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Mfmj40aUc8l5RPk56M-pbqTwhde_HzYcmN5MDrfv-WFPhbpoShWYNw==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 22:16:58 GMT
age: 78429
etag: "166741631fb93d109b18dde6d316b3fa3276aa8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:300,400
142.250.74.10200 OK 7.6 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:300,400
IP 142.250.74.10:0
Hash 6c07dc736b8be526441ac73c892a8fc7
72a8afc26d0504ad672a59f3c079340f9a08439b
ad5265d8eccd6ce76540e4aa4930893a8b44e705e33700e8f1e1536ec9eeb143
GET /css?family=Open+Sans:300,400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 12 Sep 2022 20:04:06 GMT
date: Mon, 12 Sep 2022 20:04:06 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6174529fff57758e958da5432344962f
05ec2076b32398d60ee77fab8c14345bc7dfe647
65284a76355864efa944dff5033575013c6d74a019a7b731e0236603f2f656a7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9466
x-amzn-requestid: ba3f7eac-61c9-4b5f-ae8a-b372906a25ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YOTeoHMKoAMFr5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bff90-1e70e2c444242a2d46387986;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 03:08:00 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: -SwaUjMInlOaGpH6yK1W1a57QCQMgY-l43RdUfKVtZA1zJzMrLzC6g==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 f7283f3fe2c258cf54f8b7d3dd272e0e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 04:04:42 GMT
age: 57565
etag: "05ec2076b32398d60ee77fab8c14345bc7dfe647"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a938fd0-09b1-4550-89f4-e81e9c6a8737.jpeg
34.120.237.76200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a938fd0-09b1-4550-89f4-e81e9c6a8737.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b674daf3dc6e85ed054ab34d69979b86
47aaf5a3af2c25820d01d613c82b7f1279a298fc
7b9993ef69d4b77c1533ada040c85563b9cf7b1f5d007177c005f6cd7fdba1d3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a938fd0-09b1-4550-89f4-e81e9c6a8737.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4162
x-amzn-requestid: 9dc27e34-69e1-439d-8974-1297584ef4d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YSIhuHlWIAMFhOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d87a4-410e9ede524aa657609a057a;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 07:00:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: UxATqmWDCTwVqA3ORIXXObWZZj158TSRUoaAr48b08sxdAxBicw5zA==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 07:27:45 GMT
age: 45382
etag: "47aaf5a3af2c25820d01d613c82b7f1279a298fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c14088c4ca0d576e087feed41b7f1565
172b23f2ef39b6c3fdebb5441b10a95712206d0a
2699efa811ceac5420f5bd26c35a6f48b51854e29cbce7cbb62efb613db7d6b9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8799
x-amzn-requestid: 1bcdf387-9ad2-449a-861e-3352b1744d23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUI-0G6vIAMFgbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e552b-42aa46af6315148106c4fdee;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:37:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: g2mxKK8L5T4YkeD8JqNUuV_KfsIq8ypRMvxhsyzSZSEIP4gDl4zLVQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:41:51 GMT
age: 80536
etag: "172b23f2ef39b6c3fdebb5441b10a95712206d0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 239262b6ab17cb19414c35cd4f761092
48eddcf9838e980e67cc8f9cbb05b475df2f0331
cd27cbce632d769288d9c33c5c8e887ba02df5677f10f7a6d03139b590ba24b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9815
x-amzn-requestid: 89243e57-94eb-4c6b-903f-aa01df030ecc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUIxnEAjoAMF_Ig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e54d6-199403e2695b214711f5117f;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:36:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PWOeca9JRnIgEymeLVyqTBucBJ0j6OS9Rmqwd4CcAKixqo0zvb452w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:48:14 GMT
age: 80153
etag: "48eddcf9838e980e67cc8f9cbb05b475df2f0331"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
scemga.com/js/video.js
162.0.232.190200 OK 388 kB IP 162.0.232.190:0
File type ASCII text, with very long lines (491)
Size 388 kB (387652 bytes)
Hash 7169837f02c644469e7713267d71d5f3
3ca313c80300ed53312e64e6fb9dff1224fb1824
d82160a0bc997978978b8d6d5524b3dc7e5814e469919a4028c517a9947546d8
GET /js/video.js HTTP/1.1
Host: scemga.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://scemga.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 19 Sep 2022 20:04:06 GMT
content-type: application/javascript
last-modified: Wed, 07 Nov 2018 23:58:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 387652
date: Mon, 12 Sep 2022 20:04:06 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bd7b5eb635d48acf1428c326eaa892a1
ba9f6c0db831a88b7d6dbdd98f19e76b4b501258
557466a3b642e90e352898073ff23f6a034c3b233e8aee0f0f69cd6ca83d49f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 20:04:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.163200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://scemga.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 08:31:01 GMT
expires: Wed, 06 Sep 2023 08:31:01 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
age: 559987
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bd7b5eb635d48acf1428c326eaa892a1
ba9f6c0db831a88b7d6dbdd98f19e76b4b501258
557466a3b642e90e352898073ff23f6a034c3b233e8aee0f0f69cd6ca83d49f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 20:04:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lightingstipulate.com/9935cef1b3bb2b1a4bb4c4b36a250640/invoke.js
192.243.61.225200 OK 9.8 kB URL HTTP/1.1 lightingstipulate.com/9935cef1b3bb2b1a4bb4c4b36a250640/invoke.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26949), with no line terminators
Hash 5c949fda31dad827adee517ccb1ea40c
d44fec9098cdda8ab2ae7de3d7533a8e0d5f5ffc
84ed58e5a2104af360972e38e7c7dbff0228b7d2ef17fb3ad74d0b0c4780dfb6
Analyzer Verdict Alert quad9 Sinkholed
GET /9935cef1b3bb2b1a4bb4c4b36a250640/invoke.js HTTP/1.1
Host: lightingstipulate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 12 Sep 2022 20:04:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c5d426c0928e567d52f17655a501f9b1
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 349efb77dc286c5653310b0358a6221c
b943ed167db03fc167d8811af5b227b2a9fb9191
4f24854f12c2afa74b77b523fa34a78cc756ead857140680c1e76eb7668305a7
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 12 Sep 2022 20:04:08 GMT
Last-Modified: Mon, 12 Sep 2022 18:25:04 GMT
Server: ECS (nyb/1D06)
X-Cache: Miss from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: RM1FQhFmDnpxmqXpbCJXedeiCf9MCIlajPYK5dg12gs42-J_-knqPg==
Age: 5944
lightingstipulate.com/266a36cd73aff36a5161bebe0973d5be/invoke.js
192.243.61.225200 OK 9.8 kB URL HTTP/1.1 lightingstipulate.com/266a36cd73aff36a5161bebe0973d5be/invoke.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26941), with no line terminators
Hash c66558bd1fed5ad6e66579044f0beb52
3c9048247e2d89390e41210afc052380df8cf618
2e34536e7fd2e98f651e4843b4c9b6901ebe8f3d448f9741696e56280691f754
Analyzer Verdict Alert quad9 Sinkholed
GET /266a36cd73aff36a5161bebe0973d5be/invoke.js HTTP/1.1
Host: lightingstipulate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 12 Sep 2022 20:04:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 08ea8b23322d8886874f44b462ca6e0a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
simplewebanalysis.com/stats
52.28.172.243200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.172.243:0
File type ASCII text, with no line terminators
Hash ce15ce44b207e8bed18a9b5f651dacd6
25835992d9c0da9d2ed6842e9da2866618eeebdc
227abd718470dc3aaa74e2c185ef061254c6cc688269233dcc28095549d5f974
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://scemga.com
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 20:04:08 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://scemga.com
access-control-allow-credentials: true
set-cookie: uid_id2=a79572d6-e488-4ffa-af3d-329be5d67d1b:1:1; expires=Thu, 09 Sep 2032 20:04:08 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.28.172.243200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.172.243:0
File type ASCII text, with no line terminators
Hash 84607b8d7a9dc23235093c4bd0edaa48
98f991eba57457aa82a4a763b3cc252c494f15ef
1b2a6cc902d12a225a2a60651482ca877c6851a59611a43cdc37e5e41cee5f72
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://scemga.com
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 20:04:08 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://scemga.com
access-control-allow-credentials: true
set-cookie: uid_id2=cfa4e371-e494-494c-ad0e-1d5196fcfcde:1:1; expires=Thu, 09 Sep 2032 20:04:08 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
lightingstipulate.com/4410ffd8c93e6372e161f4b0a12f2ccd/invoke.js
192.243.61.225200 OK 9.8 kB URL HTTP/1.1 lightingstipulate.com/4410ffd8c93e6372e161f4b0a12f2ccd/invoke.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26937), with no line terminators
Hash 8b3e5bfb8c37c7933d1b1ade18460532
858b87dd635a1dc8a1ec1258230e9cb47a785bd9
8f09b22d90eb6fbde7a7cd8db5585991e8f831cd4f7f889c6ec34ee8108657b5
Analyzer Verdict Alert quad9 Sinkholed
GET /4410ffd8c93e6372e161f4b0a12f2ccd/invoke.js HTTP/1.1
Host: lightingstipulate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 12 Sep 2022 20:04:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1caaeb4f356d5073a25a3b7bc2c5a5d1
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
lightingstipulate.com/4410ffd8c93e6372e161f4b0a12f2ccd/invoke.js
192.243.61.225200 OK 9.8 kB URL HTTP/1.1 lightingstipulate.com/4410ffd8c93e6372e161f4b0a12f2ccd/invoke.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26961), with no line terminators
Hash 352345af24046b67fb921c43bde72b06
3b35cf35236e203d0a8ab4f2dc4dbe7af42eda5e
e326853a87bafa2caa9f54645dd7b47432106355aace2e6de2a26ee49206b4ba
Analyzer Verdict Alert quad9 Sinkholed
GET /4410ffd8c93e6372e161f4b0a12f2ccd/invoke.js HTTP/1.1
Host: lightingstipulate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 12 Sep 2022 20:04:09 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 424a05c6c49970b154f2807c5ae30a2b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b065ea0014fa40d876db87b6c7985b87
