{"report_id":"27193125-985f-4864-b573-1c99af992aa3","version":6,"status":"done","tags":[],"date":"2024-06-03T21:27:00Z","url":{"schema":"http","addr":"www.amateur-exhibitionist.org/cgi-bin/dftop/out.cgi?ses=BU3PYj6rZv\u0026id=59\u0026url=http://fq7maijj63hnkg.robotics-deployment.com/q3bCCwDV?sub1=oo\u0026keyword=gpetersen@slurpmail.net\u0026sub2=orange.es","fqdn":"www.amateur-exhibitionist.org","domain":"slurpmail.net","tld":"org"},"ip":{"addr":"88.208.36.153","port":0,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"final":{"url":{"schema":"https","addr":"megodait.site/?s1=mqmq\u0026i_ema=gpetersen@slurpmail.net\u0026s3=oo","fqdn":"megodait.site","domain":"megodait.site","tld":"site"},"title":"Jump into the sexy relationship"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-25T14:26:33Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"o.pki.goog","ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2016-06-13","domain_rank":0,"first_seen":"2024-04-24 13:44:57","last_seen":"2024-06-02 18:33:25","alert_count":0,"request_count":2,"received_data":1399,"sent_data":650,"comment":"","tags":null,"fingerprints":null},{"fqdn":"zerossl.ocsp.sectigo.com","ip":{"addr":"172.64.149.23","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"domain_registered":"2018-08-16","domain_rank":4049,"first_seen":"2020-05-09 21:05:29","last_seen":"2024-06-02 20:26:18","alert_count":0,"request_count":1,"received_data":1219,"sent_data":336,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.amateur-exhibitionist.org","ip":{"addr":"88.208.36.153","port":80,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2004-03-23","domain_rank":0,"first_seen":"2013-02-07 02:06:52","last_seen":"2023-06-28 09:59:44","alert_count":0,"request_count":2,"received_data":783,"sent_data":1198,"comment":"","tags":null,"fingerprints":null},{"fqdn":"megodait.site","ip":{"addr":"104.21.49.150","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2023-11-09","domain_rank":0,"first_seen":"2023-11-09 17:19:55","last_seen":"2024-04-17 17:25:34","alert_count":7,"request_count":7,"received_data":956422,"sent_data":6835,"comment":"","tags":null,"fingerprints":null},{"fqdn":"pornhub.com","ip":{"addr":"66.254.114.41","port":0,"asn":29789,"as":"REFLECTED","country":"United States","country_code":"US"},"domain_registered":"2000-10-31","domain_rank":4903,"first_seen":"2012-05-22 03:01:29","last_seen":"2024-06-02 22:52:15","alert_count":0,"request_count":1,"received_data":201,"sent_data":407,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.pornhub.com","ip":{"addr":"66.254.114.41","port":0,"asn":29789,"as":"REFLECTED","country":"United States","country_code":"US"},"domain_registered":"2000-10-31","domain_rank":10781,"first_seen":"2012-05-21 08:55:53","last_seen":"2024-06-02 19:29:03","alert_count":0,"request_count":2,"received_data":92105,"sent_data":820,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.xvideos.com","ip":{"addr":"185.88.181.2","port":443,"asn":46652,"as":"SERVERSTACK-ASN","country":"The Netherlands","country_code":"NL"},"domain_registered":"1997-12-30","domain_rank":11464,"first_seen":"2012-05-21 20:29:12","last_seen":"2024-05-29 18:42:03","alert_count":0,"request_count":1,"received_data":16848,"sent_data":413,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fq7maijj63hnkg.robotics-deployment.com","ip":{"addr":"91.103.253.42","port":80,"asn":210644,"as":"Aeza International Ltd","country":"Switzerland","country_code":"CH"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":2,"request_count":1,"received_data":734,"sent_data":472,"comment":"","tags":null,"fingerprints":null},{"fqdn":"lh3.google.com","ip":{"addr":"142.250.74.110","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":213,"first_seen":"2012-07-21 00:52:12","last_seen":"2024-06-01 18:12:40","alert_count":0,"request_count":1,"received_data":840,"sent_data":430,"comment":"","tags":null,"fingerprints":null},{"fqdn":"accounts.google.com","ip":{"addr":"64.233.165.84","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":81,"first_seen":"2016-03-20 13:44:49","last_seen":"2024-06-02 18:17:16","alert_count":0,"request_count":3,"received_data":5372,"sent_data":1759,"comment":"","tags":null,"fingerprints":null},{"fqdn":"svntrk.com","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"domain_registered":"2018-04-18","domain_rank":105291,"first_seen":"2018-04-27 09:41:55","last_seen":"2024-05-01 15:59:40","alert_count":0,"request_count":1,"received_data":700,"sent_data":413,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"","description":"","date":"2024-06-03T21:26:34Z","timestamp":1717449994,"ip_dst":{"addr":"Client IP","port":59106,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"88.208.36.153","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"severity":"low","alert":"ET INFO Observed ZeroSSL SSL/TLS Certificate","source":"{\"timestamp\":\"2024-06-03T21:26:34.204601+0000\",\"flow_id\":2164118946231879,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"88.208.36.153\",\"src_port\":443,\"dest_ip\":\"172.18.0.23\",\"dest_port\":59106,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2031231,\"rev\":3,\"signature\":\"ET INFO Observed ZeroSSL SSL/TLS Certificate\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2020_11_23\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_12_01\"]}},\"tls\":{\"subject\":\"CN=amateurpornsexvideos.com\",\"issuerdn\":\"C=AT, O=ZeroSSL, CN=ZeroSSL RSA Domain Secure Site CA\",\"serial\":\"64:8B:89:EA:03:68:DE:F0:C4:C1:31:4C:52:76:77:FC\",\"fingerprint\":\"47:1f:73:8f:8d:55:77:7a:4a:81:85:bf:76:f9:ba:82:6a:cc:c0:22\",\"sni\":\"www.amateur-exhibitionist.org\",\"version\":\"TLS 1.2\",\"notbefore\":\"2024-03-13T00:00:00\",\"notafter\":\"2024-06-11T23:59:59\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"303951d4c50efb2e991652225a6f02b1\",\"string\":\"771,49199,65281-11\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":8,\"pkts_toclient\":7,\"bytes_toserver\":1321,\"bytes_toclient\":5845,\"start\":\"2024-06-03T21:26:34.046663+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-06-03T21:26:34Z","timestamp":1717449994,"ip_dst":{"addr":"Client IP","port":59106,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"88.208.36.153","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"severity":"low","alert":"ET INFO Observed ZeroSSL SSL/TLS Certificate","source":"{\"timestamp\":\"2024-06-03T21:26:34.204601+0000\",\"flow_id\":1429801945183815,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"88.208.36.153\",\"src_port\":443,\"dest_ip\":\"172.18.0.23\",\"dest_port\":59106,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2031231,\"rev\":3,\"signature\":\"ET INFO Observed ZeroSSL SSL/TLS Certificate\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2020_11_23\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_12_01\"]}},\"tls\":{\"subject\":\"CN=amateurpornsexvideos.com\",\"issuerdn\":\"C=AT, O=ZeroSSL, CN=ZeroSSL RSA Domain Secure Site CA\",\"serial\":\"64:8B:89:EA:03:68:DE:F0:C4:C1:31:4C:52:76:77:FC\",\"fingerprint\":\"47:1f:73:8f:8d:55:77:7a:4a:81:85:bf:76:f9:ba:82:6a:cc:c0:22\",\"sni\":\"www.amateur-exhibitionist.org\",\"version\":\"TLS 1.2\",\"notbefore\":\"2024-03-13T00:00:00\",\"notafter\":\"2024-06-11T23:59:59\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"303951d4c50efb2e991652225a6f02b1\",\"string\":\"771,49199,65281-11\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":8,\"pkts_toclient\":7,\"bytes_toserver\":1321,\"bytes_toclient\":5845,\"start\":\"2024-06-03T21:26:34.046663+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-06-03T21:26:34Z","timestamp":1717449994,"ip_dst":{"addr":"Client IP","port":59108,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"88.208.36.153","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"severity":"low","alert":"ET INFO Observed ZeroSSL SSL/TLS Certificate","source":"{\"timestamp\":\"2024-06-03T21:26:34.473500+0000\",\"flow_id\":224689956508172,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"88.208.36.153\",\"src_port\":443,\"dest_ip\":\"172.18.0.23\",\"dest_port\":59108,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2031231,\"rev\":3,\"signature\":\"ET INFO Observed ZeroSSL SSL/TLS