383158fd96fc2cbd7ee7a252489b34957697f2bf
36b2d1e08fbf924d8f196ba80e031f2f0e86d0725f0bf270ab4a4cf3734fb399
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36B2D1E08FBF924D8F196BA80E031F2F0E86D0725F0BF270AB4A4CF3734FB399"
Last-Modified: Mon, 12 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3793
Expires: Mon, 12 Sep 2022 21:07:22 GMT
Date: Mon, 12 Sep 2022 20:04:09 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5dc25adbca638e4a493bb2f9bdccd722
18168b8a51f6ab9e331eade0e76cffeb649eaf4b
502928763c74d2aea7774a18a586c69b9c2d7a1cc50e276f1366abfc3473aaa1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "502928763C74D2AEA7774A18A586C69B9C2D7A1CC50E276F1366ABFC3473AAA1"
Last-Modified: Mon, 12 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5583
Expires: Mon, 12 Sep 2022 21:37:12 GMT
Date: Mon, 12 Sep 2022 20:04:09 GMT
Connection: keep-alive
lightingstipulate.com/4410ffd8c93e6372e161f4b0a12f2ccd/invoke.js
192.243.61.225200 OK 9.8 kB URL HTTP/1.1 lightingstipulate.com/4410ffd8c93e6372e161f4b0a12f2ccd/invoke.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26937), with no line terminators
Hash 8b3e5bfb8c37c7933d1b1ade18460532
858b87dd635a1dc8a1ec1258230e9cb47a785bd9
8f09b22d90eb6fbde7a7cd8db5585991e8f831cd4f7f889c6ec34ee8108657b5
Analyzer Verdict Alert quad9 Sinkholed
GET /4410ffd8c93e6372e161f4b0a12f2ccd/invoke.js HTTP/1.1
Host: lightingstipulate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 12 Sep 2022 20:04:09 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 87ee11fcd4f156ad7d8334015f0bd091
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
scemga.com/video/keyboard.mp4
162.0.232.190206 Partial Content 49 kB URL HTTP/2 scemga.com/video/keyboard.mp4
IP 162.0.232.190:0
File type ISO Media, Apple QuickTime movie, Apple QuickTime (.MOV/QT)\012- data
Hash ca643c31925fe22bb4ee2a86c1ed39a9
cb617a3924a86206460b27d8b234b75af76d8c9b
36b1228252b447d642415dd74b6c3dbe9ff2e0cbc01360b43bdee1d9b24ec4b8
GET /video/keyboard.mp4 HTTP/1.1
Host: scemga.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Referer: https://scemga.com/
Range: bytes=0-
Connection: keep-alive
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
content-type: video/mp4
last-modified: Sat, 10 Sep 2022 03:47:50 GMT
content-range: bytes 0-232157/232158
content-length: 232158
date: Mon, 12 Sep 2022 20:04:08 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 279e23966ec0a262edc36219bb30ee6c
147d0e5f83e627e5a8e09247bef080fadedeadd0
295d242f1b8c87609e303484b44114b2d21fdf4f8de8539f0876081eddd29231
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "295D242F1B8C87609E303484B44114B2D21FDF4F8DE8539F0876081EDDD29231"
Last-Modified: Sun, 11 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16677
Expires: Tue, 13 Sep 2022 00:42:06 GMT
Date: Mon, 12 Sep 2022 20:04:09 GMT
Connection: keep-alive
lockfireshimself.com/watch.710955423134.js?key=9935cef1b3bb2b1a4bb4c4b36a250640&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=a79572d6-e488-4ffa-af3d-329be5d67d1b%3A1%3A1
173.233.137.36307 Temporary Redirect 0 B URL HTTP/1.1 lockfireshimself.com/watch.710955423134.js?key=9935cef1b3bb2b1a4bb4c4b36a250640&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=a79572d6-e488-4ffa-af3d-329be5d67d1b%3A1%3A1
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.710955423134.js?key=9935cef1b3bb2b1a4bb4c4b36a250640&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=a79572d6-e488-4ffa-af3d-329be5d67d1b%3A1%3A1 HTTP/1.1
Host: lockfireshimself.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://scemga.com
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Mon, 12 Sep 2022 20:04:09 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://scemga.com
Access-Control-Allow-Origin: https://scemga.com
Access-Control-Allow-Credentials: true
Location: https://lockfireshimself.com/watch.710955423134.js?key=9935cef1b3bb2b1a4bb4c4b36a250640&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=a79572d6-e488-4ffa-af3d-329be5d67d1b%3A1%3A1&shu=0d4f4a4ec56dd417a9187bdfc618db8e4cca372adf47fb594b4742205d4c2642b0b97fc546034dbc376488b7d9ab4519d3b7006179de4d83058c158f71b43ad20b29f4c9f5ec2502063be5405ed31b7d0bd709132320c4b3c349e9f3d747ae0dd4491f&pst=1663013109&rmtc=t
Set-Cookie: u_pl=16430306; expires=Tue, 13 Sep 2022 20:04:09 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjQzMDMwNiwiayI6Ijk5MzVjZWYxYjNiYjJiMWE0YmI0YzRiMzZhMjUwNjQwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjA0Mzk1LCJwaWQiOjMzODk3MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozMSwiYWlkIjoyNywicHQiOjQsInBrIjoibTR2NXpobWYiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vc2NlbWdhLmNvbS8ifX0.xtjr82NOoz6Cget8zOhvlDYGN1eO9y8kKchioWQkKDQ; expires=Mon, 12 Sep 2022 20:05:09 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 36956271402eb0a934e7fe2acf545278
Strict-Transport-Security: max-age=0; includeSubdomains
lightingstipulate.com/4410ffd8c93e6372e161f4b0a12f2ccd/invoke.js
192.243.61.225200 OK 9.8 kB URL HTTP/1.1 lightingstipulate.com/4410ffd8c93e6372e161f4b0a12f2ccd/invoke.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26949), with no line terminators
Hash 5c949fda31dad827adee517ccb1ea40c
d44fec9098cdda8ab2ae7de3d7533a8e0d5f5ffc
84ed58e5a2104af360972e38e7c7dbff0228b7d2ef17fb3ad74d0b0c4780dfb6
Analyzer Verdict Alert quad9 Sinkholed
GET /4410ffd8c93e6372e161f4b0a12f2ccd/invoke.js HTTP/1.1
Host: lightingstipulate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 12 Sep 2022 20:04:09 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f33faa8c2ab586aa57890c44d9e6f83b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
reapinject.com/watch.877513110519.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=cfa4e371-e494-494c-ad0e-1d5196fcfcde%3A1%3A1
192.243.61.225307 Temporary Redirect 0 B URL HTTP/1.1 reapinject.com/watch.877513110519.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=cfa4e371-e494-494c-ad0e-1d5196fcfcde%3A1%3A1
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.877513110519.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=cfa4e371-e494-494c-ad0e-1d5196fcfcde%3A1%3A1 HTTP/1.1
Host: reapinject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://scemga.com
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.22.0
Date: Mon, 12 Sep 2022 20:04:09 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://scemga.com
Access-Control-Allow-Origin: https://scemga.com
Access-Control-Allow-Credentials: true
Location: https://reapinject.com/watch.877513110519.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=cfa4e371-e494-494c-ad0e-1d5196fcfcde%3A1%3A1&shu=dbff87d2ff538072ee41291585b2bb193347ec4c0d9fdcf867b1a13e0d44e8f5a1a03965dccf7fb7440515f22c565891859a554d33f4a99508d6dc1d5f26703a426a7b7cb6abd019bcc82969b9d57ebdf063c507&pst=1663013109&rmtc=t
Set-Cookie: u_pl=16429610; expires=Tue, 13 Sep 2022 20:04:09 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjQyOTYxMCwiayI6IjQ0MTBmZmQ4YzkzZTYzNzJlMTYxZjRiMGExMmYyY2NkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjA0Mzk1LCJwaWQiOjMzODk3MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJqMTBlaGprcSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9zY2VtZ2EuY29tLyJ9fQ.9uehDUanOVklfpY1wzpKxn6HnAxwRF_H-v0BDTutXI0; expires=Mon, 12 Sep 2022 20:05:09 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b5014ff7ebcdbcea83443d4b513545aa
Strict-Transport-Security: max-age=0; includeSubdomains
forgerylimit.com/watch.641546324693.js?key=266a36cd73aff36a5161bebe0973d5be&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=cfa4e371-e494-494c-ad0e-1d5196fcfcde%3A1%3A1
173.233.137.44307 Temporary Redirect 0 B URL HTTP/1.1 forgerylimit.com/watch.641546324693.js?key=266a36cd73aff36a5161bebe0973d5be&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=cfa4e371-e494-494c-ad0e-1d5196fcfcde%3A1%3A1
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.641546324693.js?key=266a36cd73aff36a5161bebe0973d5be&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=cfa4e371-e494-494c-ad0e-1d5196fcfcde%3A1%3A1 HTTP/1.1
Host: forgerylimit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://scemga.com
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Mon, 12 Sep 2022 20:04:09 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://scemga.com
Access-Control-Allow-Origin: https://scemga.com
Access-Control-Allow-Credentials: true
Location: https://forgerylimit.com/watch.641546324693.js?key=266a36cd73aff36a5161bebe0973d5be&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=cfa4e371-e494-494c-ad0e-1d5196fcfcde%3A1%3A1&shu=d44d79820ee60b9f9f1c651ace0ee37106d97894181b187d3ba33c1d01e5514c3156e86b8933a511f1ea336a1daadbc62b7fdad0e2d7ee56eceabc1903ec8912c3d9e9ea63c26737e76d1123fbca906a4751d111db23cdac082194dc9a81&pst=1663013109&rmtc=t
Set-Cookie: u_pl=16429602; expires=Tue, 13 Sep 2022 20:04:09 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjQyOTYwMiwiayI6IjI2NmEzNmNkNzNhZmYzNmE1MTYxYmViZTA5NzNkNWJlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjA0Mzk1LCJwaWQiOjMzODk3MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozMSwiYWlkIjozMiwicHQiOjQsInBrIjoiZXRwOHdjdWMiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vc2NlbWdhLmNvbS8ifX0.6y_kUR8S_WinywlQ4Tf1nGEIxVsWyxYXXw0XMOi2y2g; expires=Mon, 12 Sep 2022 20:05:09 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d1a99682b184851f540c018e9af44ed5
Strict-Transport-Security: max-age=0; includeSubdomains
graduatewonderentreaty.com/watch.1069369306970.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=cfa4e371-e494-494c-ad0e-1d5196fcfcde%3A1%3A1
173.233.137.44307 Temporary Redirect 0 B URL HTTP/1.1 graduatewonderentreaty.com/watch.1069369306970.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=cfa4e371-e494-494c-ad0e-1d5196fcfcde%3A1%3A1
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1069369306970.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=cfa4e371-e494-494c-ad0e-1d5196fcfcde%3A1%3A1 HTTP/1.1
Host: graduatewonderentreaty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://scemga.com
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Mon, 12 Sep 2022 20:04:09 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://scemga.com
Access-Control-Allow-Origin: https://scemga.com
Access-Control-Allow-Credentials: true