Certificate\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2020_11_23\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_12_01\"]}},\"tls\":{\"subject\":\"CN=amateurpornsexvideos.com\",\"issuerdn\":\"C=AT, O=ZeroSSL, CN=ZeroSSL RSA Domain Secure Site CA\",\"serial\":\"64:8B:89:EA:03:68:DE:F0:C4:C1:31:4C:52:76:77:FC\",\"fingerprint\":\"47:1f:73:8f:8d:55:77:7a:4a:81:85:bf:76:f9:ba:82:6a:cc:c0:22\",\"sni\":\"www.amateur-exhibitionist.org\",\"version\":\"TLS 1.2\",\"notbefore\":\"2024-03-13T00:00:00\",\"notafter\":\"2024-06-11T23:59:59\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"303951d4c50efb2e991652225a6f02b1\",\"string\":\"771,49199,65281-11\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":10,\"pkts_toclient\":7,\"bytes_toserver\":1342,\"bytes_toclient\":5794,\"start\":\"2024-06-03T21:26:34.315916+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-06-03T21:26:34Z","timestamp":1717449994,"ip_dst":{"addr":"Client IP","port":59108,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"88.208.36.153","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"severity":"low","alert":"ET INFO Observed ZeroSSL SSL/TLS Certificate","source":"{\"timestamp\":\"2024-06-03T21:26:34.473500+0000\",\"flow_id\":1816067681473036,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"88.208.36.153\",\"src_port\":443,\"dest_ip\":\"172.18.0.23\",\"dest_port\":59108,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2031231,\"rev\":3,\"signature\":\"ET INFO Observed ZeroSSL SSL/TLS Certificate\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"created_at\":[\"2020_11_23\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_12_01\"]}},\"tls\":{\"subject\":\"CN=amateurpornsexvideos.com\",\"issuerdn\":\"C=AT, O=ZeroSSL, CN=ZeroSSL RSA Domain Secure Site CA\",\"serial\":\"64:8B:89:EA:03:68:DE:F0:C4:C1:31:4C:52:76:77:FC\",\"fingerprint\":\"47:1f:73:8f:8d:55:77:7a:4a:81:85:bf:76:f9:ba:82:6a:cc:c0:22\",\"sni\":\"www.amateur-exhibitionist.org\",\"version\":\"TLS 1.2\",\"notbefore\":\"2024-03-13T00:00:00\",\"notafter\":\"2024-06-11T23:59:59\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"303951d4c50efb2e991652225a6f02b1\",\"string\":\"771,49199,65281-11\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":10,\"pkts_toclient\":7,\"bytes_toserver\":1342,\"bytes_toclient\":5794,\"start\":\"2024-06-03T21:26:34.315916+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-06-03T21:26:44Z","timestamp":1717450004,"ip_dst":{"addr":"Client IP","port":51966,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"91.103.253.42","port":80,"asn":210644,"as":"Aeza International Ltd","country":"Switzerland","country_code":"CH"},"severity":"high","alert":"ETPRO WEB_CLIENT Evil Keitaro Set-Cookie Inbound (b15e4)","source":"{\"timestamp\":\"2024-06-03T21:26:44.932440+0000\",\"flow_id\":620831970091284,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"91.103.253.42\",\"src_port\":80,\"dest_ip\":\"172.18.0.23\",\"dest_port\":51966,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2852972,\"rev\":1,\"signature\":\"ETPRO WEB_CLIENT Evil Keitaro Set-Cookie Inbound (b15e4)\",\"category\":\"A Network Trojan was detected\",\"severity\":1,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2022_12_20\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"WEB_CLIENT\"],\"malware_family\":[\"KeitaroTDS\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Major\"],\"updated_at\":[\"2022_12_20\"]}},\"http\":{\"hostname\":\"fq7maijj63hnkg.robotics-deployment.com\",\"url\":\"/q3bCCwDV?sub1=oo\u0026keyword=gpetersen@slurpmail.net\u0026sub2=orange.es\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":302,\"redirect\":\"https://megodait.site/?s1=mqmq\u0026i_ema=gpetersen@slurpmail.net\u0026s3=oo\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":4,\"bytes_toserver\":812,\"bytes_toclient\":1021,\"start\":\"2024-06-03T21:26:34.712980+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-06-03T21:26:44Z","timestamp":1717450004,"ip_dst":{"addr":"Client IP","port":51966,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"91.103.253.42","port":80,"asn":210644,"as":"Aeza International Ltd","country":"Switzerland","country_code":"CH"},"severity":"high","alert":"ETPRO WEB_CLIENT Evil Keitaro Set-Cookie Inbound (b15e4)","source":"{\"timestamp\":\"2024-06-03T21:26:44.932440+0000\",\"flow_id\":1996256591929620,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"91.103.253.42\",\"src_port\":80,\"dest_ip\":\"172.18.0.23\",\"dest_port\":51966,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2852972,\"rev\":1,\"signature\":\"ETPRO WEB_CLIENT Evil Keitaro Set-Cookie Inbound (b15e4)\",\"category\":\"A Network Trojan was detected\",\"severity\":1,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2022_12_20\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"WEB_CLIENT\"],\"malware_family\":[\"KeitaroTDS\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Major\"],\"updated_at\":[\"2022_12_20\"]}},\"http\":{\"hostname\":\"fq7maijj63hnkg.robotics-deployment.com\",\"url\":\"/q3bCCwDV?sub1=oo\u0026keyword=gpetersen@slurpmail.net\u0026sub2=orange.es\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":302,\"redirect\":\"https://megodait.site/?s1=mqmq\u0026i_ema=gpetersen@slurpmail.net\u0026s3=oo\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":4,\"bytes_toserver\":812,\"bytes_toclient\":1021,\"start\":\"2024-06-03T21:26:34.712980+0000\"}}"}]}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-03","alert":"Sinkholed","trigger":"megodait.site","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-03","alert":"Sinkholed","trigger":"megodait.site","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-03","alert":"Sinkholed","trigger":"megodait.site","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-03","alert":"Sinkholed","trigger":"megodait.site","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-03","alert":"Sinkholed","trigger":"megodait.site","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-03","alert":"Sinkholed","trigger":"megodait.site","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-03","alert":"Sinkholed","trigger":"megodait.site","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"svntrk.com/assets/mqmq_665e350b2c6c3.js","fqdn":"svntrk.com","domain":"svntrk.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T00:47:03.388486Z","times_seen":13352920,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"megodait.site/scripts/fp.v3.646d4b3deea4287def3fdfc18906bcc7.js","fqdn":"megodait.site","domain":"megodait.site","tld":"site"},"ip":{"addr":"104.21.49.150","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1d8ad98fe3471d1a74d485f9b4737bfc","sha1":"a1190f7bb41660f682d59e15c2606279da0792f7","sha256":"9aa12d141f3c41629c83ac95bf3bebab2b33bca7f8f8988bf64b53b57c73714c","sha512":"7fb9f2102417806125bb6cfc40d829f98ca8cb772b9ba847562a19b7e0e6e3e1a3e78ccf464a2409741ee9074d12ca521d305c3ae16ff774e2bb6e3c462dda51","ssdeep":"768:WTW1G6kf2ckxyISuNwxJDJzFE8CYtCgkbAIlIdlIZCwXy:ljvfxyI7N8JDJJEnYsgu3ZRC","tlshash":"be0329d872c7b01e5263697a157fa046ba3abd50750d8c07da3be1c07ca5d4a023bfb9","size":40104,"data":"","first_seen":"2023-04-05T13:38:28Z","last_seen":"2026-04-04T21:42:03.83416Z","times_seen":197863,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"megodait.site/?s1=mqmq\u0026i_ema=gpetersen@slurpmail.net\u0026s3=oo","fqdn":"megodait.site","domain":"megodait.site","tld":"site"},"ip":{"addr":"104.21.49.150","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T00:47:03.388486Z","times_seen":13352920,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"megodait.site/landings/49/js/vendor.f8ad85bd679257f7baca823f7bbac294.js","fqdn":"megodait.site","domain":"megodait.site","tld":"site"},"ip":{"addr":"104.21.49.150","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a7d8f9c893a35d600f60ff85606f211c","sha1":"6cbaf746a3dd15218b67489dd419494fedf1102e","sha256":"e4bfe00cbde71eb0b3f89160adb365838d7267a417d9f575dcbabe8b839362ef","sha512":"34c06956fda63d3c107a97d358113b616679019afdc4c13f43638d65583b7d712f22443411d2d40bd33e8aaf8a27edd01e2941e0c4537e21a25bf3c8ad23adbe","ssdeep":"1536:ZtXKfvi66SyGSA+6KXHbxmyEeprjnic6s97O9aprgrH9DOEntBs9mpg0jEhfZm0Q:rb9zpadCWgdhfZOmtJWrXX","tlshash":"4ba32bddb2c9712247a730b940bf550bf1362959680d8804f129d8eabc78e4e627bf7d","size":102872,"data":"","first_seen":"2023-05-05T23:28:41Z","last_seen":"2024-08-21T08:48:41.16471Z","times_seen":129,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"megodait.site/?s1=mqmq\u0026i_ema=gpetersen@slurpmail.net\u0026s3=oo","fqdn":"megodait.site","domain":"megodait.site","tld":"site"},"ip":{"addr":"104.21.49.150","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T00:47:03.388486Z","times_seen":13352920,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"megodait.site/?s1=mqmq\u0026i_ema=gpetersen@slurpmail.net\u0026s3=oo","fqdn":"megodait.site","domain":"megodait.site","tld":"site"},"ip":{"addr":"104.21.49.150","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T00:47:03.388486Z","times_seen":13352920,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"http","addr":"zerossl.ocsp.sectigo.com/","fqdn":"zerossl.ocsp.sectigo.com","domain":"sectigo.com","tld":"com"},"ip":{"addr":"172.64.149.23","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-06-03T21:26:34.256037065Z","timestamp":1717449994256,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: zerossl.ocsp.sectigo.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 83\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 03 Jun 2024 21:26:34 GMT\r\nContent-Type: application/ocsp-response\r\nContent-Length: 727\r\nConnection: keep-alive\r\nLast-Modified: Sat, 01 Jun 2024 03:03:30 GMT\r\nExpires: Sat, 08 Jun 2024 03:03:29 GMT\r\nEtag: \"5198ecd04e13a210d5d069a379228eeecd444687\"\r\nCache-Control: max-age=365214,s-maxage=1800,public,no-transform,must-revalidate\r\nX-CCACDN-Proxy-ID: mcdpinlb3\r\nX-Frame-Options: SAMEORIGIN\r\nCF-Cache-Status: DYNAMIC\r\nServer: cloudflare\r\nCF-RAY: 88e2c31fae6c92f4-CPH\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":727,"size_decoded":727,"mime_type":"application/octet-stream","magic":"data","md5":"eaa0bbb98d8ca1eceac460546aafa76e","sha1":"5198ecd04e13a210d5d069a379228eeecd444687","sha256":"e87129f47a91c8b88e4822370ccb2ff595ed609e8ce5afda2c54cc6274e9516e","sha512":"0c7c05173dd83e5c5a198022e7b1a56a81f0eab4e9501d0d8760b85b6e6bc77a03db4c065b09bbaa13125657bf8cfb92633a5f6648a8e383f493737eb979b792","ssdeep":"","tlshash":"8a0110c98ebc704c6b418d38e8c5d01076e1e4b1250b9c69379e798974e5bf7ab38241","first_seen":"2024-08-19T20:52:29.391849Z","last_seen":"2024-08-19T20:52:29.391849Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.amateur-exhibitionist.org/cgi-bin/dftop/out.cgi?ses=BU3PYj6rZv\u0026id=59\u0026url=http://fq7maijj63hnkg.robotics-deployment.com/q3bCCwDV?sub1=oo\u0026keyword=gpetersen@slurpmail.net\u0026sub2=orange.es","fqdn":"www.amateur-exhibitionist.org","domain":"amateur-exhibitionist.org","tld":"org"},"ip":{"addr":"88.208.36.153","port":80,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-06-03T21:26:34.466Z","timestamp":1717449994466,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /cgi-bin/dftop/out.cgi?ses=BU3PYj6rZv\u0026id=59\u0026url=http://fq7maijj63hnkg.robotics-deployment.com/q3bCCwDV?sub1=oo\u0026keyword=gpetersen@slurpmail.net\u0026sub2=orange.es HTTP/1.1\r\nHost: www.amateur-exhibitionist.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nServer: nginx\r\nDate: Mon, 03 Jun 2024 21:26:34 GMT\r\nContent-Type: text/html; charset=iso-8859-1\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nSet-Cookie: ses=SmartSessss; domain=amateur-exhibitionist.org\r\nLocation: http://fq7maijj63hnkg.robotics-deployment.com/q3bCCwDV?sub1=oo\u0026keyword=gpetersen@slurpmail.net\u0026sub2=orange.es\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":430,"size_decoded":430,"mime_type":"","magic":"HTML document, ASCII text","md5":"5b8daa18ae8be68e0d02a65aa171b9b7","sha1":"df625d75c2e08f1f50fd7da598c0c56d63f51f8b","sha256":"b7b9bef2b26505aa7f6cba2613367f27132895fe5824a2c17bf8887ae3260fa5","sha512":"7c5fb24a95e0f2b14415906fe7545f67d6e7890f69818c22efe050932023fbfc60a7cc6c7945e7f0e74e230ce620c92e3bf7302f94d6d73c93f3501bac827a72","ssdeep":"","tlshash":"f4e0a37d809e24df08e37079f45640bd6a1801a9e8568ede15c55c056985d3c637e91a","first_seen":"2024-08-19T20:52:29.392669Z","last_seen":"2024-08-19T20:52:29.392669Z","times_seen":1,"resource_available":false,"data":null}},"time_used":218,"timings":{"blocked":66,"dns":0,"connect":65,"send":0,"wait":87,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"fq7maijj63hnkg.robotics-deployment.com/q3bCCwDV?sub1=oo\u0026keyword=gpetersen@slurpmail.net\u0026sub2=orange.es","fqdn":"fq7maijj63hnkg.robotics-deployment.com","domain":"robotics-deployment.com","tld":"com"},"ip":{"addr":"91.103.253.42","port":80,"asn":210644,"as":"Aeza International Ltd","country":"Switzerland","country_code":"CH"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-06-03T21:26:34.713Z","timestamp":1717449994713,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /q3bCCwDV?sub1=oo\u0026keyword=gpetersen@slurpmail.net\u0026sub2=orange.es HTTP/1.1\r\nHost: fq7maijj63hnkg.robotics-deployment.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Mon, 03 Jun 2024 21:26:34 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 0\r\nConnection: keep-alive\r\nCache-Control: no-cache, no-store, must-revalidate\r\nExpires: 0\r\nLocation: https://megodait.site/?s1=mqmq\u0026i_ema=gpetersen@slurpmail.net\u0026s3=oo\r\nPragma: no-cache\r\nSet-Cookie: _subid=376l60j2qdc5v; expires=Thu, 04 Jul 2024 21:26:34 GMT; path=/\nb15e4=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE3MlwiOjE3MTc0NDk5OTR9LFwiY2FtcGFpZ25zXCI6e1wiMzJcIjoxNzE3NDQ5OTk0fSxcInRpbWVcIjoxNzE3NDQ5OTk0fSJ9.3SgRbWofAE1-DpOmk7mUeytzO8oYwJDQz1k2w4YyX08; expires=Sun, 06 Nov 2078 18:53:08 GMT; path=/\r\nVary: Accept-Encoding\r\nAccess-Control-Allow-Origin: *\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T00:47:03.388486Z","times_seen":13352920,"resource_available":true,"data":null}},"time_used":209,"timings":{"blocked":39,"dns":0,"connect":39,"send":0,"wait":130,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2024-06-03T21:26:44Z","timestamp":1717450004,"ip_dst":{"addr":"172.18.0.23","port":51966,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"91.103.253.42","port":80,"asn":210644,"as":"Aeza International Ltd","country":"Switzerland","country_code":"CH"},"severity":"high","alert":"ETPRO WEB_CLIENT Evil Keitaro Set-Cookie Inbound (b15e4)","source":"{\"timestamp\":\"2024-06-03T21:26:44.932440+0000\",\"flow_id\":620831970091284,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"91.103.253.42\",\"src_port\":80,\"dest_ip\":\"172.18.0.23\",\"dest_port\":51966,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2852972,\"rev\":1,\"signature\":\"ETPRO WEB_CLIENT Evil Keitaro Set-Cookie Inbound (b15e4)\",\"category\":\"A Network Trojan was detected\",\"severity\":1,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2022_12_20\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"WEB_CLIENT\"],\"malware_family\":[\"KeitaroTDS\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Major\"],\"updated_at\":[\"2022_12_20\"]}},\"http\":{\"hostname\":\"fq7maijj63hnkg.robotics-deployment.com\",\"url\":\"/q3bCCwDV?sub1=oo\u0026keyword=gpetersen@slurpmail.net\u0026sub2=orange.es\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":302,\"redirect\":\"https://megodait.site/?s1=mqmq\u0026i_ema=gpetersen@slurpmail.net\u0026s3=oo\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":4,\"bytes_toserver\":812,\"bytes_toclient\":1021,\"start\":\"2024-06-03T21:26:34.712980+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-06-03T21:26:44Z","timestamp":1717450004,"ip_dst":{"addr":"172.18.0.23","port":51966,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"91.103.253.42","port":80,"asn":210644,"as":"Aeza International Ltd","country":"Switzerland","country_code":"CH"},"severity":"high","alert":"ETPRO WEB_CLIENT Evil Keitaro Set-Cookie Inbound (b15e4)","source":"{\"timestamp\":\"2024-06-03T21:26:44.932440+0000\",\"flow_id\":1996256591929620,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"91.103.253.42\",\"src_port\":80,\"dest_ip\":\"172.18.0.23\",\"dest_port\":51966,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2852972,\"rev\":1,\"signature\":\"ETPRO WEB_CLIENT Evil Keitaro Set-Cookie Inbound (b15e4)\",\"category\":\"A Network Trojan was