Location: https://graduatewonderentreaty.com/watch.1069369306970.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=cfa4e371-e494-494c-ad0e-1d5196fcfcde%3A1%3A1&shu=95aaa2cb596fe98cd185dbb5a95fbc4fce2589b1f2e58d9004fdc11b842b395b0dcc11a64344140d43de3be6a3b38221ee5ec1bdd247d244fb4dcd8012832e18adf0eb5a293022ff9a8649383f88d7ee74a3f73f06821a6859c26c26092777af667c2555&pst=1663013109&rmtc=t
Set-Cookie: u_pl=16429610; expires=Tue, 13 Sep 2022 20:04:09 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjQyOTYxMCwiayI6IjQ0MTBmZmQ4YzkzZTYzNzJlMTYxZjRiMGExMmYyY2NkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjA0Mzk1LCJwaWQiOjMzODk3MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJqMTBlaGprcSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9zY2VtZ2EuY29tLyJ9fQ.9uehDUanOVklfpY1wzpKxn6HnAxwRF_H-v0BDTutXI0; expires=Mon, 12 Sep 2022 20:05:09 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 587382e8faabc00e5a3b9055b18866fa
Strict-Transport-Security: max-age=0; includeSubdomains
lockfireshimself.com/watch.710955423134.js?key=9935cef1b3bb2b1a4bb4c4b36a250640&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=a79572d6-e488-4ffa-af3d-329be5d67d1b%3A1%3A1&shu=0d4f4a4ec56dd417a9187bdfc618db8e4cca372adf47fb594b4742205d4c2642b0b97fc546034dbc376488b7d9ab4519d3b7006179de4d83058c158f71b43ad20b29f4c9f5ec2502063be5405ed31b7d0bd709132320c4b3c349e9f3d747ae0dd4491f&pst=1663013109&rmtc=t
173.233.137.36200 OK 2.1 kB URL HTTP/1.1 lockfireshimself.com/watch.710955423134.js?key=9935cef1b3bb2b1a4bb4c4b36a250640&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=a79572d6-e488-4ffa-af3d-329be5d67d1b%3A1%3A1&shu=0d4f4a4ec56dd417a9187bdfc618db8e4cca372adf47fb594b4742205d4c2642b0b97fc546034dbc376488b7d9ab4519d3b7006179de4d83058c158f71b43ad20b29f4c9f5ec2502063be5405ed31b7d0bd709132320c4b3c349e9f3d747ae0dd4491f&pst=1663013109&rmtc=t
IP 173.233.137.36:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (2628)
Hash 6ca69d02de9bc861fbb1758920de9908
d755895d1a7a4986ebd6008e9a163f8179b3da1c
7580c29adde8a8f13285637b8e6c2af9c11b80d2f6a4759cacd0eb38be958b6e
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.710955423134.js?key=9935cef1b3bb2b1a4bb4c4b36a250640&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=a79572d6-e488-4ffa-af3d-329be5d67d1b%3A1%3A1&shu=0d4f4a4ec56dd417a9187bdfc618db8e4cca372adf47fb594b4742205d4c2642b0b97fc546034dbc376488b7d9ab4519d3b7006179de4d83058c158f71b43ad20b29f4c9f5ec2502063be5405ed31b7d0bd709132320c4b3c349e9f3d747ae0dd4491f&pst=1663013109&rmtc=t HTTP/1.1
Host: lockfireshimself.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://scemga.com
Referer: https://scemga.com/
Connection: keep-alive
Cookie: u_pl=16430306; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjQzMDMwNiwiayI6Ijk5MzVjZWYxYjNiYjJiMWE0YmI0YzRiMzZhMjUwNjQwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjA0Mzk1LCJwaWQiOjMzODk3MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozMSwiYWlkIjoyNywicHQiOjQsInBrIjoibTR2NXpobWYiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vc2NlbWdhLmNvbS8ifX0.xtjr82NOoz6Cget8zOhvlDYGN1eO9y8kKchioWQkKDQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 12 Sep 2022 20:04:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://scemga.com
Access-Control-Allow-Origin: https://scemga.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=a79572d6-e488-4ffa-af3d-329be5d67d1b:1:1; expires=Mon, 19 Sep 2022 20:04:09 GMT; secure; SameSite=None
iprce5ccc7dc458cbfcbbbf63000535b14e5=3569807; expires=Tue, 13 Sep 2022 00:04:09 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 13 Sep 2022 20:04:09 GMT; secure; SameSite=None
uncs=1; expires=Tue, 13 Sep 2022 20:04:09 GMT; secure; SameSite=None
pdhtkv27=true; expires=Tue, 13 Sep 2022 20:04:09 GMT; secure; SameSite=None
uncs27=1; expires=Tue, 13 Sep 2022 20:04:09 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: be179cdca9039dec99218cd4654ca099
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
lightingstipulate.com/4410ffd8c93e6372e161f4b0a12f2ccd/invoke.js
192.243.61.225200 OK 9.8 kB URL HTTP/1.1 lightingstipulate.com/4410ffd8c93e6372e161f4b0a12f2ccd/invoke.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26947), with no line terminators
Hash 50d9fd211fab19018a76e769e6da0a3c
ca1d22f3e74142a0a722233428f93cbac43c988f
c091f379d65d884407ca971b4637b28d6d441863bbcc1551a3e8d3f9875e0263
Analyzer Verdict Alert quad9 Sinkholed
GET /4410ffd8c93e6372e161f4b0a12f2ccd/invoke.js HTTP/1.1
Host: lightingstipulate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 12 Sep 2022 20:04:09 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 533f1e16af90028fc049a6c8e602805a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
reapinject.com/watch.877513110519.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=cfa4e371-e494-494c-ad0e-1d5196fcfcde%3A1%3A1&shu=dbff87d2ff538072ee41291585b2bb193347ec4c0d9fdcf867b1a13e0d44e8f5a1a03965dccf7fb7440515f22c565891859a554d33f4a99508d6dc1d5f26703a426a7b7cb6abd019bcc82969b9d57ebdf063c507&pst=1663013109&rmtc=t
192.243.61.225200 OK 2.1 kB URL HTTP/1.1 reapinject.com/watch.877513110519.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=cfa4e371-e494-494c-ad0e-1d5196fcfcde%3A1%3A1&shu=dbff87d2ff538072ee41291585b2bb193347ec4c0d9fdcf867b1a13e0d44e8f5a1a03965dccf7fb7440515f22c565891859a554d33f4a99508d6dc1d5f26703a426a7b7cb6abd019bcc82969b9d57ebdf063c507&pst=1663013109&rmtc=t
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (2580)
Hash bb925516d02f7d7ac4d0b27567340c0e
681e3f13b565cc655c563893ee9ec9854dc561f5
55d0eff873bde832199d21e8db7f4b9cb4aaaa28790d5d9c489e42f3d211deb8
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.877513110519.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=cfa4e371-e494-494c-ad0e-1d5196fcfcde%3A1%3A1&shu=dbff87d2ff538072ee41291585b2bb193347ec4c0d9fdcf867b1a13e0d44e8f5a1a03965dccf7fb7440515f22c565891859a554d33f4a99508d6dc1d5f26703a426a7b7cb6abd019bcc82969b9d57ebdf063c507&pst=1663013109&rmtc=t HTTP/1.1
Host: reapinject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://scemga.com
Referer: https://scemga.com/
Connection: keep-alive
Cookie: u_pl=16429610; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjQyOTYxMCwiayI6IjQ0MTBmZmQ4YzkzZTYzNzJlMTYxZjRiMGExMmYyY2NkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjA0Mzk1LCJwaWQiOjMzODk3MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJqMTBlaGprcSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9zY2VtZ2EuY29tLyJ9fQ.9uehDUanOVklfpY1wzpKxn6HnAxwRF_H-v0BDTutXI0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 12 Sep 2022 20:04:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://scemga.com
Access-Control-Allow-Origin: https://scemga.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=cfa4e371-e494-494c-ad0e-1d5196fcfcde:1:1; expires=Mon, 19 Sep 2022 20:04:09 GMT; secure; SameSite=None
iprc9432d38294fe7ecb35904c6861b9fc19=3569806; expires=Tue, 13 Sep 2022 00:04:09 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 13 Sep 2022 20:04:09 GMT; secure; SameSite=None
uncs=1; expires=Tue, 13 Sep 2022 20:04:09 GMT; secure; SameSite=None
pdhtkv5=true; expires=Tue, 13 Sep 2022 20:04:09 GMT; secure; SameSite=None
uncs5=1; expires=Tue, 13 Sep 2022 20:04:09 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5d1a2ca698c8f7b0e38f7fe5bfa1b1bd
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
graduatewonderentreaty.com/watch.1069369306970.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=cfa4e371-e494-494c-ad0e-1d5196fcfcde%3A1%3A1&shu=95aaa2cb596fe98cd185dbb5a95fbc4fce2589b1f2e58d9004fdc11b842b395b0dcc11a64344140d43de3be6a3b38221ee5ec1bdd247d244fb4dcd8012832e18adf0eb5a293022ff9a8649383f88d7ee74a3f73f06821a6859c26c26092777af667c2555&pst=1663013109&rmtc=t
173.233.137.44200 OK 2.1 kB URL HTTP/1.1 graduatewonderentreaty.com/watch.1069369306970.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=cfa4e371-e494-494c-ad0e-1d5196fcfcde%3A1%3A1&shu=95aaa2cb596fe98cd185dbb5a95fbc4fce2589b1f2e58d9004fdc11b842b395b0dcc11a64344140d43de3be6a3b38221ee5ec1bdd247d244fb4dcd8012832e18adf0eb5a293022ff9a8649383f88d7ee74a3f73f06821a6859c26c26092777af667c2555&pst=1663013109&rmtc=t
IP 173.233.137.44:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (2636)
Hash 18d7ba42cde196883dabe1d807ffc981
319dc8e68126cd57a352e6b41cc5c9154a111164
836615298505825605f17ea35c050145985345e658c3444b6712b00d8bbf562d
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1069369306970.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=cfa4e371-e494-494c-ad0e-1d5196fcfcde%3A1%3A1&shu=95aaa2cb596fe98cd185dbb5a95fbc4fce2589b1f2e58d9004fdc11b842b395b0dcc11a64344140d43de3be6a3b38221ee5ec1bdd247d244fb4dcd8012832e18adf0eb5a293022ff9a8649383f88d7ee74a3f73f06821a6859c26c26092777af667c2555&pst=1663013109&rmtc=t HTTP/1.1
Host: graduatewonderentreaty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://scemga.com
Referer: https://scemga.com/
Connection: keep-alive
Cookie: u_pl=16429610; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjQyOTYxMCwiayI6IjQ0MTBmZmQ4YzkzZTYzNzJlMTYxZjRiMGExMmYyY2NkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjA0Mzk1LCJwaWQiOjMzODk3MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJqMTBlaGprcSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9zY2VtZ2EuY29tLyJ9fQ.9uehDUanOVklfpY1wzpKxn6HnAxwRF_H-v0BDTutXI0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 12 Sep 2022 20:04:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://scemga.com
Access-Control-Allow-Origin: https://scemga.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=cfa4e371-e494-494c-ad0e-1d5196fcfcde:1:1; expires=Mon, 19 Sep 2022 20:04:09 GMT; secure; SameSite=None
iprc9432d38294fe7ecb35904c6861b9fc19=3569806; expires=Tue, 13 Sep 2022 00:04:09 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 13 Sep 2022 20:04:09 GMT; secure; SameSite=None
uncs=1; expires=Tue, 13 Sep 2022 20:04:09 GMT; secure; SameSite=None
pdhtkv5=true; expires=Tue, 13 Sep 2022 20:04:09 GMT; secure; SameSite=None
uncs5=1; expires=Tue, 13 Sep 2022 20:04:09 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7613f4470d271659fba07a66378e7402
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
forgerylimit.com/watch.641546324693.js?key=266a36cd73aff36a5161bebe0973d5be&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=cfa4e371-e494-494c-ad0e-1d5196fcfcde%3A1%3A1&shu=d44d79820ee60b9f9f1c651ace0ee37106d97894181b187d3ba33c1d01e5514c3156e86b8933a511f1ea336a1daadbc62b7fdad0e2d7ee56eceabc1903ec8912c3d9e9ea63c26737e76d1123fbca906a4751d111db23cdac082194dc9a81&pst=1663013109&rmtc=t