detected\",\"severity\":1,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2022_12_20\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"WEB_CLIENT\"],\"malware_family\":[\"KeitaroTDS\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Major\"],\"updated_at\":[\"2022_12_20\"]}},\"http\":{\"hostname\":\"fq7maijj63hnkg.robotics-deployment.com\",\"url\":\"/q3bCCwDV?sub1=oo\u0026keyword=gpetersen@slurpmail.net\u0026sub2=orange.es\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":302,\"redirect\":\"https://megodait.site/?s1=mqmq\u0026i_ema=gpetersen@slurpmail.net\u0026s3=oo\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":4,\"bytes_toserver\":812,\"bytes_toclient\":1021,\"start\":\"2024-06-03T21:26:34.712980+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"megodait.site/landings/49/fonts/vendor.6b5b94f24f5f6faa046088f1cefa11fc.css","fqdn":"megodait.site","domain":"megodait.site","tld":"site"},"ip":{"addr":"104.21.49.150","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://megodait.site/?s1=mqmq\u0026i_ema=gpetersen@slurpmail.net\u0026s3=oo","date":"2024-06-03T21:26:35.478Z","timestamp":1717449995478,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"megodait.site","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 May 2024 17:31:30 GMT","end":"Fri, 02 Aug 2024 17:31:29 GMT"},"fingerprint":{"sha1":"E4:43:1B:23:F5:BF:70:BA:34:1E:C8:CF:45:92:20:01:ED:F4:9D:CE","sha256":"E7:5D:76:69:B4:8F:23:63:2A:F5:2A:A0:FE:47:E3:D6:54:F5:F5:23:3F:BB:60:41:9D:86:9D:5D:92:23:10:AE"}}},"request":{"raw":"GET /landings/49/fonts/vendor.6b5b94f24f5f6faa046088f1cefa11fc.css HTTP/1.1\r\nHost: megodait.site\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://megodait.site/?s1=mqmq\u0026i_ema=gpetersen@slurpmail.net\u0026s3=oo\r\nCookie: XSRF-TOKEN=eyJpdiI6IlVpS00vL3NHQm9rdXZWaFppWVM2TkE9PSIsInZhbHVlIjoialUwTnVPeURnd1lFV1A5YzM5N1ZhVU5wQmIrbDA2VUt1OG52MHUvTkZiMm1FbDNJdzJmL3dIQWplTzVDTTBxQyIsIm1hYyI6ImFkMmU0NjI0MmM2Yjk1MDM5YjkzYjAzOTQzNzkzNDFkYjI3MmZjZWIxN2U0OGQyZTA4NWZlNTE2OGY2NDkyOGEifQ%3D%3D; laravel_session=eyJpdiI6Ik1MVnMyaGFzRDlmU0c5SzAyWXVsREE9PSIsInZhbHVlIjoiQ0VNUkxhT3YxbTVjOG5FOHlDSFZlK0tXanhzN1RzZzEwNUljcW92TjMzS0d1K0VYSGFoMG9nUi8yREM3aVM1OCIsIm1hYyI6ImE4YmRiYWYyOWJlMmI1ZDkxNjVlMWY4YjEwOGMzMzMxYzgzOTE3OWRkZTRiNGI5OWRhOTM5NGMxNjlkMGVlMjcifQ%3D%3D; SRVNAME=w1\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 03 Jun 2024 21:26:35 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 09 Apr 2024 11:06:01 GMT\r\netag: W/\"66152119-3ee9\"\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=Kk0lK29wOoAqJBU3ePTkNnTMEWClQBDreGvaJQ8LLRlkT6CqpVCIv35lEfJ4AInx9C1Q8X7ctZ%2F6sJeRQCMD4lpbYkivWjb7vI1GBIh6kgtIeO8WJRG6qwqQRYqEWIK6\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 88e2c327c9dbbe47-CPH\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11017,"size_decoded":16105,"mime_type":"text/css","magic":"ASCII text, with very long lines (16104)","md5":"ab2d5df08523531ff8fab2c163ae1253","sha1":"29770fa082ba368e9467a7734cbc61aaabefe701","sha256":"006922627f31bf2111fb0921286bdd1bc39c282aa50a32ef2373f803d80c8ad1","sha512":"a8c722a5e0c6aee493e389daffbd946e0d8104aee06af41bee98f2a07f16ffb3dedcb2f03d248e05fec73a4ac8339e0b77c2961cbcc699dad0b442f2b8203f58","ssdeep":"384:LBSPZEHw5pDIvHrXwxPTvlxQPDvScakJhPrH:LB6ZEHwP3WPrSfkJhPrH","tlshash":"527264268eda207ff6370b7637ca1f586d1b552260194d3af52ea824cd86d770270f1a","first_seen":"2023-04-16T18:43:27Z","last_seen":"2024-08-31T08:27:57.774241Z","times_seen":16,"resource_available":false,"data":null}},"time_used":128,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":128,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-03","alert":"Sinkholed","trigger":"megodait.site","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"megodait.site/scripts/fp.v3.646d4b3deea4287def3fdfc18906bcc7.js","fqdn":"megodait.site","domain":"megodait.site","tld":"site"},"ip":{"addr":"104.21.49.150","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://megodait.site/?s1=mqmq\u0026i_ema=gpetersen@slurpmail.net\u0026s3=oo","date":"2024-06-03T21:26:35.477Z","timestamp":1717449995477,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"megodait.site","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 May 2024 17:31:30 GMT","end":"Fri, 02 Aug 2024 17:31:29 GMT"},"fingerprint":{"sha1":"E4:43:1B:23:F5:BF:70:BA:34:1E:C8:CF:45:92:20:01:ED:F4:9D:CE","sha256":"E7:5D:76:69:B4:8F:23:63:2A:F5:2A:A0:FE:47:E3:D6:54:F5:F5:23:3F:BB:60:41:9D:86:9D:5D:92:23:10:AE"}}},"request":{"raw":"GET /scripts/fp.v3.646d4b3deea4287def3fdfc18906bcc7.js HTTP/1.1\r\nHost: megodait.site\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://megodait.site/?s1=mqmq\u0026i_ema=gpetersen@slurpmail.net\u0026s3=oo\r\nCookie: XSRF-TOKEN=eyJpdiI6IlVpS00vL3NHQm9rdXZWaFppWVM2TkE9PSIsInZhbHVlIjoialUwTnVPeURnd1lFV1A5YzM5N1ZhVU5wQmIrbDA2VUt1OG52MHUvTkZiMm1FbDNJdzJmL3dIQWplTzVDTTBxQyIsIm1hYyI6ImFkMmU0NjI0MmM2Yjk1MDM5YjkzYjAzOTQzNzkzNDFkYjI3MmZjZWIxN2U0OGQyZTA4NWZlNTE2OGY2NDkyOGEifQ%3D%3D; laravel_session=eyJpdiI6Ik1MVnMyaGFzRDlmU0c5SzAyWXVsREE9PSIsInZhbHVlIjoiQ0VNUkxhT3YxbTVjOG5FOHlDSFZlK0tXanhzN1RzZzEwNUljcW92TjMzS0d1K0VYSGFoMG9nUi8yREM3aVM1OCIsIm1hYyI6ImE4YmRiYWYyOWJlMmI1ZDkxNjVlMWY4YjEwOGMzMzMxYzgzOTE3OWRkZTRiNGI5OWRhOTM5NGMxNjlkMGVlMjcifQ%3D%3D; SRVNAME=w1\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 03 Jun 2024 21:26:35 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Tue, 09 Apr 2024 11:06:23 GMT\r\netag: W/\"6615212f-9ca8\"\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nage: 1209\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=IWGE62aSIDB6LWgJZ2Jdfk4XPJAWjNN%2FVYzRJDsM%2Fr8X9xYoj%2Bfr9V1I35cCLqKjxo%2FTAPx0FwUDLxusDcmwxVwus7gSpXx41kAHtpgC8OM49zs0kcXLEoEx1Nq4jHdV\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 88e2c327c9ccbe47-CPH\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":324395,"size_decoded":40104,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (40096)","md5":"1d8ad98fe3471d1a74d485f9b4737bfc","sha1":"a1190f7bb41660f682d59e15c2606279da0792f7","sha256":"9aa12d141f3c41629c83ac95bf3bebab2b33bca7f8f8988bf64b53b57c73714c","sha512":"7fb9f2102417806125bb6cfc40d829f98ca8cb772b9ba847562a19b7e0e6e3e1a3e78ccf464a2409741ee9074d12ca521d305c3ae16ff774e2bb6e3c462dda51","ssdeep":"768:WTW1G6kf2ckxyISuNwxJDJzFE8CYtCgkbAIlIdlIZCwXy:ljvfxyI7N8JDJJEnYsgu3ZRC","tlshash":"be0329d872c7b01e5263697a157fa046ba3abd50750d8c07da3be1c07ca5d4a023bfb9","first_seen":"2023-04-05T13:38:28Z","last_seen":"2026-04-04T21:42:03.83416Z","times_seen":197863,"resource_available":true,"data":null}},"time_used":67,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":27,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-03","alert":"Sinkholed","trigger":"megodait.site","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"megodait.site/favicon.ico","fqdn":"megodait.site","domain":"megodait.site","tld":"site"},"ip":{"addr":"104.21.49.150","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://megodait.site/?s1=mqmq\u0026i_ema=gpetersen@slurpmail.net\u0026s3=oo","date":"2024-06-03T21:26:36.014Z","timestamp":1717449996014,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"megodait.site","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 May 2024 17:31:30 GMT","end":"Fri, 02 Aug 2024 17:31:29 GMT"},"fingerprint":{"sha1":"E4:43:1B:23:F5:BF:70:BA:34:1E:C8:CF:45:92:20:01:ED:F4:9D:CE","sha256":"E7:5D:76:69:B4:8F:23:63:2A:F5:2A:A0:FE:47:E3:D6:54:F5:F5:23:3F:BB:60:41:9D:86:9D:5D:92:23:10:AE"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: megodait.site\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://megodait.site/?s1=mqmq\u0026i_ema=gpetersen@slurpmail.net\u0026s3=oo\r\nCookie: XSRF-TOKEN=eyJpdiI6IlVpS00vL3NHQm9rdXZWaFppWVM2TkE9PSIsInZhbHVlIjoialUwTnVPeURnd1lFV1A5YzM5N1ZhVU5wQmIrbDA2VUt1OG52MHUvTkZiMm1FbDNJdzJmL3dIQWplTzVDTTBxQyIsIm1hYyI6ImFkMmU0NjI0MmM2Yjk1MDM5YjkzYjAzOTQzNzkzNDFkYjI3MmZjZWIxN2U0OGQyZTA4NWZlNTE2OGY2NDkyOGEifQ%3D%3D; laravel_session=eyJpdiI6Ik1MVnMyaGFzRDlmU0c5SzAyWXVsREE9PSIsInZhbHVlIjoiQ0VNUkxhT3YxbTVjOG5FOHlDSFZlK0tXanhzN1RzZzEwNUljcW92TjMzS0d1K0VYSGFoMG9nUi8yREM3aVM1OCIsIm1hYyI6ImE4YmRiYWYyOWJlMmI1ZDkxNjVlMWY4YjEwOGMzMzMxYzgzOTE3OWRkZTRiNGI5OWRhOTM5NGMxNjlkMGVlMjcifQ%3D%3D; SRVNAME=w1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 03 Jun 2024 21:26:36 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 0\r\nlast-modified: Tue, 09 Apr 2024 11:06:20 GMT\r\netag: \"6615212c-0\"\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nage: 