173.233.137.44200 OK 2.1 kB URL HTTP/1.1 forgerylimit.com/watch.641546324693.js?key=266a36cd73aff36a5161bebe0973d5be&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=cfa4e371-e494-494c-ad0e-1d5196fcfcde%3A1%3A1&shu=d44d79820ee60b9f9f1c651ace0ee37106d97894181b187d3ba33c1d01e5514c3156e86b8933a511f1ea336a1daadbc62b7fdad0e2d7ee56eceabc1903ec8912c3d9e9ea63c26737e76d1123fbca906a4751d111db23cdac082194dc9a81&pst=1663013109&rmtc=t
IP 173.233.137.44:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (2617)
Hash 562e0a70addbf4c05f98100bee352b00
00a0b309ef989b060891b50b59a0569a336e0562
3b6b9322f708409df052ebe6e7a6d319f55d25d5607fa6a9cc99ee9f41f41c7d
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.641546324693.js?key=266a36cd73aff36a5161bebe0973d5be&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=cfa4e371-e494-494c-ad0e-1d5196fcfcde%3A1%3A1&shu=d44d79820ee60b9f9f1c651ace0ee37106d97894181b187d3ba33c1d01e5514c3156e86b8933a511f1ea336a1daadbc62b7fdad0e2d7ee56eceabc1903ec8912c3d9e9ea63c26737e76d1123fbca906a4751d111db23cdac082194dc9a81&pst=1663013109&rmtc=t HTTP/1.1
Host: forgerylimit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://scemga.com
Referer: https://scemga.com/
Connection: keep-alive
Cookie: u_pl=16429602; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjQyOTYwMiwiayI6IjI2NmEzNmNkNzNhZmYzNmE1MTYxYmViZTA5NzNkNWJlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjA0Mzk1LCJwaWQiOjMzODk3MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozMSwiYWlkIjozMiwicHQiOjQsInBrIjoiZXRwOHdjdWMiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vc2NlbWdhLmNvbS8ifX0.6y_kUR8S_WinywlQ4Tf1nGEIxVsWyxYXXw0XMOi2y2g
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 12 Sep 2022 20:04:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://scemga.com
Access-Control-Allow-Origin: https://scemga.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=cfa4e371-e494-494c-ad0e-1d5196fcfcde:1:1; expires=Mon, 19 Sep 2022 20:04:09 GMT; secure; SameSite=None
iprcea8a32e01d85b51b3408d45755d475cf=3570421; expires=Tue, 13 Sep 2022 00:04:09 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 13 Sep 2022 20:04:09 GMT; secure; SameSite=None
uncs=1; expires=Tue, 13 Sep 2022 20:04:09 GMT; secure; SameSite=None
pdhtkv32=true; expires=Tue, 13 Sep 2022 20:04:09 GMT; secure; SameSite=None
uncs32=1; expires=Tue, 13 Sep 2022 20:04:09 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b095b716565ad5e04e98b7df91c45f51
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 09ba627272befd0f5ff19db41767b0c4
e262f240ad6e9c4036a1469b5e1d8b9552806ec0
d5c2c3f9401d006b7e078d210c9760789889abd6d6fca60072e6c57f18c82fa6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D5C2C3F9401D006B7E078D210C9760789889ABD6D6FCA60072E6C57F18C82FA6"
Last-Modified: Mon, 12 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17413
Expires: Tue, 13 Sep 2022 00:54:22 GMT
Date: Mon, 12 Sep 2022 20:04:09 GMT
Connection: keep-alive
lockfireshimself.com/watch.122724536212.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=cfa4e371-e494-494c-ad0e-1d5196fcfcde%3A1%3A1
173.233.137.36307 Temporary Redirect 0 B URL HTTP/1.1 lockfireshimself.com/watch.122724536212.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=cfa4e371-e494-494c-ad0e-1d5196fcfcde%3A1%3A1
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.122724536212.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=cfa4e371-e494-494c-ad0e-1d5196fcfcde%3A1%3A1 HTTP/1.1
Host: lockfireshimself.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://scemga.com
Connection: keep-alive
Referer: https://scemga.com/
Cookie: u_pl=16430306; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjQzMDMwNiwiayI6Ijk5MzVjZWYxYjNiYjJiMWE0YmI0YzRiMzZhMjUwNjQwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjA0Mzk1LCJwaWQiOjMzODk3MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozMSwiYWlkIjoyNywicHQiOjQsInBrIjoibTR2NXpobWYiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vc2NlbWdhLmNvbS8ifX0.xtjr82NOoz6Cget8zOhvlDYGN1eO9y8kKchioWQkKDQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Mon, 12 Sep 2022 20:04:09 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://scemga.com
Access-Control-Allow-Origin: https://scemga.com
Access-Control-Allow-Credentials: true
Location: https://lockfireshimself.com/watch.122724536212.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=cfa4e371-e494-494c-ad0e-1d5196fcfcde%3A1%3A1&shu=0c5342ee29b1ce635d8ca8931ace9d66ef206b9975620de3ae05d10353641694c1b3e364041ae3ab15c45348195520598908caf0ccdd045584d8ecb0e0be968b79b9265290c948c358c0425552fea80c904a45a030617425ee9a6f6f2291e81fe4&pst=1663013109&rmtc=t
Set-Cookie: u_pl=16430306,16429610; expires=Tue, 13 Sep 2022 20:04:09 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjQyOTYxMCwiayI6IjQ0MTBmZmQ4YzkzZTYzNzJlMTYxZjRiMGExMmYyY2NkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjA0Mzk1LCJwaWQiOjMzODk3MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJqMTBlaGprcSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9zY2VtZ2EuY29tLyJ9fQ.9uehDUanOVklfpY1wzpKxn6HnAxwRF_H-v0BDTutXI0; expires=Mon, 12 Sep 2022 20:05:09 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 78ec5a2ecd08a7a4da2459594b8f9c62
Strict-Transport-Security: max-age=0; includeSubdomains
reapinject.com/watch.1379733139334.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=cfa4e371-e494-494c-ad0e-1d5196fcfcde%3A1%3A1
192.243.61.225307 Temporary Redirect 0 B URL HTTP/1.1 reapinject.com/watch.1379733139334.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=cfa4e371-e494-494c-ad0e-1d5196fcfcde%3A1%3A1
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1379733139334.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=cfa4e371-e494-494c-ad0e-1d5196fcfcde%3A1%3A1 HTTP/1.1
Host: reapinject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://scemga.com
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.22.0
Date: Mon, 12 Sep 2022 20:04:09 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://scemga.com
Access-Control-Allow-Origin: https://scemga.com
Access-Control-Allow-Credentials: true
Location: https://reapinject.com/watch.1379733139334.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=cfa4e371-e494-494c-ad0e-1d5196fcfcde%3A1%3A1&shu=08af36ede06be74d064551d86c3bad6ac606f605c1ff33426c0332343a4c91999a5bc0552fff0a36cda9561d5ea4a2a9c302fc77661e9ece0f9d4a770f7930269aa5a83a56991c7899b3cf17f6796e61c9b9f1&pst=1663013109&rmtc=t
Set-Cookie: u_pl=16429610; expires=Tue, 13 Sep 2022 20:04:09 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjQyOTYxMCwiayI6IjQ0MTBmZmQ4YzkzZTYzNzJlMTYxZjRiMGExMmYyY2NkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjA0Mzk1LCJwaWQiOjMzODk3MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJqMTBlaGprcSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9zY2VtZ2EuY29tLyJ9fQ.9uehDUanOVklfpY1wzpKxn6HnAxwRF_H-v0BDTutXI0; expires=Mon, 12 Sep 2022 20:05:09 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: da291e37e14645094a0430fe8c29ad81
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.cloudimagesb.com/cti/56/ef/55/56ef55f6ef3bc03e69b8d66da27f0cd1/1658920055.png
45.133.44.10200 OK 67 kB URL HTTP/2 cdn.cloudimagesb.com/cti/56/ef/55/56ef55f6ef3bc03e69b8d66da27f0cd1/1658920055.png
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 468 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash a98b4585db1c6db06d6857c73bb75fcb
02a896b08a79e873b2dd26200ee1f0665dc1c80a
fc08e863ffafe25aa63fe8b60c2d5135fc5f52caf0abae4da3f1a90e0f8ed96c
GET /cti/56/ef/55/56ef55f6ef3bc03e69b8d66da27f0cd1/1658920055.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 20:04:09 GMT
content-type: image/png
content-length: 67174
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 11:07:43 GMT
etag: "62e11c7f-10666"
expires: Wed, 14 Sep 2022 20:04:09 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/43/ff/51/43ff51c07da75eaedd548042d5154cfe/1658930770.jpg
45.133.44.10200 OK 25 kB URL HTTP/2 cdn.cloudimagesb.com/cti/43/ff/51/43ff51c07da75eaedd548042d5154cfe/1658930770.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, baseline, precision 8, 320x50, components 3\012- data
Hash d465d02b90e928dfd9d9846e102a9dac
22f7333777bec813bd9a7b870913a2b79b6d2fe4
e393d4f1c6b5d4973e157f0f10764b92037dc18239500f42b72bed8ecef462fd
GET /cti/43/ff/51/43ff51c07da75eaedd548042d5154cfe/1658930770.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 20:04:09 GMT
content-type: image/jpeg
content-length: 24714
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 14:06:18 GMT
etag: "62e1465a-608a"
expires: Wed, 14 Sep 2022 20:04:09 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 9e964b51358332e262bd8771a3cbeb92
24dd8b4200ae4512ec82f9a57a25dbb6f0e9432d
62aaddf84a2f5ff5c15659c948932f7cf8f976f893c98bc083c56b3ad6434b84
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 20:04:09 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 10 Sep 2022 17:22:25 GMT
Expires: Sat, 17 Sep 2022 17:22:24 GMT
Etag: "24dd8b4200ae4512ec82f9a57a25dbb6f0e9432d"
Cache-Control: max-age=421694,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 749b40288b180af6-OSL
cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
45.133.44.10200 OK 144 kB URL HTTP/2 cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size 144 kB (144379 bytes)
Hash 33c304429dc1a4408a96e6a74ffa2feb
c45fa8e65528d1bb2b46bf8a28af9eeaa1903d04
dbed482e5948ead5587d30a22306a5b611305f704de940bd22c76daf90e0a314
GET /cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 20:04:09 GMT
content-type: image/png
content-length: 144379
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 11:07:21 GMT
etag: "62e11c69-233fb"
expires: Wed, 14 Sep 2022 20:04:09 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
lockfireshimself.com/watch.122724536212.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=cfa4e371-e494-494c-ad0e-1d5196fcfcde%3A1%3A1&shu=0c5342ee29b1ce635d8ca8931ace9d66ef206b9975620de3ae05d10353641694c1b3e364041ae3ab15c45348195520598908caf0ccdd045584d8ecb0e0be968b79b9265290c948c358c0425552fea80c904a45a030617425ee9a6f6f2291e81fe4&pst=1663013109&rmtc=t