3623\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=3QygW6CqpaZq0NPe4P1XLMELXirlzVMDx9MG3vjGWqQS6StxUD%2B3GEuRxmGAMLQp4vOPmmTIrJTa6ByuBfv52nH3bePOFfotoDaxUVeQRcuEDLjlfdSHbWeF5OCw2tHR\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 88e2c32b2fa7be47-CPH\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/x-icon","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T00:47:03.388486Z","times_seen":13352920,"resource_available":true,"data":null}},"time_used":37,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-03","alert":"Sinkholed","trigger":"megodait.site","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"megodait.site/landings/49/images/8.png","fqdn":"megodait.site","domain":"megodait.site","tld":"site"},"ip":{"addr":"104.21.49.150","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://megodait.site/?s1=mqmq\u0026i_ema=gpetersen@slurpmail.net\u0026s3=oo","date":"2024-06-03T21:26:35.801Z","timestamp":1717449995801,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"megodait.site","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 May 2024 17:31:30 GMT","end":"Fri, 02 Aug 2024 17:31:29 GMT"},"fingerprint":{"sha1":"E4:43:1B:23:F5:BF:70:BA:34:1E:C8:CF:45:92:20:01:ED:F4:9D:CE","sha256":"E7:5D:76:69:B4:8F:23:63:2A:F5:2A:A0:FE:47:E3:D6:54:F5:F5:23:3F:BB:60:41:9D:86:9D:5D:92:23:10:AE"}}},"request":{"raw":"GET /landings/49/images/8.png HTTP/1.1\r\nHost: megodait.site\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://megodait.site/landings/49/fonts/vendor.6b5b94f24f5f6faa046088f1cefa11fc.css\r\nCookie: XSRF-TOKEN=eyJpdiI6IlVpS00vL3NHQm9rdXZWaFppWVM2TkE9PSIsInZhbHVlIjoialUwTnVPeURnd1lFV1A5YzM5N1ZhVU5wQmIrbDA2VUt1OG52MHUvTkZiMm1FbDNJdzJmL3dIQWplTzVDTTBxQyIsIm1hYyI6ImFkMmU0NjI0MmM2Yjk1MDM5YjkzYjAzOTQzNzkzNDFkYjI3MmZjZWIxN2U0OGQyZTA4NWZlNTE2OGY2NDkyOGEifQ%3D%3D; laravel_session=eyJpdiI6Ik1MVnMyaGFzRDlmU0c5SzAyWXVsREE9PSIsInZhbHVlIjoiQ0VNUkxhT3YxbTVjOG5FOHlDSFZlK0tXanhzN1RzZzEwNUljcW92TjMzS0d1K0VYSGFoMG9nUi8yREM3aVM1OCIsIm1hYyI6ImE4YmRiYWYyOWJlMmI1ZDkxNjVlMWY4YjEwOGMzMzMxYzgzOTE3OWRkZTRiNGI5OWRhOTM5NGMxNjlkMGVlMjcifQ%3D%3D; SRVNAME=w1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 03 Jun 2024 21:26:35 GMT\r\ncontent-type: image/png\r\ncontent-length: 197562\r\nlast-modified: Tue, 09 Apr 2024 11:06:01 GMT\r\netag: \"66152119-303ba\"\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=Qtr%2BM7Dg6oTILIV5Qbmo9nbAlzpWii9GNKcUebOSiPFvs98nmzRU0Zf5LNT2xowWZ60QcvmHfDzBjBusXiX7t96w%2FJzn6H8jGm8kxmY7MPYaK7AhHfALeKDHn1YIbcvz\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 88e2c329dd24be47-CPH\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":197562,"size_decoded":197562,"mime_type":"image/png","magic":"PNG image data, 1366 x 818, 8-bit colormap, non-interlaced","md5":"4772fbf81f7ce2e460c0c95405dec021","sha1":"5b608dbd10a2b088c734948df093e5c68eee7b38","sha256":"72dbb2aac4b0cf2baf6f2c898ab609fd6a0594de7535a5be4d95b833f3f9aeae","sha512":"19c248330d1ca00e9828e1c8ecb52c4a6247a54301fc38c4aad07b7ff7de7cd69df54f53ac3965e4f7f184ab80c64a6058535816c631ef04b7ab48d4fd43bd4b","ssdeep":"6144:qsl2qbDVve1Dqe66oFUUJSsqjbzo8teMsJfl5SWta:qO2IDopVUJ1sbReMsL5za","tlshash":"19141260465d43a1810a4d4b226a8c1efadff8b8c6736b0c917d7f09abeccd6e1453d6","first_seen":"2023-07-25T09:32:36Z","last_seen":"2024-08-31T08:27:57.765926Z","times_seen":15,"resource_available":false,"data":null}},"time_used":322,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":193,"receive":129,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-03","alert":"Sinkholed","trigger":"megodait.site","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pornhub.com/video/manage?o=mr\u0026t=pr2","fqdn":"pornhub.com","domain":"pornhub.com","tld":"com"},"ip":{"addr":"66.254.114.41","port":0,"asn":29789,"as":"REFLECTED","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://megodait.site/?s1=mqmq\u0026i_ema=gpetersen@slurpmail.net\u0026s3=oo","date":"2024-06-03T21:26:36.164Z","timestamp":1717449996164,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pornhub.com","organization":"AYLO Freesites Ltd"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 15 Jan 2024 00:00:00 GMT","end":"Fri, 14 Feb 2025 23:59:59 GMT"},"fingerprint":{"sha1":"D6:BD:14:72:10:1B:49:A3:2B:24:7E:E7:CF:F6:A0:38:5E:5A:3F:DE","sha256":"68:17:25:22:36:45:1F:24:41:1B:49:1E:66:C1:B3:92:04:34:6B:1E:22:E4:AC:57:5A:21:07:78:94:E4:DC:27"}}},"request":{"raw":"GET /video/manage?o=mr\u0026t=pr2 HTTP/1.1\r\nHost: pornhub.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://megodait.site/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\ncontent-length: 0\r\nlocation: https://www.pornhub.com/video/manage?o=mr\u0026t=pr2\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T00:47:03.388486Z","times_seen":13352920,"resource_available":true,"data":null}},"time_used":239,"timings":{"blocked":100,"dns":1,"connect":21,"send":0,"wait":22,"receive":1,"ssl":91},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"megodait.site/landings/49/fonts/Lato/Lato-Regular.woff","fqdn":"megodait.site","domain":"megodait.site","tld":"site"},"ip":{"addr":"104.21.49.150","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://megodait.site/?s1=mqmq\u0026i_ema=gpetersen@slurpmail.net\u0026s3=oo","date":"2024-06-03T21:26:35.805Z","timestamp":1717449995805,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"megodait.site","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 May 2024 17:31:30 GMT","end":"Fri, 02 Aug 2024 17:31:29 GMT"},"fingerprint":{"sha1":"E4:43:1B:23:F5:BF:70:BA:34:1E:C8:CF:45:92:20:01:ED:F4:9D:CE","sha256":"E7:5D:76:69:B4:8F:23:63:2A:F5:2A:A0:FE:47:E3:D6:54:F5:F5:23:3F:BB:60:41:9D:86:9D:5D:92:23:10:AE"}}},"request":{"raw":"GET /landings/49/fonts/Lato/Lato-Regular.woff HTTP/1.1\r\nHost: megodait.site\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://megodait.site/landings/49/fonts/vendor.6b5b94f24f5f6faa046088f1cefa11fc.css\r\nCookie: XSRF-TOKEN=eyJpdiI6IlVpS00vL3NHQm9rdXZWaFppWVM2TkE9PSIsInZhbHVlIjoialUwTnVPeURnd1lFV1A5YzM5N1ZhVU5wQmIrbDA2VUt1OG52MHUvTkZiMm1FbDNJdzJmL3dIQWplTzVDTTBxQyIsIm1hYyI6ImFkMmU0NjI0MmM2Yjk1MDM5YjkzYjAzOTQzNzkzNDFkYjI3MmZjZWIxN2U0OGQyZTA4NWZlNTE2OGY2NDkyOGEifQ%3D%3D; laravel_session=eyJpdiI6Ik1MVnMyaGFzRDlmU0c5SzAyWXVsREE9PSIsInZhbHVlIjoiQ0VNUkxhT3YxbTVjOG5FOHlDSFZlK0tXanhzN1RzZzEwNUljcW92TjMzS0d1K0VYSGFoMG9nUi8yREM3aVM1OCIsIm1hYyI6ImE4YmRiYWYyOWJlMmI1ZDkxNjVlMWY4YjEwOGMzMzMxYzgzOTE3OWRkZTRiNGI5OWRhOTM5NGMxNjlkMGVlMjcifQ%3D%3D; SRVNAME=w1\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 03 Jun 2024 21:26:36 GMT\r\ncontent-type: application/font-woff\r\ncontent-length: 308680\r\nlast-modified: Tue, 09 Apr 2024 11:06:01 GMT\r\netag: \"66152119-4b5c8\"\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nage: 1\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=1Wo2jT3wnRxjAnhZd4wmlsLol1%2FDlTxJD2h9EP8YAX%2B%2FUmez3DoLyhNQGPKWct7CWbo%2FUC3ccfAUVL6N5klf%2BGF0dvQIv3scf%2BiWjjwqByjU0jKw8gIuG23H3Kr4DXoy\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 88e2c32d1b26be47-CPH\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":308680,"size_decoded":308680,"mime_type":"application/font-woff","magic":"Web Open Font Format, TrueType, length 308680, version 0.0","md5":"cd6c6aac15595c65e75760bce456198a","sha1":"43f6b15d9dedd33637cc5f34d80f7f2613bc28a6","sha256":"7cf624c2cd85b4ac2c7b44b09627034156408931974cdbcec6df1223ea7a24e3","sha512":"64eddf2a6c9447a0f7f7e8ce90f798625bc44c7e58faa3162c70e5f217f446b914b60d0bffc614a92835709bd7af4b10e84c89fb45c63677672c3e52a87b627d","ssdeep":"6144:zlck6aUI+tXd2W/fnSoqxH1jApMpnbP+upsJH3H:zld3T+tXd1fnSBxKujDs1","tlshash":"ab64236fd834aa76828ff4b7f856f2b783c1d24891f67c188a460742c7fd4986a63134","first_seen":"2023-04-07T13:43:21Z","last_seen":"2026-04-01T13:33:13.292694Z","times_seen":116,"resource_available":false,"data":null}},"time_used":237,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":127,"receive":110,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-03","alert":"Sinkholed","trigger":"megodait.site","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.pornhub.com/login","fqdn":"www.pornhub.com","domain":"pornhub.com","tld":"com"},"ip":{"addr":"66.254.114.41","port":0,"asn":29789,"as":"REFLECTED","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://megodait.site/?s1=mqmq\u0026i_ema=gpetersen@slurpmail.net\u0026s3=oo","date":"2024-06-03T21:26:36.508Z","timestamp":1717449996508,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pornhub.com","organization":"AYLO Freesites Ltd"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 15 Jan 2024 00:00:00 GMT","end":"Fri, 14 Feb 2025 23:59:59 GMT"},"fingerprint":{"sha1":"D6:BD:14:72:10:1B:49:A3:2B:24:7E:E7:CF:F6:A0:38:5E:5A:3F:DE","sha256":"68:17:25:22:36:45:1F:24:41:1B:49:1E:66:C1:B3:92:04:34:6B:1E:22:E4:AC:57:5A:21:07:78:94:E4:DC:27"}}},"request":{"raw":"GET /login HTTP/1.1\r\nHost: www.pornhub.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://megodait.site/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 03 Jun 2024 21:26:36 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nset-cookie: platform=pc; expires=Mon, 10-Jun-2024 21:26:36 GMT; Max-Age=604800; path=/; domain=pornhub.com; secure\nss=771901747005447749; expires=Tue, 03-Jun-2025 21:26:36 GMT; Max-Age=31536000; path=/; domain=pornhub.com; secure\n__s=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=pornhub.com; secure\n__l=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=pornhub.com; secure\n__s=665E350C-42FE722901BB2082F3-564C5FA; Secure; Samesite=None\n__l=665E350C-42FE722901BB2082F3-564C5FA; Secure; Samesite=None; Max-Age=31556926\r\nx-frame-options: SAMEORIGIN\r\ncache-control: no-cache, no-store, must-revalidate\r\npragma: no-cache\r\nvary: User-Agent\r\nrating: RTA-5042-1996-1400-1577-RTA\r\ncontent-encoding: gzip\r\naccept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":89881,"size_decoded":89881,"mime_type":"","magic":"gzip compressed data, max speed, from Unix","md5":"45d534f4104f90fff261ecc0410d7843","sha1":"872beabeedd13463626cdf7b1ebc40452947e42f","sha256":"ebfb7c75348009908923e0ec941af3a63438e5c38215688a6e2e482222a16066","sha512":"e6d153a253f76089256523d2decedd0d9459730c011512642693beb0f583aa59263516a0042f0d9ac46eb111c013277570764963e550b614eb5ccd297f37097a","ssdeep":"1536:o2Lr8uFDFtaDLOKBk8bmhRjFKbPPdkk+m4J/YcUAx0TGjgFrTvapfN/JgzKudZE6:osoXDaKLmhCFsQux0TGj6ep1/OzKu86","tlshash":"a49302c9b5401ab311db511cbf051863899eb37ad8968b015bf83fd5279c9b0fbdb181","first_seen":"2024-08-19T20:52:29.397452Z","last_seen":"2024-08-19T20:52:29.397452Z","times_seen":1,"resource_available":false,"data":null}},"time_used":50,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":50,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100","fqdn":"lh3.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.110","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://megodait.site/?s1=mqmq\u0026i_ema=gpetersen@slurpmail.net\u0026s3=oo","date":"2024-06-03T21:26:36.606Z","timestamp":1717449996606,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 13 May 2024 06:34:53 GMT","end":"Mon, 05 Aug 2024 06:34:52 GMT"},"fingerprint":{"sha1":"30:F9:AB:54:EF:99:7C:03:35:58:25:98:7E:AD:77:64:88:9E:1F:99","sha256":"F5:C0:89:C0:43:12:75:30:6F:0B:1A:DE:09:DF:34:7C:2E:7A:F2:3B:BA:0A:FC:57:5C:30:A8:0C:CD:8D:4B:EF"}}},"request":{"raw":"GET /u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100 HTTP/1.1\r\nHost: lh3.google.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nlocation: https://accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100\u0026hl=en\r\ncache-control: private\r\nvary: Origin\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Mon, 03 Jun 2024 21:26:36 GMT\r\nserver: fife\r\ncontent-length: 337\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":337,"size_decoded":337,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"66a43eafe19fd2e9782007272dd06ced","sha1":"9d5112f8b4482ef224d10b0d0a17bfaf053e8e23","sha256":"f432da756645f1aa0bdfff17c86556d7343c5ae482f941597552d9701560d6bb","sha512":"cd7f21d06bc9b8b09952b0c60efa9a87890ef0f2e66d13c46c42a56f99c3320a6b00fae45cee11864acdff7784c570626e90d2270f94bc987d35a57aaf580b4f","ssdeep":"","tlshash":"a8e026fb5c8c24a71663bae5781995b8d8612209954ae98e86b4092408e8e2d81c26e1","first_seen":"2023-04-05T13:38:28Z","last_seen":"2025-02-23T06:32:43.876331Z","times_seen":1228,"resource_available":false,"data":null}},"time_used":423,"timings":{"blocked":198,"dns":0,"connect":9,"send":0,"wait":26,"receive":0,"ssl":184},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.xvideos.com/favorite/90902157/mk_1123","fqdn":"www.xvideos.com","domain":"xvideos.com","tld":"com"},"ip":{"addr":"185.88.181.2","port":443,"asn":46652,"as":"SERVERSTACK-ASN","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://megodait.site/?s1=mqmq\u0026i_ema=gpetersen@slurpmail.net\u0026s3=oo","date":"2024-06-03T21:26:36.149Z","timestamp":1717449996149,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.xvideos.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Sun, 21 Jan 2024 00:00:00 GMT","end":"Mon, 27 Jan 2025 23:59:59 GMT"},"fingerprint":{"sha1":"2C:4F:6C:92:E4:3F:3E:7B:FD:E2:28:A6:4C:76:4E:23:82:C0:B3:5B","sha256":"84:D6:41:A6:94:D0:5E:4D:C2:C5:EA:C6:4E:67:7E:8A:65:1A:57:BA:E0:5A:15:34:61:E5:F6:20:38:E6:1F:04"}}},"request":{"raw":"GET /favorite/90902157/mk_1123 HTTP/1.1\r\nHost: www.xvideos.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://megodait.site/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Mon, 03 Jun 2024 21:26:36 GMT\r\nP3p: policyref=\"/p3p.xml\", CP=\"NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT\"\r\nAccept-Ch: Viewport-Width, Width, Device-Memory, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness\r\nVary: Accept-Encoding,User-Agent,Accept-Language,Cookie\r\nX-Frame-Options: SAMEORIGIN\r\nReport-To: {\"group\": \"csp-endpoint\", \"max_age\": 10886400, \"endpoints\": [ { \"url\": \"https://www.xvideos.com/csp-reports\" } ] }\r\nContent-Security-Policy: default-src 'self' data: 'unsafe-inline' 'unsafe-eval' blob: *.xvideos.com *.xnxx.com *.red-cdn.com *.gold-cdn.com *.xvideos-cdn.com *.xnxx-cdn.com *.others-cdn.com 1868565294.rsc.cdn77.org static.cloudflareinsights.com www.google.com www.gstatic.com fonts.gstatic.com fonts.googleapis.com ajax.googleapis.com fcm.googleapis.com accounts.google.com *.cdn77.org  *.nk-img.com  *.segpay.com  *.online-metrix.net *.vscdns.com *.vsmvideo.com www.tjk-njk.com *.orbsrv.com *.opoxv.com *.exdynsrv.com *.afcdn.net *.aucdn.net *.tf4srv.com *.aacdn.net *.adglare.net www.flirt4free.com www.ohmybutt.com www.secretpartners.com *.asf4f.us *.livejasmin.com *.jsmcrptjmp.com *.awemwh.com etahub.com ctrack.trafficjunky.net tracking.sexcash.com *.gtflixtv.com wss://*.1ka.com https://*.1ka.com https://media.1ka.com https://u.1ka.com https://n.1ka.com;img-src 'self' 'unsafe-inline' data: blob: *.xvideos.com *.xnxx.com *.red-cdn.com *.gold-cdn.com *.xvideos-cdn.com *.xnxx-cdn.com *.others-cdn.com *.cdn77.org www.google.com www.google-analytics.com ssl.gstatic.com *.nk-img.com *.camster.com data-cdn.pornbiz.com *.vscdns.com *.vsmvideo.com *.doubleclick.net *.google.fr *.google.com *.segpay.com *.online-metrix.net cdn.asf4f.us *.gtflixtv.com *.1ka.com *.orbsrv.com *.exdynsrv.com *.afcdn.net *.aucdn.net *.justservingfiles.net *.tf4srv.com *.aacdn.net *.rtbsuperhub.com; report-uri https://www.xvideos.com/csp-reports; report-to csp-endpoint\r\nReferrer-Policy: no-referrer-when-downgrade\r\nX-Robots-Tag: noindex\r\nTransfer-Encoding: chunked\r\nContent-Type: text/html; charset=utf-8\r\nServer: nginx\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":14649,"size_decoded":14649,"mime_type":"text/html; charset=utf-8","magic":"data","md5":"afcbbd34298f58fa25c6b40ca3b10312","sha1":"e9f7e7518b2d5456f4e4efa3507467c5edcd248d","sha256":"74858afca756b27a17f3ca44c12325c00dce4e354b371dd2f7db60f7ce2b1d38","sha512":"64311d9fad9b7d1f4d25f6858387f2e4d48784c21cd1878af9ab056f3e9eaa731be01ce62a31221376bcae47346823aef988cf6d450cca131e7ce8be710b14d0","ssdeep":"192:4gqONut4X90YXs5x9zcZtilf7W0Pb25WG/cmbyVyY/RODCM:xqOstK90bTcPcGUX/O7","tlshash":"3a62443d006eacaecdf3e5c35907051c57676a55f08aec5ce79ead4f50a70c0822e9ab","first_seen":"2024-08-19T20:52:29.399102Z","last_seen":"2024-08-19T20:52:29.399102Z","times_seen":1,"resource_available":false,"data":null}},"time_used":527,"timings":{"blocked":228,"dns":60,"connect":17,"send":0,"wait":60,"receive":2,"ssl":153},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"o.pki.goog/wr2","fqdn":"o.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-06-03T21:26:36.952060899Z","timestamp":1717449996952,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /wr2 HTTP/1.1\r\nHost: o.