173.233.137.36200 OK 2.4 kB URL HTTP/1.1 lockfireshimself.com/watch.122724536212.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=cfa4e371-e494-494c-ad0e-1d5196fcfcde%3A1%3A1&shu=0c5342ee29b1ce635d8ca8931ace9d66ef206b9975620de3ae05d10353641694c1b3e364041ae3ab15c45348195520598908caf0ccdd045584d8ecb0e0be968b79b9265290c948c358c0425552fea80c904a45a030617425ee9a6f6f2291e81fe4&pst=1663013109&rmtc=t
IP 173.233.137.36:0
File type HTML document, ASCII text, with very long lines (2936)
Hash abecdf1ec2d5772c407a2d5b0c381cc6
e129852d8cb2b2c3208e3b6b7ad7aba31a6b7e2e
4235e9cbd67e5affb3bc5c8debc4b55e3f2cbd309be5465c55e8b398f05a9bf5
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.122724536212.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=cfa4e371-e494-494c-ad0e-1d5196fcfcde%3A1%3A1&shu=0c5342ee29b1ce635d8ca8931ace9d66ef206b9975620de3ae05d10353641694c1b3e364041ae3ab15c45348195520598908caf0ccdd045584d8ecb0e0be968b79b9265290c948c358c0425552fea80c904a45a030617425ee9a6f6f2291e81fe4&pst=1663013109&rmtc=t HTTP/1.1
Host: lockfireshimself.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://scemga.com
Referer: https://scemga.com/
Connection: keep-alive
Cookie: u_pl=16430306,16429610; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjQyOTYxMCwiayI6IjQ0MTBmZmQ4YzkzZTYzNzJlMTYxZjRiMGExMmYyY2NkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjA0Mzk1LCJwaWQiOjMzODk3MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJqMTBlaGprcSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9zY2VtZ2EuY29tLyJ9fQ.9uehDUanOVklfpY1wzpKxn6HnAxwRF_H-v0BDTutXI0; uid_id2=a79572d6-e488-4ffa-af3d-329be5d67d1b:1:1; iprce5ccc7dc458cbfcbbbf63000535b14e5=3569807; pdhtkv=true; uncs=1; pdhtkv27=true; uncs27=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 12 Sep 2022 20:04:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://scemga.com
Access-Control-Allow-Origin: https://scemga.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=cfa4e371-e494-494c-ad0e-1d5196fcfcde:1:1; expires=Mon, 19 Sep 2022 20:04:09 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 13 Sep 2022 20:04:09 GMT; secure; SameSite=None
uncs=1; expires=Tue, 13 Sep 2022 20:04:09 GMT; secure; SameSite=None
pdhtkv5=true; expires=Tue, 13 Sep 2022 20:04:09 GMT; secure; SameSite=None
uncs5=1; expires=Tue, 13 Sep 2022 20:04:09 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 36f02bf1ac00d805e69c8ec76915cb39
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdn.cloudimagesb.com/cti/96/64/f2/9664f226fa61ddbdd7ebea02d8e43bbf/1627979045.png
45.133.44.10200 OK 150 kB URL HTTP/2 cdn.cloudimagesb.com/cti/96/64/f2/9664f226fa61ddbdd7ebea02d8e43bbf/1627979045.png
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size 150 kB (149685 bytes)
Hash e7d35967d5b4bada68ebcfd8adf31493
e03ab93358befd526f05f2fa8197b98e07a50bea
6ba59bc77806df1b35b248a8f1315cf2fc0d8def3282e6d2f6246594e0608730
GET /cti/96/64/f2/9664f226fa61ddbdd7ebea02d8e43bbf/1627979045.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 20:04:09 GMT
content-type: image/png
content-length: 149685
server: nginx/1.17.6
last-modified: Tue, 03 Aug 2021 08:24:14 GMT
etag: "6108fd2e-248b5"
expires: Wed, 14 Sep 2022 20:04:09 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d65d55d5e1415578c614cadaf31a781d
277e3fe73f2f6ca4b6ec4fb7ab3d23f1865ed046
805dae20ed59ef252e6dc776314b83caf89a0a8ad44418887b9fb4d876be9d13
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "805DAE20ED59EF252E6DC776314B83CAF89A0A8AD44418887B9FB4D876BE9D13"
Last-Modified: Mon, 12 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20625
Expires: Tue, 13 Sep 2022 01:47:54 GMT
Date: Mon, 12 Sep 2022 20:04:09 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 9e964b51358332e262bd8771a3cbeb92
24dd8b4200ae4512ec82f9a57a25dbb6f0e9432d
62aaddf84a2f5ff5c15659c948932f7cf8f976f893c98bc083c56b3ad6434b84
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 20:04:09 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 10 Sep 2022 17:22:25 GMT
Expires: Sat, 17 Sep 2022 17:22:24 GMT
Etag: "24dd8b4200ae4512ec82f9a57a25dbb6f0e9432d"
Cache-Control: max-age=421694,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 749b4029ecc50af6-OSL
reapinject.com/watch.1379733139334.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=cfa4e371-e494-494c-ad0e-1d5196fcfcde%3A1%3A1&shu=08af36ede06be74d064551d86c3bad6ac606f605c1ff33426c0332343a4c91999a5bc0552fff0a36cda9561d5ea4a2a9c302fc77661e9ece0f9d4a770f7930269aa5a83a56991c7899b3cf17f6796e61c9b9f1&pst=1663013109&rmtc=t
192.243.61.225200 OK 2.0 kB URL HTTP/1.1 reapinject.com/watch.1379733139334.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=cfa4e371-e494-494c-ad0e-1d5196fcfcde%3A1%3A1&shu=08af36ede06be74d064551d86c3bad6ac606f605c1ff33426c0332343a4c91999a5bc0552fff0a36cda9561d5ea4a2a9c302fc77661e9ece0f9d4a770f7930269aa5a83a56991c7899b3cf17f6796e61c9b9f1&pst=1663013109&rmtc=t
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (2432)
Hash b5f48a3429c6c999e469fe12c67a0792
62144c68b44e2d4589fc4730a8d8e3dab745ac34
013970a9d6bad75fa66269e73365733425d917542a7b802f804dcd767126e83c
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1379733139334.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=cfa4e371-e494-494c-ad0e-1d5196fcfcde%3A1%3A1&shu=08af36ede06be74d064551d86c3bad6ac606f605c1ff33426c0332343a4c91999a5bc0552fff0a36cda9561d5ea4a2a9c302fc77661e9ece0f9d4a770f7930269aa5a83a56991c7899b3cf17f6796e61c9b9f1&pst=1663013109&rmtc=t HTTP/1.1
Host: reapinject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://scemga.com
Referer: https://scemga.com/
Connection: keep-alive
Cookie: u_pl=16429610; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjQyOTYxMCwiayI6IjQ0MTBmZmQ4YzkzZTYzNzJlMTYxZjRiMGExMmYyY2NkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjA0Mzk1LCJwaWQiOjMzODk3MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJqMTBlaGprcSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9zY2VtZ2EuY29tLyJ9fQ.9uehDUanOVklfpY1wzpKxn6HnAxwRF_H-v0BDTutXI0; uid_id2=cfa4e371-e494-494c-ad0e-1d5196fcfcde:1:1; iprc9432d38294fe7ecb35904c6861b9fc19=3569806; pdhtkv=true; uncs=1; pdhtkv5=true; uncs5=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 12 Sep 2022 20:04:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://scemga.com
Access-Control-Allow-Origin: https://scemga.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=cfa4e371-e494-494c-ad0e-1d5196fcfcde:1:1; expires=Mon, 19 Sep 2022 20:04:09 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 13 Sep 2022 20:04:09 GMT; secure; SameSite=None
uncs=1; expires=Tue, 13 Sep 2022 20:04:09 GMT; secure; SameSite=None
pdhtkv5=true; expires=Tue, 13 Sep 2022 20:04:09 GMT; secure; SameSite=None
uncs5=1; expires=Tue, 13 Sep 2022 20:04:09 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b1199fbaa050b7130934d64c0fdf41c4
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 935cdbef39997d1e92de9bc9421f3463
d463b34ae7144298a6432cc52fcb52893336b892
ba3aaa69f8d66627b1cee0468f3e9f480af0b3113510cea2b7ea6b65d920ef02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BA3AAA69F8D66627B1CEE0468F3E9F480AF0B3113510CEA2B7EA6B65D920EF02"
Last-Modified: Mon, 12 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19507
Expires: Tue, 13 Sep 2022 01:29:17 GMT
Date: Mon, 12 Sep 2022 20:04:10 GMT
Connection: keep-alive
cdn.cloudimagesb.com/cti/fe/3b/00/fe3b00c58303840cb3ab664e9686952e/1627915911.png
45.133.44.10200 OK 136 kB URL HTTP/2 cdn.cloudimagesb.com/cti/fe/3b/00/fe3b00c58303840cb3ab664e9686952e/1627915911.png
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 300 x 250, 8-bit/color RGB, non-interlaced\012- data
Size 136 kB (136090 bytes)
Hash 11675ef6f5c8559ec0ade47755155665
20df6be038de603b97f849e07460cd0600b34867
4d361374b3e2e4f8de896a1f1014d500ed0802bf028d2c7bbd606f9e87ba88a4
GET /cti/fe/3b/00/fe3b00c58303840cb3ab664e9686952e/1627915911.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 20:04:10 GMT
content-type: image/png
content-length: 136090
server: nginx/1.17.6
last-modified: Mon, 02 Aug 2021 14:51:59 GMT
etag: "6108068f-2139a"
expires: Wed, 14 Sep 2022 20:04:10 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
obituaryfuneral.com/watch.615080537639.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=cfa4e371-e494-494c-ad0e-1d5196fcfcde%3A1%3A1
173.233.137.36307 Temporary Redirect 0 B URL HTTP/1.1 obituaryfuneral.com/watch.615080537639.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=cfa4e371-e494-494c-ad0e-1d5196fcfcde%3A1%3A1
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.615080537639.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=cfa4e371-e494-494c-ad0e-1d5196fcfcde%3A1%3A1 HTTP/1.1
Host: obituaryfuneral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://scemga.com
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Mon, 12 Sep 2022 20:04:10 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://scemga.com
Access-Control-Allow-Origin: https://scemga.com
Access-Control-Allow-Credentials: true
Location: https://obituaryfuneral.com/watch.615080537639.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=cfa4e371-e494-494c-ad0e-1d5196fcfcde%3A1%3A1&shu=d3053b72680e07e42db8d0edab01302483d9e5a72bf4875b57e1938441f3ed1e8219d6e0145b4d7011b48134bc4364bc8e37858dd70c69c51b0447b3cb2cb0aa1b917d633d2dc0b9aa077107d76540d79ed797b74dd4b786da79ae18c1bb64ed4a&pst=1663013110&rmtc=t
Set-Cookie: u_pl=16429610; expires=Tue, 13 Sep 2022 20:04:10 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjQyOTYxMCwiayI6IjQ0MTBmZmQ4YzkzZTYzNzJlMTYxZjRiMGExMmYyY2NkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjA0Mzk1LCJwaWQiOjMzODk3MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJqMTBlaGprcSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9zY2VtZ2EuY29tLyJ9fQ.9uehDUanOVklfpY1wzpKxn6HnAxwRF_H-v0BDTutXI0; expires=Mon, 12 Sep 2022 20:05:10 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 037db4f3242b2cc3a3e3e7345b3a8f40
Strict-Transport-Security: max-age=0; includeSubdomains
youradexchange.com/script/push.php?r=6021554&ipp=1&mads=2&position=top&czid=tzvkjx4zym&aggr=3&atag=1&ppv=1&ab_test=AdOpt_B_nocapping-2021-12-08v1&cbpage=https%3A%2F%2Fscemga.com%2F&cbref=
35.190.41.116204 No Content 39 kB URL HTTP/2 youradexchange.com/script/push.php?r=6021554&ipp=1&mads=2&position=top&czid=tzvkjx4zym&aggr=3&atag=1&ppv=1&ab_test=AdOpt_B_nocapping-2021-12-08v1&cbpage=https%3A%2F%2Fscemga.com%2F&cbref=
IP 35.190.41.116:0