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 83\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Mon, 03 Jun 2024 21:26:36 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 471\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":471,"size_decoded":471,"mime_type":"application/octet-stream","magic":"data","md5":"bafb5c04d463cb4dffbdca55262dae3d","sha1":"92669b306a805a25de18bf8be768b0943589704b","sha256":"1efd9ae117785bc26f1d6be671f7539a559c517679731391d4b3af00a168bd63","sha512":"47cdec2f41ac1365176a387dd5f88b5d9793eccd810efc5e924423c356ebc12f00ab7c1f2bc6f867d3135e2275741f7cfd6770f7c0346943a9d6d9b53e2c7449","ssdeep":"","tlshash":"d8f0dc2807b9b820e9038caa9acde4b364a00ada240c74592234e5f5286df9b1a05b68","first_seen":"2024-06-03T18:53:45Z","last_seen":"2024-08-19T20:54:21.620737Z","times_seen":38,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100\u0026hl=en","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"64.233.165.84","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://megodait.site/?s1=mqmq\u0026i_ema=gpetersen@slurpmail.net\u0026s3=oo","date":"2024-06-03T21:26:36.838Z","timestamp":1717449996838,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accounts.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 13 May 2024 07:36:16 GMT","end":"Mon, 05 Aug 2024 07:36:15 GMT"},"fingerprint":{"sha1":"22:6B:45:EF:D4:F4:EB:FF:56:89:7F:D7:12:E0:A7:3B:12:AE:76:87","sha256":"3F:6B:49:F0:46:20:2D:BA:59:CF:00:40:7A:B1:E0:0C:BD:26:34:5C:D6:D1:DD:53:8E:25:E7:85:09:FC:1F:D3"}}},"request":{"raw":"GET /ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100\u0026hl=en HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncontent-type: application/binary\r\nset-cookie: __Host-GAPS=1:-4SvtiMTzUR4-fRbS5WbuexNAl6J8w:l0BoxUGOj9mvTW3o; Expires=Wed, 03-Jun-2026 21:26:36 GMT; Path=/; Secure; HttpOnly; Priority=HIGH\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Mon, 03 Jun 2024 21:26:36 GMT\r\nlocation: https://accounts.google.com/InteractiveLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100\u0026hl=en\u0026ifkv=AS5LTASIs3jYVT2ktt2cZyRk8T9N_2rPir0UjK_zbWtMhdEnfhBvhTSXsKDQqc4Q98GAuQYxs2P28w\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\npermissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: unsafe-none\r\ncontent-security-policy: script-src 'nonce-n4X2OtZDVFAEt-vxzbeVxQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport\r\nserver: ESF\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T00:47:03.388486Z","times_seen":13352920,"resource_available":true,"data":null}},"time_used":263,"timings":{"blocked":117,"dns":16,"connect":15,"send":0,"wait":28,"receive":1,"ssl":80},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/InteractiveLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100\u0026hl=en\u0026ifkv=AS5LTASIs3jYVT2ktt2cZyRk8T9N_2rPir0UjK_zbWtMhdEnfhBvhTSXsKDQqc4Q98GAuQYxs2P28w","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"64.233.165.84","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://megodait.site/?s1=mqmq\u0026i_ema=gpetersen@slurpmail.net\u0026s3=oo","date":"2024-06-03T21:26:36.990Z","timestamp":1717449996990,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accounts.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 13 May 2024 07:36:16 GMT","end":"Mon, 05 Aug 2024 07:36:15 GMT"},"fingerprint":{"sha1":"22:6B:45:EF:D4:F4:EB:FF:56:89:7F:D7:12:E0:A7:3B:12:AE:76:87","sha256":"3F:6B:49:F0:46:20:2D:BA:59:CF:00:40:7A:B1:E0:0C:BD:26:34:5C:D6:D1:DD:53:8E:25:E7:85:09:FC:1F:D3"}}},"request":{"raw":"GET /InteractiveLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100\u0026hl=en\u0026ifkv=AS5LTASIs3jYVT2ktt2cZyRk8T9N_2rPir0UjK_zbWtMhdEnfhBvhTSXsKDQqc4Q98GAuQYxs2P28w HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncontent-type: text/html; charset=UTF-8\r\nset-cookie: __Host-GAPS=1:x30YtqGiu0Z4yMhR5ZeMiy5X2ie0Cw:FDT4wkxb9X5bL5Rj;Path=/;Expires=Wed, 03-Jun-2026 21:26:37 GMT;Secure;HttpOnly;Priority=HIGH\r\nx-frame-options: DENY\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Mon, 03 Jun 2024 21:26:37 GMT\r\nlocation: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100\u0026hl=en\u0026ifkv=AS5LTATo7HSL4-KJbjTHj4YO1EkhVHEwa3ByBgPWrdEBLzMOIfhIEXO6yPZ3t1YXINxBw9blcZKG\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin\u0026dsh=S-668949794%3A1717449997021458\u0026ddm=0\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_gse_qebhlk\"\r\ncontent-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-Vyusv6fWYYak46J6u2pvwg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport\r\nreport-to: {\"group\":\"coop_gse_qebhlk\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gse_qebhlk\"}]}\r\ncontent-encoding: gzip\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-length: 434\r\nserver: GSE\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":434,"size_decoded":560,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (394)","md5":"d9cad6ed926be202aa6068293eaedbf4","sha1":"d7305996998111172599f71716f1e8c613dc5895","sha256":"bb9263fc320a5a7e8a2e3a8e8a6f104372a5de2c612e7f5041ba16cb41e505f5","sha512":"6e4779b5c33ebe4d66694fc818e207fceaf998a5802b4263add8d2b2a8d438e85e7bb23a2010b025e6ca168075e5859b5d528a1e1524b6a984e9ec4961be3830","ssdeep":"","tlshash":"65f0816b0e8911e6580369f6b810709ce4b5291c34d9b4b920f59705099891e65523b5","first_seen":"2024-08-19T20:52:29.401133Z","last_seen":"2024-08-19T20:52:29.401133Z","times_seen":1,"resource_available":false,"data":null}},"time_used":61,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":61,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"o.pki.goog/wr2","fqdn":"o.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-06-03T21:26:37.080801Z","timestamp":1717449997080,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /wr2 HTTP/1.1\r\nHost: o.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 84\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Mon, 03 Jun 2024 21:26:37 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 472\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":472,"size_decoded":472,"mime_type":"application/octet-stream","magic":"data","md5":"e67f397f242ad05a9078ccb72dc7f457","sha1":"aae5b51a71e8f3d55aac53ca1335ff61769f9247","sha256":"ad5800b7511e35108be6a5a38bbffc24a2b938dbd11ddf1657c8d984787bd702","sha512":"f14e8848f6c583c695cc19805ebb5aead0e2a3662f7294d56b12d09579ce89370804b2c29b5606d94e3fba4a9e447a73c2417826eeaa146569227932cbda4f10","ssdeep":"","tlshash":"25f0d444b9f37f098f11cc59a5ccbb5538c55fd46d581a093936b34159449be0704fd8","first_seen":"2024-06-03T13:34:59Z","last_seen":"2024-08-19T20:55:41.115821Z","times_seen":54,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"megodait.site/landings/49/js/vendor.f8ad85bd679257f7baca823f7bbac294.js","fqdn":"megodait.site","domain":"megodait.site","tld":"site"},"ip":{"addr":"104.21.49.150","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://megodait.site/?s1=mqmq\u0026i_ema=gpetersen@slurpmail.net\u0026s3=oo","date":"2024-06-03T21:26:35.480Z","timestamp":1717449995480,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"megodait.site","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 May 2024 17:31:30 GMT","end":"Fri, 02 Aug 2024 17:31:29 GMT"},"fingerprint":{"sha1":"E4:43:1B:23:F5:BF:70:BA:34:1E:C8:CF:45:92:20:01:ED:F4:9D:CE","sha256":"E7:5D:76:69:B4:8F:23:63:2A:F5:2A:A0:FE:47:E3:D6:54:F5:F5:23:3F:BB:60:41:9D:86:9D:5D:92:23:10:AE"}}},"request":{"raw":"GET /landings/49/js/vendor.f8ad85bd679257f7baca823f7bbac294.js HTTP/1.1\r\nHost: megodait.site\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://megodait.site/?s1=mqmq\u0026i_ema=gpetersen@slurpmail.net\u0026s3=oo\r\nCookie: XSRF-TOKEN=eyJpdiI6IlVpS00vL3NHQm9rdXZWaFppWVM2TkE9PSIsInZhbHVlIjoialUwTnVPeURnd1lFV1A5YzM5N1ZhVU5wQmIrbDA2VUt1OG52MHUvTkZiMm1FbDNJdzJmL3dIQWplTzVDTTBxQyIsIm1hYyI6ImFkMmU0NjI0MmM2Yjk1MDM5YjkzYjAzOTQzNzkzNDFkYjI3MmZjZWIxN2U0OGQyZTA4NWZlNTE2OGY2NDkyOGEifQ%3D%3D; laravel_session=eyJpdiI6Ik1MVnMyaGFzRDlmU0c5SzAyWXVsREE9PSIsInZhbHVlIjoiQ0VNUkxhT3YxbTVjOG5FOHlDSFZlK0tXanhzN1RzZzEwNUljcW92TjMzS0d1K0VYSGFoMG9nUi8yREM3aVM1OCIsIm1hYyI6ImE4YmRiYWYyOWJlMmI1ZDkxNjVlMWY4YjEwOGMzMzMxYzgzOTE3OWRkZTRiNGI5OWRhOTM5NGMxNjlkMGVlMjcifQ%3D%3D; SRVNAME=w1\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 03 Jun 2024 21:26:35 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Tue, 