Hash 2e3e073989c0c95adbd73e8c3b148775
6e3b8907c26ed65d1940c398eb3d0f9da2f27ad7
12896d2b2660ce9810e6ee0f3cb1b16fb4805ac61bb4a24610c1bda2cca277ae
GET /script/push.php?r=6021554&ipp=1&mads=2&position=top&czid=tzvkjx4zym&aggr=3&atag=1&ppv=1&ab_test=AdOpt_B_nocapping-2021-12-08v1&cbpage=https%3A%2F%2Fscemga.com%2F&cbref= HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://scemga.com
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: openresty
date: Mon, 12 Sep 2022 20:04:10 GMT
access-control-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
youradexchange.com/ad/czcf.php?cz=tzvkjx4zym
35.190.41.116200 OK 34 kB URL HTTP/2 youradexchange.com/ad/czcf.php?cz=tzvkjx4zym
IP 35.190.41.116:0
Hash 6fd50ad00f55f7b5b8ed7afdec1b9e65
9bb4f566ab07cc54c4387867a017541dd6b61d8a
578a2e8d7464fbbc448c580fab6e3b54664eb0517878f666b9448e45bf310ea6
GET /ad/czcf.php?cz=tzvkjx4zym HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://scemga.com
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Mon, 12 Sep 2022 20:04:09 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
obituaryfuneral.com/watch.615080537639.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=cfa4e371-e494-494c-ad0e-1d5196fcfcde%3A1%3A1&shu=d3053b72680e07e42db8d0edab01302483d9e5a72bf4875b57e1938441f3ed1e8219d6e0145b4d7011b48134bc4364bc8e37858dd70c69c51b0447b3cb2cb0aa1b917d633d2dc0b9aa077107d76540d79ed797b74dd4b786da79ae18c1bb64ed4a&pst=1663013110&rmtc=t
173.233.137.36200 OK 2.3 kB URL HTTP/1.1 obituaryfuneral.com/watch.615080537639.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=cfa4e371-e494-494c-ad0e-1d5196fcfcde%3A1%3A1&shu=d3053b72680e07e42db8d0edab01302483d9e5a72bf4875b57e1938441f3ed1e8219d6e0145b4d7011b48134bc4364bc8e37858dd70c69c51b0447b3cb2cb0aa1b917d633d2dc0b9aa077107d76540d79ed797b74dd4b786da79ae18c1bb64ed4a&pst=1663013110&rmtc=t
IP 173.233.137.36:0
File type HTML document, ASCII text, with very long lines (2917)
Hash bf2d84d3dd2e31de57f04c70df207807
42abbb654858d39881bb7ce92a7f58bbd25af78f
e4a65a0e3bd96588efb6ec93065ca0c666a81859c074da3223fd096c4b2f9abe
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.615080537639.js?key=4410ffd8c93e6372e161f4b0a12f2ccd&kw=%5B%22scemga%22%5D&refer=https%3A%2F%2Fscemga.com%2F&tz=0&dev=r&res=12.31&uuid=cfa4e371-e494-494c-ad0e-1d5196fcfcde%3A1%3A1&shu=d3053b72680e07e42db8d0edab01302483d9e5a72bf4875b57e1938441f3ed1e8219d6e0145b4d7011b48134bc4364bc8e37858dd70c69c51b0447b3cb2cb0aa1b917d633d2dc0b9aa077107d76540d79ed797b74dd4b786da79ae18c1bb64ed4a&pst=1663013110&rmtc=t HTTP/1.1
Host: obituaryfuneral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://scemga.com
Referer: https://scemga.com/
Connection: keep-alive
Cookie: u_pl=16429610; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjQyOTYxMCwiayI6IjQ0MTBmZmQ4YzkzZTYzNzJlMTYxZjRiMGExMmYyY2NkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjA0Mzk1LCJwaWQiOjMzODk3MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJqMTBlaGprcSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9zY2VtZ2EuY29tLyJ9fQ.9uehDUanOVklfpY1wzpKxn6HnAxwRF_H-v0BDTutXI0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 12 Sep 2022 20:04:10 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://scemga.com
Access-Control-Allow-Origin: https://scemga.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=cfa4e371-e494-494c-ad0e-1d5196fcfcde:1:1; expires=Mon, 19 Sep 2022 20:04:10 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 13 Sep 2022 20:04:10 GMT; secure; SameSite=None
uncs=1; expires=Tue, 13 Sep 2022 20:04:10 GMT; secure; SameSite=None
pdhtkv5=true; expires=Tue, 13 Sep 2022 20:04:10 GMT; secure; SameSite=None
uncs5=1; expires=Tue, 13 Sep 2022 20:04:10 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e5e7e39907d9922e14104750fcbea059
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
region1.google-analytics.com/g/collect?v=2&tid=G-LR61DG565G>m=2oe970&_p=988587455&cid=1332081747.1663013037&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663013037&sct=1&seg=0&dl=https%3A%2F%2Fscemga.com%2F&dt=SCEMGA&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-LR61DG565G>m=2oe970&_p=988587455&cid=1332081747.1663013037&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663013037&sct=1&seg=0&dl=https%3A%2F%2Fscemga.com%2F&dt=SCEMGA&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-LR61DG565G>m=2oe970&_p=988587455&cid=1332081747.1663013037&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663013037&sct=1&seg=0&dl=https%3A%2F%2Fscemga.com%2F&dt=SCEMGA&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://scemga.com
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://scemga.com
date: Mon, 12 Sep 2022 20:04:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
scemga.com/favicon.ico
162.0.232.190404 Not Found 1.2 kB IP 162.0.232.190:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
GET /favicon.ico HTTP/1.1
Host: scemga.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://scemga.com/
Connection: keep-alive
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=cfa4e371-e494-494c-ad0e-1d5196fcfcde%3A1%3A1; _ga_LR61DG565G=GS1.1.1663013037.1.0.1663013037.0.0.0; _ga=GA1.1.1332081747.1663013037
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Mon, 12 Sep 2022 20:04:10 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
diminutioneconomy.com/ntv.json?key=79058c42da72db7016303f55ac74fc51&vstc=3&uuid=cfa4e371-e494-494c-ad0e-1d5196fcfcde%3A1%3A1&custom=%7B%22d37e3bc4%22%3A%22b%22%7D
192.243.61.227200 OK 13 kB URL HTTP/1.1 diminutioneconomy.com/ntv.json?key=79058c42da72db7016303f55ac74fc51&vstc=3&uuid=cfa4e371-e494-494c-ad0e-1d5196fcfcde%3A1%3A1&custom=%7B%22d37e3bc4%22%3A%22b%22%7D
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (13025), with no line terminators
Hash d28f55d8361e894f23c29a71e24cfdf4
4bfd62c0ccd943dc70d018b35b98b64e481a99df
f78164e0041f76388e312a096fe639b1957df359f2b16345b9ca32f0eb848a88
GET /ntv.json?key=79058c42da72db7016303f55ac74fc51&vstc=3&uuid=cfa4e371-e494-494c-ad0e-1d5196fcfcde%3A1%3A1&custom=%7B%22d37e3bc4%22%3A%22b%22%7D HTTP/1.1
Host: diminutioneconomy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://scemga.com
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 12 Sep 2022 20:04:10 GMT
Content-Type: application/json
Content-Length: 13026
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://scemga.com
Access-Control-Allow-Origin: https://scemga.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16437760; expires=Tue, 13 Sep 2022 20:04:10 GMT; secure; SameSite=None
uid_id2=cfa4e371-e494-494c-ad0e-1d5196fcfcde:1:1; expires=Mon, 19 Sep 2022 20:04:10 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 13 Sep 2022 20:04:10 GMT; secure; SameSite=None
uncs=1; expires=Tue, 13 Sep 2022 20:04:10 GMT; secure; SameSite=None
pdhtkv49=true; expires=Tue, 13 Sep 2022 20:04:10 GMT; secure; SameSite=None
uncs49=1; expires=Tue, 13 Sep 2022 20:04:10 GMT; secure; SameSite=None
nlec79058c42da72db7016303f55ac74fc51=[3637745,2229215,2229214]; expires=Mon, 12 Sep 2022 20:04:15 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 474cab851a4657939dc2a903be9deb41
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.cloudimagesb.com/si/b9/5d/e2/b95de288caeec55111c172964c8a9c84/1662036680.jpg
45.133.44.10200 OK 21 kB URL HTTP/2 cdn.cloudimagesb.com/si/b9/5d/e2/b95de288caeec55111c172964c8a9c84/1662036680.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash 8f4953c1b8baece7bb7d226247561ce2
da5d440970606602026d7900a55ae2fd27a3f170
8fd9df7d8e48ff2519631e82e01519d4f1c65abd41ec977c18abb58df9832919
GET /si/b9/5d/e2/b95de288caeec55111c172964c8a9c84/1662036680.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 20:04:10 GMT
content-type: image/jpeg
content-length: 20566
server: nginx/1.17.6
last-modified: Thu, 01 Sep 2022 12:51:28 GMT
etag: "6310aad0-5056"
expires: Wed, 14 Sep 2022 20:04:10 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/4e/61/98/4e619871efbab123abb0e0121e08e11d/1628586907.jpg
45.133.44.10200 OK 23 kB URL HTTP/2 cdn.cloudimagesb.com/cti/4e/61/98/4e619871efbab123abb0e0121e08e11d/1628586907.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash c6f19781c79ff746b99178f813cfbff2
5c307e43c63001535aa3a3683777dbb1a7f0775b
816b5a5d078f27271fa2d7c210d708f386a6f9fbd9242531b07f0b051382870d
GET /cti/4e/61/98/4e619871efbab123abb0e0121e08e11d/1628586907.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 20:04:10 GMT
content-type: image/jpeg
content-length: 22883
server: nginx/1.17.6
last-modified: Tue, 10 Aug 2021 09:15:16 GMT
etag: "611243a4-5963"
expires: Wed, 14 Sep 2022 20:04:10 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/5d/60/ed/5d60edea793259cd719bfa3d19bcae3e/1628587069.jpg
45.133.44.10200 OK 28 kB URL HTTP/2 cdn.cloudimagesb.com/cti/5d/60/ed/5d60edea793259cd719bfa3d19bcae3e/1628587069.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 321x240, components 3\012- data
Hash f4fabf64be47ce667e0cfc150667b36c
234d722efa06cbedfdad9c1bb497a942997741dd
272b7875492a55c6f53a4e4704e715cc5b3cc4e5093758cbfedd95441bfe98d8
GET /cti/5d/60/ed/5d60edea793259cd719bfa3d19bcae3e/1628587069.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 20:04:10 GMT
content-type: image/jpeg
content-length: 27606
server: nginx/1.17.6
last-modified: Tue, 10 Aug 2021 09:17:59 GMT
etag: "61124447-6bd6"
expires: Wed, 14 Sep 2022 20:04:10 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
diminutioneconomy.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST4gcxRutzu7vh%2F8uSg4KhgwikmB2t7unp3vHHIJxXQmuSUwUPQhSXVU9W251V1PVPT1ZDyYGJDcHPOmp580m0biIXgWD9AZEFoTMbQ%2BuZ48i5uBJZlxc%2FaD7%2B169d3jfq%2FpoVO4TFyXdW3lNb0ql6FJn0W2deNvzTrfWZFYOWoPl8N0wON0y%2FRe64aJ7svWKYBt6yXc91%2FVcr7UqjUj0YGlKQubbXW%2Bx6y4G%2FqLXCTAw%2F8W2dGCpA97fJ09A8sn8PecoJGuQpV%2BvCLtR6PzUy2mpaKEN%2Bvz2m9lGpqsM6eGYGAdJdvtADW3vr96Fzm7O7EL3%2FxHGckKcH%2B4izm4fmETc35r5jBVEhpg%2FiqrfQKgGkjZg%2Bjokv08AxnH%2BArL01nltKnrlb5ZO2QmZf%2FA7ZDUh8z8fRZZ%2BdVbJQeuyVmUhdWYxSGrIQQPZa5CXOyg2j0BWO2DFh5D8J7L0YA1ZunXBKg3J955lCQ1EO%2FIWRNANFoJuwBYod8WCxzteN0xYwriYBSRlA5k0UGIIah2U0086KBMHZe4g5Xst5nle5HJG3eUuY20eiTjkrkejxKOeGy6jZNMdhijyIZgagpmryM21z3k7Eu2YBaMYG3IIU34Pu17D8v%2FDFhPivP4B%2BrxGJQgqS1BRgkoSVAVB1a9vcmV9W9%2Fiypaxd9D9g96ux7rojehNXfRERkb5Pnl8luOfE4INsdeKum5nmQU%2Bp5HP48j1wrbbTjodyqIgYR0PVtaQ9shs6005IU%2B%2B%2FzxyOSH%2FO3UMMd2BVTtg8jho6YFW48h3QdfHwbKLzeyOZSLt0UWmU3BdIy%2FmUVxxRmqfPDVzEV37DYLtntk%2B8Ufz8TsnwUyN3NR4T94j6Kkb40u6IluXdGXJNxfyQqZyk05v%2BnJBCzF351VxpdKGn1uxwy9eZFNiOm6%2FIWyxRjMus54lX56VnAuzqg0T5Ltz9i0RXyzt%2BtnSZGW%2BdvGl1XNpboS1UmcNqLz%2FWAMmJ%2BTh3ZXZEz62ug5pGpiyRlrukoOC1Dtg%2BVXYfPfMnae3H%2FKe%2BxVWz8GoQ02cO6jKemz8%2BPBQSQIlDjGNa9h%2F4fhwHtkb6BkftLiOLK3RNzX6qgZVQ9jykXGRm90zP346rc8Qq7lxrMzcVqyM%2BmQW7YQ8M%2FfL9LcPK%2FdaUbvt0rDb8aKIiigO%2FOUk9DilfhD6YUjbKOyEHR9%2B%2BxcAAAD%2F%2FwEAAP%2F%2FlXOTI5cEAAA%3D
192.243.61.227200 OK 7 B URL HTTP/1.1 diminutioneconomy.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST4gcxRutzu7vh%2F8uSg4KhgwikmB2t7unp3vHHIJxXQmuSUwUPQhSXVU9W251V1PVPT1ZDyYGJDcHPOmp580m0biIXgWD9AZEFoTMbQ%2BuZ48i5uBJZlxc%2FaD7%2B169d3jfq%2FpoVO4TFyXdW3lNb0ql6FJn0W2deNvzTrfWZFYOWoPl8N0wON0y%2FRe64aJ7svWKYBt6yXc91%2FVcr7UqjUj0YGlKQubbXW%2Bx6y4G%2FqLXCTAw%2F8W2dGCpA97fJ09A8sn8PecoJGuQpV%2BvCLtR6PzUy2mpaKEN%2Bvz2m9lGpqsM6eGYGAdJdvtADW3vr96Fzm7O7EL3%2FxHGckKcH%2B4izm4fmETc35r5jBVEhpg%2FiqrfQKgGkjZg%2Bjokv08AxnH%2BArL01nltKnrlb5ZO2QmZf%2FA7ZDUh8z8fRZZ%2BdVbJQeuyVmUhdWYxSGrIQQPZa5CXOyg2j0BWO2DFh5D8J7L0YA1ZunXBKg3J955lCQ1EO%2FIWRNANFoJuwBYod8WCxzteN0xYwriYBSRlA5k0UGIIah2U0086KBMHZe4g5Xst5nle5HJG3eUuY20eiTjkrkejxKOeGy6jZNMdhijyIZgagpmryM21z3k7Eu2YBaMYG3IIU34Pu17D8v%2FDFhPivP4B%2BrxGJQgqS1BRgkoSVAVB1a9vcmV9W9%2Fiypaxd9D9g96ux7rojehNXfRERkb5Pnl8luOfE4INsdeKum5nmQU%2Bp5HP48j1wrbbTjodyqIgYR0PVtaQ9shs6005IU%2B%2B%2FzxyOSH%2FO3UMMd2BVTtg8jho6YFW48h3QdfHwbKLzeyOZSLt0UWmU3BdIy%2FmUVxxRmqfPDVzEV37DYLtntk%2B8Ufz8TsnwUyN3NR4T94j6Kkb40u6IluXdGXJNxfyQqZyk05v%2BnJBCzF351VxpdKGn1uxwy9eZFNiOm6%2FIWyxRjMus54lX56VnAuzqg0T5Ltz9i0RXyzt%2BtnSZGW%2BdvGl1XNpboS1UmcNqLz%2FWAMmJ%2BTh3ZXZEz62ug5pGpiyRlrukoOC1Dtg%2BVXYfPfMnae3H%2FKe%2BxVWz8GoQ02cO6jKemz8%2BPBQSQIlDjGNa9h%2F4fhwHtkb6BkftLiOLK3RNzX6qgZVQ9jykXGRm90zP346rc8Qq7lxrMzcVqyM%2BmQW7YQ8M%2FfL9LcPK%2FdaUbvt0rDb8aKIiigO%2FOUk9DilfhD6YUjbKOyEHR9%2B%2BxcAAAD%2F%2FwEAAP%2F%2FlXOTI5cEAAA%3D
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RST4gcxRutzu7vh%2F8uSg4KhgwikmB2t7unp3vHHIJxXQmuSUwUPQhSXVU9W251V1PVPT1ZDyYGJDcHPOmp580m0biIXgWD9AZEFoTMbQ%2BuZ48i5uBJZlxc%2FaD7%2B169d3jfq%2FpoVO4TFyXdW3lNb0ql6FJn0W2deNvzTrfWZFYOWoPl8N0wON0y%2FRe64aJ7svWKYBt6yXc91%2FVcr7UqjUj0YGlKQubbXW%2Bx6y4G%2FqLXCTAw%2F8W2dGCpA97fJ09A8sn8PecoJGuQpV%2BvCLtR6PzUy2mpaKEN%2Bvz2m9lGpqsM6eGYGAdJdvtADW3vr96Fzm7O7EL3%2FxHGckKcH%2B4izm4fmETc35r5jBVEhpg%2FiqrfQKgGkjZg%2Bjokv08AxnH%2BArL01nltKnrlb5ZO2QmZf%2FA7ZDUh8z8fRZZ%2BdVbJQeuyVmUhdWYxSGrIQQPZa5CXOyg2j0BWO2DFh5D8J7L0YA1ZunXBKg3J955lCQ1EO%2FIWRNANFoJuwBYod8WCxzteN0xYwriYBSRlA5k0UGIIah2U0086KBMHZe4g5Xst5nle5HJG3eUuY20eiTjkrkejxKOeGy6jZNMdhijyIZgagpmryM21z3k7Eu2YBaMYG3IIU34Pu17D8v%2FDFhPivP4B%2BrxGJQgqS1BRgkoSVAVB1a9vcmV9W9%2Fiypaxd9D9g96ux7rojehNXfRERkb5Pnl8luOfE4INsdeKum5nmQU%2Bp5HP48j1wrbbTjodyqIgYR0PVtaQ9shs6005IU%2B%2B%2FzxyOSH%2FO3UMMd2BVTtg8jho6YFW48h3QdfHwbKLzeyOZSLt0UWmU3BdIy%2FmUVxxRmqfPDVzEV37DYLtntk%2B8Ufz8TsnwUyN3NR4T94j6Kkb40u6IluXdGXJNxfyQqZyk05v%2BnJBCzF351VxpdKGn1uxwy9eZFNiOm6%2FIWyxRjMus54lX56VnAuzqg0T5Ltz9i0RXyzt%2BtnSZGW%2BdvGl1XNpboS1UmcNqLz%2FWAMmJ%2BTh3ZXZEz62ug5pGpiyRlrukoOC1Dtg%2BVXYfPfMnae3H%2FKe%2BxVWz8GoQ02cO6jKemz8%2BPBQSQIlDjGNa9h%2F4fhwHtkb6BkftLiOLK3RNzX6qgZVQ9jykXGRm90zP346rc8Qq7lxrMzcVqyM%2BmQW7YQ8M%2FfL9LcPK%2FdaUbvt0rDb8aKIiigO%2FOUk9DilfhD6YUjbKOyEHR9%2B%2BxcAAAD%2F%2FwEAAP%2F%2FlXOTI5cEAAA%3D HTTP/1.1
Host: diminutioneconomy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://scemga.com/
Cookie: u_pl=16437760; uid_id2=cfa4e371-e494-494c-ad0e-1d5196fcfcde:1:1; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec79058c42da72db7016303f55ac74fc51=[3637745,2229215,2229214]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 12 Sep 2022 20:04:10 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bdd1fb2ee96e55bd573d136630556863
Strict-Transport-Security: max-age=0; includeSubdomains
diminutioneconomy.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQYgcRRutye7%2FI3pRyUFBySAiitnZ7p6e7hlzCMa4ElyzMVH0JtVV1ZNyq7uaqu7pyXowMaA5DnjSU8%2Bb3ayui%2BhVcJHZgMiisHPbg%2BvZowhBPMmMi6MfdH%2Ffq%2FcO73tVHw6LY%2BKgoEcXX9MbUim63Go49Wffdt1z9VWZFv16vx28E%2Fjn6qb3QidoOM%2FVXxFsXS97jus4ruPWV6QRse4vT0nIbLfjNjpOw%2FcabstH3%2FwX26IGS2vgvWPyKCSfLN6rnYZkY6TJVxeFXc91dvblpFA01wY9vv1mup7qMkUyH2NTQ5xun6ih7eHKHnS6NbML3ftHGMkJqX2%2FhyjdPjGJqLc58xkpiBQRfwhlbwyhxpB0DKZvQ%2FJDAjCOy2tIk7uXtSnpjb9ZOmUnZPH%2B75DlhCz%2BfBpp8uUFJfv1a1oVudSpRT%2BuIPtjyO4YWbGPfOMUZLkPln8AyX8iy%2FdXkSaba1ZpSH70NIupL5qhuyT8jr%2Fkd3y2RLkjllzecjtBzGLGxSwgKceQ8RhKDEBtDcX0kzUUcQ1FVkPCj%2BrMdd3Q4Yw67Q5jTR6KKOCOS8PYpa4TtFGw6Q4D5NkATA3AzE1k5tZnvBmKZsT8YYR1OYApvoO9XsHy%2F8PmE1J7%2FX30eIVSEJSWoKQEpSQoc4KyV21xZT1b3eXKFpF70r2T3qxGOu8O6ZbOuyIlw%2ByYPDLL8c8Jwbo4qocdp9Vmvsdp6PEodNyg6TTjVouy0I9Zy4WVFaQ9Ndt6Q07IY%2B89j0xOyP%2FOPomI7sOqfTB5BrRwQctR6Dmg10d%2B28FGumOZSLq0wXQCritk%2BSLyG7WhOiaPz1w8tfALBDs4v%2FPE7gPuM7%2BCmQqZqfCuvEfQVXdGV3VJNq%2Fq0pKv17JcJnKDTm%2F6Wk5zsbDzqrhRasMvXbSDz19kU2I67r4hbL5KUy7TriVfXJCcC7OiDRPk20v2LRFdKez1C4VJi2z1yksrl5LMCGulTseg8nDtDzA5IYu39mZP%2BOEfP4I0Y5iiQlIckJOC1Ptg2U3YbO7e6gUYNddE2SmURTUyXjQ%2FVJJAiTmmUQX7LxzN56G9g67xQPPbSJMKPVOhpypQNYAtHhzlmTk4%2F8Mn0%2FoUkVoYRcosbEbKqI8nJLz12yzf6e8YVh7Vw2bToUGn5YYhFWHke%2B04cDmlnh94QUCbyO2EnRl88xcAAAD%2F%2FwEAAP%2F%2FjeVmEZcEAAA%3D
192.243.61.227200 OK 7 B URL HTTP/1.1 diminutioneconomy.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQYgcRRutye7%2FI3pRyUFBySAiitnZ7p6e7hlzCMa4ElyzMVH0JtVV1ZNyq7uaqu7pyXowMaA5DnjSU8%2Bb3ayui%2BhVcJHZgMiisHPbg%2BvZowhBPMmMi6MfdH%2Ffq%2FcO73tVHw6LY%2BKgoEcXX9MbUim63Go49Wffdt1z9VWZFv16vx28E%2Fjn6qb3QidoOM%2FVXxFsXS97jus4ruPWV6QRse4vT0nIbLfjNjpOw%2FcabstH3%2FwX26IGS2vgvWPyKCSfLN6rnYZkY6TJVxeFXc91dvblpFA01wY9vv1mup7qMkUyH2NTQ5xun6ih7eHKHnS6NbML3ftHGMkJqX2%2FhyjdPjGJqLc58xkpiBQRfwhlbwyhxpB0DKZvQ%2FJDAjCOy2tIk7uXtSnpjb9ZOmUnZPH%2B75DlhCz%2BfBpp8uUFJfv1a1oVudSpRT%2BuIPtjyO4YWbGPfOMUZLkPln8AyX8iy%2FdXkSaba1ZpSH70NIupL5qhuyT8jr%2Fkd3y2RLkjllzecjtBzGLGxSwgKceQ8RhKDEBtDcX0kzUUcQ1FVkPCj%2BrMdd3Q4Yw67Q5jTR6KKOCOS8PYpa4TtFGw6Q4D5NkATA3AzE1k5tZnvBmKZsT8YYR1OYApvoO9XsHy%2F8PmE1J7%2FX30eIVSEJSWoKQEpSQoc4KyV21xZT1b3eXKFpF70r2T3qxGOu8O6ZbOuyIlw%2ByYPDLL8c8Jwbo4qocdp9Vmvsdp6PEodNyg6TTjVouy0I9Zy4WVFaQ9Ndt6Q07IY%2B89j0xOyP%2FOPomI7sOqfTB5BrRwQctR6Dmg10d%2B28FGumOZSLq0wXQCritk%2BSLyG7WhOiaPz1w8tfALBDs4v%2FPE7gPuM7%2BCmQqZqfCuvEfQVXdGV3VJNq%2Fq0pKv17JcJnKDTm%2F6Wk5zsbDzqrhRasMvXbSDz19kU2I67r4hbL5KUy7TriVfXJCcC7OiDRPk20v2LRFdKez1C4VJi2z1yksrl5LMCGulTseg8nDtDzA5IYu39mZP%2BOEfP4I0Y5iiQlIckJOC1Ptg2U3YbO7e6gUYNddE2SmURTUyXjQ%2FVJJAiTmmUQX7LxzN56G9g67xQPPbSJMKPVOhpypQNYAtHhzlmTk4%2F8Mn0%2FoUkVoYRcosbEbKqI8nJLz12yzf6e8YVh7Vw2bToUGn5YYhFWHke%2B04cDmlnh94QUCbyO2EnRl88xcAAAD%2F%2FwEAAP%2F%2FjeVmEZcEAAA%3D
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSQYgcRRutye7%2FI3pRyUFBySAiitnZ7p6e7hlzCMa4ElyzMVH0JtVV1ZNyq7uaqu7pyXowMaA5DnjSU8%2Bb3ayui%2BhVcJHZgMiisHPbg%2BvZowhBPMmMi6MfdH%2Ffq%2FcO73tVHw6LY%2BKgoEcXX9MbUim63Go49Wffdt1z9VWZFv16vx28E%2Fjn6qb3QidoOM%2FVXxFsXS97jus4ruPWV6QRse4vT0nIbLfjNjpOw%2FcabstH3%2FwX26IGS2vgvWPyKCSfLN6rnYZkY6TJVxeFXc91dvblpFA01wY9vv1mup7qMkUyH2NTQ5xun6ih7eHKHnS6NbML3ftHGMkJqX2%2FhyjdPjGJqLc58xkpiBQRfwhlbwyhxpB0DKZvQ%2FJDAjCOy2tIk7uXtSnpjb9ZOmUnZPH%2B75DlhCz%2BfBpp8uUFJfv1a1oVudSpRT%2BuIPtjyO4YWbGPfOMUZLkPln8AyX8iy%2FdXkSaba1ZpSH70NIupL5qhuyT8jr%2Fkd3y2RLkjllzecjtBzGLGxSwgKceQ8RhKDEBtDcX0kzUUcQ1FVkPCj%2BrMdd3Q4Yw67Q5jTR6KKOCOS8PYpa4TtFGw6Q4D5NkATA3AzE1k5tZnvBmKZsT8YYR1OYApvoO9XsHy%2F8PmE1J7%2FX30eIVSEJSWoKQEpSQoc4KyV21xZT1b3eXKFpF70r2T3qxGOu8O6ZbOuyIlw%2ByYPDLL8c8Jwbo4qocdp9Vmvsdp6PEodNyg6TTjVouy0I9Zy4WVFaQ9Ndt6Q07IY%2B89j0xOyP%2FOPomI7sOqfTB5BrRwQctR6Dmg10d%2B28FGumOZSLq0wXQCritk%2BSLyG7WhOiaPz1w8tfALBDs4v%2FPE7gPuM7%2BCmQqZqfCuvEfQVXdGV3VJNq%2Fq0pKv17JcJnKDTm%2F6Wk5zsbDzqrhRasMvXbSDz19kU2I67r4hbL5KUy7TriVfXJCcC7OiDRPk20v2LRFdKez1C4VJi2z1yksrl5LMCGulTseg8nDtDzA5IYu39mZP%2BOEfP4I0Y5iiQlIckJOC1Ptg2U3YbO7e6gUYNddE2SmURTUyXjQ%2FVJJAiTmmUQX7LxzN56G9g67xQPPbSJMKPVOhpypQNYAtHhzlmTk4%2F8Mn0%2FoUkVoYRcosbEbKqI8nJLz12yzf6e8YVh7Vw2bToUGn5YYhFWHke%2B04cDmlnh94QUCbyO2EnRl88xcAAAD%2F%2FwEAAP%2F%2FjeVmEZcEAAA%3D HTTP/1.1
Host: diminutioneconomy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://scemga.com/
Cookie: u_pl=16437760; uid_id2=cfa4e371-e494-494c-ad0e-1d5196fcfcde:1:1; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec79058c42da72db7016303f55ac74fc51=[3637745,2229215,2229214]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 12 Sep 2022 20:04:10 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 604c6ceba86a78ad98c1de5f5c271dc6
Strict-Transport-Security: max-age=0; includeSubdomains
diminutioneconomy.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQYgcRRStyawielHJQUHJICKK2dnunp7uGXMIxrgSXLMxUfQm1VXVk3Kru5qq7unJejAxEHIc8KSnnjebROMiehVcZDYgsijs3PbgevYoQhBPMpPF0Q%2FF%2F6%2FeO7z%2Fqm6MikPioKAHZ9%2FSm1IputJuOo0X33fdU401mRaDxqATfBD4pxqm%2F0o3aDovNd4QbEOveI7rOK7jNlalEbEerMxIyGy76za7TtP3mm7bx8D8H9uiBktr4P1D8iQkny7dqx2HZBOkyTdnhd3IdXby9aRQNNcGfX7n3XQj1WWKZDHGpoY4vXOkhrb7qzvQ6a25Xej%2Bv8JITkntxx1E6Z0jk4j6W3OfkYJIEfHHUPYnEGoCSSdg%2Bjok3ycA4zi%2FjjS5fV6bkl55wNIZOyVL9%2F%2BELKdk6dfjSJOvzyg5aFzSqsilTi0GcQU5mED2JsiKXeSbxyDLXbD8E0j%2BC1m5v4Y02Vq3SkPyg%2BdZTH3RCt1l4Xf9Zb%2Frs2XKHbHs8rbbDWIWMy7mAUk5gYwnUGIIamsoZkfWUMQ1FFkNCT9oMNd1Q4cz6nS6jLV4KKKAOy4NY5e6TtBBwWY7DJFnQzA1BDNXkZlrX%2FBWKFoR80cRNuQQpvgB9nIFyx%2BGzaek9vbH6PMKpSAoLUFJCUpJUOYEZb%2B6xZX1bHWbK1tE7lH3jnqrGuu8N6K3dN4TKRllh%2BSJeY5%2FTwk2xEEj7DrtDvM9TkOPR6HjBi2nFbfblIV%2BzNourKwg7bH51ptySp766GVkckoeOvksIroLq3bB5AnQwgUtx6HngF4e%2Bx0Hm%2Bldy0TSo02mE3BdIcuXkF%2BpjdQheXru4rn6IQTbO333me1H3Bd%2BBzMVMlPhQ3mPoKduji%2Fqkmxd1KUl365nuUzkJp299KWc5qJ%2B901xpdSGnztrh1%2B%2BymbEbNx%2BR9h8jaZcpj1LvjojORdmVRsmyPfn7HsiulDYy2cKkxbZ2oXXVs8lmRHWSp1OQOX%2B%2Bl9gckqWru3Mv%2FDjP9%2BANBOYokJS7JGjgtS7YNlV2Gzh3uo6jFpooqyOsqjGxosWl0oSKLHANKpg%2F4OjxTyyN9EzHmh%2BHWlSoW8q9FUFqoawxaPjPDN7p3%2F6bFafI1L1caRMfStSRn06JeG1P2b5%2FvYgZCsPGmGr5dCg23bDkIow8r1OHLicUs8PvCCgLeR2yk4Mv%2FsHAAD%2F%2FwEAAP%2F%2Fn92AapcEAAA%3D
192.243.61.227200 OK 7 B URL HTTP/1.1 diminutioneconomy.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQYgcRRStyawielHJQUHJICKK2dnunp7uGXMIxrgSXLMxUfQm1VXVk3Kru5qq7unJejAxEHIc8KSnnjebROMiehVcZDYgsijs3PbgevYoQhBPMpPF0Q%2FF%2F6%2FeO7z%2Fqm6MikPioKAHZ9%2FSm1IputJuOo0X33fdU401mRaDxqATfBD4pxqm%2F0o3aDovNd4QbEOveI7rOK7jNlalEbEerMxIyGy76za7TtP3mm7bx8D8H9uiBktr4P1D8iQkny7dqx2HZBOkyTdnhd3IdXby9aRQNNcGfX7n3XQj1WWKZDHGpoY4vXOkhrb7qzvQ6a25Xej%2Bv8JITkntxx1E6Z0jk4j6W3OfkYJIEfHHUPYnEGoCSSdg%2Bjok3ycA4zi%2FjjS5fV6bkl55wNIZOyVL9%2F%2BELKdk6dfjSJOvzyg5aFzSqsilTi0GcQU5mED2JsiKXeSbxyDLXbD8E0j%2BC1m5v4Y02Vq3SkPyg%2BdZTH3RCt1l4Xf9Zb%2Frs2XKHbHs8rbbDWIWMy7mAUk5gYwnUGIIamsoZkfWUMQ1FFkNCT9oMNd1Q4cz6nS6jLV4KKKAOy4NY5e6TtBBwWY7DJFnQzA1BDNXkZlrX%2FBWKFoR80cRNuQQpvgB9nIFyx%2BGzaek9vbH6PMKpSAoLUFJCUpJUOYEZb%2B6xZX1bHWbK1tE7lH3jnqrGuu8N6K3dN4TKRllh%2BSJeY5%2FTwk2xEEj7DrtDvM9TkOPR6HjBi2nFbfblIV%2BzNourKwg7bH51ptySp766GVkckoeOvksIroLq3bB5AnQwgUtx6HngF4e%2Bx0Hm%2Bldy0TSo02mE3BdIcuXkF%2BpjdQheXru4rn6IQTbO333me1H3Bd%2BBzMVMlPhQ3mPoKduji%2Fqkmxd1KUl365nuUzkJp299KWc5qJ%2B901xpdSGnztrh1%2B%2BymbEbNx%2BR9h8jaZcpj1LvjojORdmVRsmyPfn7HsiulDYy2cKkxbZ2oXXVs8lmRHWSp1OQOX%2B%2Bl9gckqWru3Mv%2FDjP9%2BANBOYokJS7JGjgtS7YNlV2Gzh3uo6jFpooqyOsqjGxosWl0oSKLHANKpg%2F4OjxTyyN9EzHmh%2BHWlSoW8q9FUFqoawxaPjPDN7p3%2F6bFafI1L1caRMfStSRn06JeG1P2b5%2FvYgZCsPGmGr5dCg23bDkIow8r1OHLicUs8PvCCgLeR2yk4Mv%2FsHAAD%2F%2FwEAAP%2F%2Fn92AapcEAAA%3D
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSQYgcRRStyawielHJQUHJICKK2dnunp7uGXMIxrgSXLMxUfQm1VXVk3Kru5qq7unJejAxEHIc8KSnnjebROMiehVcZDYgsijs3PbgevYoQhBPMpPF0Q%2FF%2F6%2FeO7z%2Fqm6MikPioKAHZ9%2FSm1IputJuOo0X33fdU401mRaDxqATfBD4pxqm%2F0o3aDovNd4QbEOveI7rOK7jNlalEbEerMxIyGy76za7TtP3mm7bx8D8H9uiBktr4P1D8iQkny7dqx2HZBOkyTdnhd3IdXby9aRQNNcGfX7n3XQj1WWKZDHGpoY4vXOkhrb7qzvQ6a25Xej%2Bv8JITkntxx1E6Z0jk4j6W3OfkYJIEfHHUPYnEGoCSSdg%2Bjok3ycA4zi%2FjjS5fV6bkl55wNIZOyVL9%2F%2BELKdk6dfjSJOvzyg5aFzSqsilTi0GcQU5mED2JsiKXeSbxyDLXbD8E0j%2BC1m5v4Y02Vq3SkPyg%2BdZTH3RCt1l4Xf9Zb%2Frs2XKHbHs8rbbDWIWMy7mAUk5gYwnUGIIamsoZkfWUMQ1FFkNCT9oMNd1Q4cz6nS6jLV4KKKAOy4NY5e6TtBBwWY7DJFnQzA1BDNXkZlrX%2FBWKFoR80cRNuQQpvgB9nIFyx%2BGzaek9vbH6PMKpSAoLUFJCUpJUOYEZb%2B6xZX1bHWbK1tE7lH3jnqrGuu8N6K3dN4TKRllh%2BSJeY5%2FTwk2xEEj7DrtDvM9TkOPR6HjBi2nFbfblIV%2BzNourKwg7bH51ptySp766GVkckoeOvksIroLq3bB5AnQwgUtx6HngF4e%2Bx0Hm%2Bldy0TSo02mE3BdIcuXkF%2BpjdQheXru4rn6IQTbO333me1H3Bd%2BBzMVMlPhQ3mPoKduji%2Fqkmxd1KUl365nuUzkJp299KWc5qJ%2B901xpdSGnztrh1%2B%2BymbEbNx%2BR9h8jaZcpj1LvjojORdmVRsmyPfn7HsiulDYy2cKkxbZ2oXXVs8lmRHWSp1OQOX%2B%2Bl9gckqWru3Mv%2FDjP9%2BANBOYokJS7JGjgtS7YNlV2Gzh3uo6jFpooqyOsqjGxosWl0oSKLHANKpg%2F4OjxTyyN9EzHmh%2BHWlSoW8q9FUFqoawxaPjPDN7p3%2F6bFafI1L1caRMfStSRn06JeG1P2b5%2FvYgZCsPGmGr5dCg23bDkIow8r1OHLicUs8PvCCgLeR2yk4Mv%2FsHAAD%2F%2FwEAAP%2F%2Fn92AapcEAAA%3D HTTP/1.1
Host: diminutioneconomy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://scemga.com/
Cookie: u_pl=16437760; uid_id2=cfa4e371-e494-494c-ad0e-1d5196fcfcde:1:1; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec79058c42da72db7016303f55ac74fc51=[3637745,2229215,2229214]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 12 Sep 2022 20:04:10 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d7fd4786558fb4b033987025dd19050d
Strict-Transport-Security: max-age=0; includeSubdomains
diminutioneconomy.com/65/aa/28/65aa283021630dfd9030555c4c61a78c.js
192.243.61.227200 OK 29 kB URL HTTP/1.1 diminutioneconomy.com/65/aa/28/65aa283021630dfd9030555c4c61a78c.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash c7eab4a38c842e27b3b522a43611fa00
785bd3a3cb90df6f3c7c1dc83d451c947c0b58ff
0fcd98527df29545fcbf1d1ca8a237db6b8acbc34b4d1689197b4d8cc1fff43b
GET /65/aa/28/65aa283021630dfd9030555c4c61a78c.js HTTP/1.1
Host: diminutioneconomy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://scemga.com/
Cookie: u_pl=16437760; uid_id2=cfa4e371-e494-494c-ad0e-1d5196fcfcde:1:1; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec79058c42da72db7016303f55ac74fc51=[3637745,2229215,2229214]
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 12 Sep 2022 20:04:10 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1b1ab3028f0419499ff700ef7ceb00cf
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
e1.o.lencr.org/
95.101.11.115200 OK 346 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b32a5e9b733c4d6d00fa0ae101956367
a584d7ac68cf4e1e8d897ef1b0ba8d4d3037e997
6d41a9ea960766d6c7a93e01b3da41b93b651a3e38b00ec9873794c4bbdbee5b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "6D41A9EA960766D6C7A93E01B3DA41B93B651A3E38B00EC9873794C4BBDBEE5B"
Last-Modified: Sat, 10 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19146
Expires: Tue, 13 Sep 2022 01:23:17 GMT
Date: Mon, 12 Sep 2022 20:04:11 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 346 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b32a5e9b733c4d6d00fa0ae101956367
a584d7ac68cf4e1e8d897ef1b0ba8d4d3037e997
6d41a9ea960766d6c7a93e01b3da41b93b651a3e38b00ec9873794c4bbdbee5b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "6D41A9EA960766D6C7A93E01B3DA41B93B651A3E38B00EC9873794C4BBDBEE5B"
Last-Modified: Sat, 10 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19146
Expires: Tue, 13 Sep 2022 01:23:17 GMT
Date: Mon, 12 Sep 2022 20:04:11 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 992a1ffc097e77b6d26183db2fe6c614
b0bb0b755aeb8c5903429bf206e74c727ebca792
879e7f8481df8c88576bc8a0319cc430d69433b25021c88481ed1086122c2448
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "879E7F8481DF8C88576BC8A0319CC430D69433B25021C88481ED1086122C2448"
Last-Modified: Mon, 12 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3032
Expires: Mon, 12 Sep 2022 20:54:43 GMT
Date: Mon, 12 Sep 2022 20:04:11 GMT
Connection: keep-alive
skipdearbeautify.com/pixel/purst?dl=0&th=0&sc=0&rs=5755&rd=5755&fd=442&bv=22.8.v.2&tmpl=136
173.233.139.164200 OK 0 B URL HTTP/1.1 skipdearbeautify.com/pixel/purst?dl=0&th=0&sc=0&rs=5755&rd=5755&fd=442&bv=22.8.v.2&tmpl=136
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=5755&rd=5755&fd=442&bv=22.8.v.2&tmpl=136 HTTP/1.1
Host: skipdearbeautify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 12 Sep 2022 20:04:11 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 503237177a3d86d83f4c970effc37833
e2c733d5fe37ec941521578d5bdcf0bcad00d7e5
16380371ae5fc51ca985271a1fccdcd8e203b4af6134e8ffbe4e957a04180764
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "16380371AE5FC51CA985271A1FCCDCD8E203B4AF6134E8FFBE4E957A04180764"
Last-Modified: Sun, 11 Sep 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20156
Expires: Tue, 13 Sep 2022 01:40:07 GMT
Date: Mon, 12 Sep 2022 20:04:11 GMT
Connection: keep-alive
banquetunarmedgrater.com/advertisers.js
192.243.61.225200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 12 Sep 2022 20:04:11 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d58877c706cc552bf0828fbb9496962d
Strict-Transport-Security: max-age=0; includeSubdomains
addresseepaper.com/sfp.js
104.21.235.2200 OK 23 kB URL HTTP/2 addresseepaper.com/sfp.js
IP 104.21.235.2:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 22d0be38cff37c2a380b8d37351ac495
92d8c874ea32e8a72d42338358e8ee973c4da1f0
e9f42bbe705429c897274d46011313905f41a829c154581a9b2185441662dbd3
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 20:04:11 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 7699ada527ef624aaee575629189ae2d
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Mon, 12 Sep 2022 20:04:11 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=78fQIIujfoiTrCKhn75%2BdBZ6N%2FDdaT4pvcbs2cgurATra%2B7nM86gSvHDfKx8il%2B5EgzTG%2FsttinCiA%2FwlqaT7PRN1Y60wDxmjSs9EDuz2mTMi%2BQ8QPm8UOGd9JezpOEMmmn6FsY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 749b4031580a71cc-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
acdcdn.com/script/atg.js
104.21.6.66200 OK 0 B IP 104.21.6.66:0
GET /script/atg.js HTTP/1.1
Host: acdcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 20:04:06 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdsYeMqd1h5xQQ8mpDKYtDFSfEcoFRndqO0Lhz4JeNqWUKIBGJyxBwgvyViDBSmCnx5pT9AlBOBILkVPdquixeyLvaL45rUd
x-goog-generation: 1662291096576502
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 97006
x-goog-hash: crc32c=cP6rPg==, md5=cHzYdZFLhO0KtH/SFwBqJw==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Mon, 12 Sep 2022 19:49:52 GMT
cache-control: public, max-age=14400
age: 3269
last-modified: Sun, 04 Sep 2022 11:31:36 GMT
etag: W/"707cd875914b84ed0ab47fd217006a27"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VgfvRLPNPim78kbt4XqjgE0YKp7ozqZFbLCP6IP03rPHGnoDU3tYUXvmM%2FbIJS4WyZ3vcgZkpVR5%2Fi5JwFgi4hPHYgX1BvXHQOnKOo2u2Mbu2bPu79x1o0IhmHmZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 749b40156937b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
asacdn.com/script/atg.js
172.67.201.216200 OK 0 B IP 172.67.201.216:0
GET /script/atg.js HTTP/1.1
Host: asacdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 20:04:06 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdsYeMqd1h5xQQ8mpDKYtDFSfEcoFRndqO0Lhz4JeNqWUKIBGJyxBwgvyViDBSmCnx5pT9AlBOBILkVPdquixeyLvaL45rUd
x-goog-generation: 1662291096576502
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 97006
x-goog-hash: crc32c=cP6rPg==, md5=cHzYdZFLhO0KtH/SFwBqJw==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Mon, 12 Sep 2022 19:49:52 GMT
cache-control: public, max-age=14400
age: 3295
last-modified: Sun, 04 Sep 2022 11:31:36 GMT
etag: W/"707cd875914b84ed0ab47fd217006a27"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1WaBFW0yUKBiSjX2l09cWvQtmxyftAjz%2FnZq5kod2pCp0wwt3UL5hXDbSUN2k%2BFrL8pi0rVZm3xBpASSFnDoIfWX0b5Sm7tvQIIN6IfqtaogMl5iu0eCgnx5d3Ui"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 749b40155d430b39-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ashcdn.com/script/atg.js
172.67.173.137200 OK 0 B IP 172.67.173.137:0
GET /script/atg.js HTTP/1.1
Host: ashcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://scemga.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 20:04:06 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdsYeMqd1h5xQQ8mpDKYtDFSfEcoFRndqO0Lhz4JeNqWUKIBGJyxBwgvyViDBSmCnx5pT9AlBOBILkVPdquixeyLvaL45rUd
x-goog-generation: 1662291096576502
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 97006
x-goog-hash: crc32c=cP6rPg==, md5=cHzYdZFLhO0KtH/SFwBqJw==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Mon, 12 Sep 2022 19:49:52 GMT
cache-control: public, max-age=14400
age: 2759
last-modified: Sun, 04 Sep 2022 11:31:36 GMT
etag: W/"707cd875914b84ed0ab47fd217006a27"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7DhWUb%2F8uVcn4o0FkT1Fw3vkUrQZXkCE7RqIj0UZ0%2BxqRGTSP3eTzwF2oFciKXdt2E1CbKdBukjcTfOAO3q%2Bx24EmacUtVQg2qh3g9h%2BdYyrQwRadzNk8hiYgZbd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 749b40156c3db4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2