09 Apr 2024 11:06:01 GMT\r\netag: W/\"66152119-191d8\"\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=wyVcT5ZOsmcKrCmsdLM9Gmrl6LVxmUQq6bI%2BzgpEqTKya2R%2BoNuVAugye9iXSIjiBZ2A55clTjpLopTXcgWYd5vUTE4AbZz4BRfq8%2BLT%2BOfiKs7kJtU%2B5C%2BuYyavL3AO\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 88e2c327c9e8be47-CPH\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":102872,"size_decoded":102872,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"a7d8f9c893a35d600f60ff85606f211c","sha1":"6cbaf746a3dd15218b67489dd419494fedf1102e","sha256":"e4bfe00cbde71eb0b3f89160adb365838d7267a417d9f575dcbabe8b839362ef","sha512":"34c06956fda63d3c107a97d358113b616679019afdc4c13f43638d65583b7d712f22443411d2d40bd33e8aaf8a27edd01e2941e0c4537e21a25bf3c8ad23adbe","ssdeep":"1536:ZtXKfvi66SyGSA+6KXHbxmyEeprjnic6s97O9aprgrH9DOEntBs9mpg0jEhfZm0Q:rb9zpadCWgdhfZOmtJWrXX","tlshash":"4ba32bddb2c9712247a730b940bf550bf1362959680d8804f129d8eabc78e4e627bf7d","first_seen":"2023-05-05T23:28:41Z","last_seen":"2024-08-21T08:48:41.16471Z","times_seen":129,"resource_available":true,"data":null}},"time_used":199,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":172,"receive":27,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-03","alert":"Sinkholed","trigger":"megodait.site","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100\u0026hl=en\u0026ifkv=AS5LTATo7HSL4-KJbjTHj4YO1EkhVHEwa3ByBgPWrdEBLzMOIfhIEXO6yPZ3t1YXINxBw9blcZKG\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin\u0026dsh=S-668949794%3A1717449997021458\u0026ddm=0","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"64.233.165.84","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://megodait.site/?s1=mqmq\u0026i_ema=gpetersen@slurpmail.net\u0026s3=oo","date":"2024-06-03T21:26:37.060Z","timestamp":1717449997060,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accounts.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 13 May 2024 07:36:16 GMT","end":"Mon, 05 Aug 2024 07:36:15 GMT"},"fingerprint":{"sha1":"22:6B:45:EF:D4:F4:EB:FF:56:89:7F:D7:12:E0:A7:3B:12:AE:76:87","sha256":"3F:6B:49:F0:46:20:2D:BA:59:CF:00:40:7A:B1:E0:0C:BD:26:34:5C:D6:D1:DD:53:8E:25:E7:85:09:FC:1F:D3"}}},"request":{"raw":"GET /v3/signin/identifier?continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100\u0026hl=en\u0026ifkv=AS5LTATo7HSL4-KJbjTHj4YO1EkhVHEwa3ByBgPWrdEBLzMOIfhIEXO6yPZ3t1YXINxBw9blcZKG\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin\u0026dsh=S-668949794%3A1717449997021458\u0026ddm=0 HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ncontent-type: text/html; charset=utf-8\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Mon, 03 Jun 2024 21:26:37 GMT\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncontent-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-sPw6190n9eLVqObEKX7x0g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"AccountsSignInUi\"\r\nreport-to: {\"group\":\"AccountsSignInUi\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi\"}]}\r\npermissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T00:47:03.388486Z","times_seen":13352920,"resource_available":true,"data":null}},"time_used":57,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":57,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.amateur-exhibitionist.org/cgi-bin/dftop/out.cgi?ses=BU3PYj6rZv\u0026id=59\u0026url=http://fq7maijj63hnkg.robotics-deployment.com/q3bCCwDV?sub1=oo\u0026keyword=gpetersen@slurpmail.net\u0026sub2=orange.es","fqdn":"www.amateur-exhibitionist.org","domain":"amateur-exhibitionist.org","tld":"org"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-06-03T21:26:34.046Z","timestamp":1717449994046,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET /cgi-bin/dftop/out.cgi?ses=BU3PYj6rZv\u0026id=59\u0026url=http://fq7maijj63hnkg.robotics-deployment.com/q3bCCwDV?sub1=oo\u0026keyword=gpetersen@slurpmail.net\u0026sub2=orange.es HTTP/1.1\r\nHost: www.amateur-exhibitionist.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T00:47:03.388486Z","times_seen":13352920,"resource_available":true,"data":null}},"time_used":269,"timings":{"blocked":269,"dns":0,"connect":70,"send":0,"wait":0,"receive":0,"ssl":64},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"megodait.site/?s1=mqmq\u0026i_ema=gpetersen@slurpmail.net\u0026s3=oo","fqdn":"megodait.site","domain":"megodait.site","tld":"site"},"ip":{"addr":"104.21.49.150","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-06-03T21:26:34.886Z","timestamp":1717449994886,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"megodait.site","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 May 2024 17:31:30 GMT","end":"Fri, 02 Aug 2024 17:31:29 GMT"},"fingerprint":{"sha1":"E4:43:1B:23:F5:BF:70:BA:34:1E:C8:CF:45:92:20:01:ED:F4:9D:CE","sha256":"E7:5D:76:69:B4:8F:23:63:2A:F5:2A:A0:FE:47:E3:D6:54:F5:F5:23:3F:BB:60:41:9D:86:9D:5D:92:23:10:AE"}}},"request":{"raw":"GET /?s1=mqmq\u0026i_ema=gpetersen@slurpmail.net\u0026s3=oo HTTP/1.1\r\nHost: megodait.site\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 03 Jun 2024 21:26:35 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, must-revalidate\r\npragma: no-cache\r\nexpires: -1\r\nset-cookie: XSRF-TOKEN=eyJpdiI6IlVpS00vL3NHQm9rdXZWaFppWVM2TkE9PSIsInZhbHVlIjoialUwTnVPeURnd1lFV1A5YzM5N1ZhVU5wQmIrbDA2VUt1OG52MHUvTkZiMm1FbDNJdzJmL3dIQWplTzVDTTBxQyIsIm1hYyI6ImFkMmU0NjI0MmM2Yjk1MDM5YjkzYjAzOTQzNzkzNDFkYjI3MmZjZWIxN2U0OGQyZTA4NWZlNTE2OGY2NDkyOGEifQ%3D%3D; expires=Mon, 03-Jun-2024 23:26:35 GMT; Max-Age=7200; path=/; samesite=lax\nlaravel_session=eyJpdiI6Ik1MVnMyaGFzRDlmU0c5SzAyWXVsREE9PSIsInZhbHVlIjoiQ0VNUkxhT3YxbTVjOG5FOHlDSFZlK0tXanhzN1RzZzEwNUljcW92TjMzS0d1K0VYSGFoMG9nUi8yREM3aVM1OCIsIm1hYyI6ImE4YmRiYWYyOWJlMmI1ZDkxNjVlMWY4YjEwOGMzMzMxYzgzOTE3OWRkZTRiNGI5OWRhOTM5NGMxNjlkMGVlMjcifQ%3D%3D; expires=Mon, 03-Jun-2024 23:26:35 GMT; Max-Age=7200; path=/; httponly; samesite=lax\nSRVNAME=w1; path=/\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=NB9fIzeyrqX1RM%2F24PPdAB6xw9BPk42YszptGTwVrp2ZDSToOeG2h6XajfSGqkEdidGAe4vv6CsMlEojlc7kUGzev18jlGbX7plIMuCXjfiFErSO14FZqnT6EQNPoWGb\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 88e2c324bfd9abd2-CPH\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6519,"size_decoded":6519,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (6959), with no line terminators","md5":"dd91baaa16fe279dc6a5e7f7c5f3a06f","sha1":"ed07482a166a14ccf7e8b6b99a0e5036e9f08a6c","sha256":"6ec8fb2330c887d85c6ca52de9299853d94f8520e374b6e7c4d4e09cc70ff951","sha512":"026568facf6ed49978c8a300b3a3efcea58c8351c87fafdab8fd6fba2cbe823d14b56a2a48b5378719345e0a16b83782f3cad28dbb992a1f214d675be4ae7544","ssdeep":"96:TbORsKA60stYoYgWrIveFnBfQVamOg4i0bG:OR/ATsyoYrieFnBkamOg4zbG","tlshash":"d6e111af78a4c0745d122f362bb8f23c78dbb2294710d84837ccd86d935da61a715be4","first_seen":"2024-08-19T20:52:29.40364Z","last_seen":"2024-08-19T20:52:29.40364Z","times_seen":1,"resource_available":false,"data":null}},"time_used":538,"timings":{"blocked":100,"dns":29,"connect":26,"send":0,"wait":339,"receive":0,"ssl":41},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-03","alert":"Sinkholed","trigger":"megodait.site","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"svntrk.com/assets/mqmq_665e350b2c6c3.js","fqdn":"svntrk.com","domain":"svntrk.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://megodait.site/?s1=mqmq\u0026i_ema=gpetersen@slurpmail.net\u0026s3=oo","date":"2024-06-03T21:26:35.475Z","timestamp":1717449995475,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"svntrk.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Thu, 28 Dec 2023 00:00:00 GMT","end":"Fri, 27 Dec 2024 23:59:59 GMT"},"fingerprint":{"sha1":"83:5F:B1:05:69:64:18:2B:AF:21:B6:08:6A:BF:B6:F1:B5:95:C8:99","sha256":"FF:07:67:7D:85:71:77:27:59:EF:DB:A5:3E:6B:0A:D9:8E:4B:E9:01:D1:FA:BD:35:B4:A0:52:DC:B7:01:17:78"}}},"request":{"raw":"GET /assets/mqmq_665e350b2c6c3.js HTTP/1.1\r\nHost: svntrk.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://megodait.site/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 03 Jun 2024 21:26:35 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\ncache-control: no-cache, private\r\ncf-cache-status: BYPASS\r\nset-cookie: svnimp=665e350ba09b9; path=/; secure; httponly; samesite=none\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=8LrDF4TqJM0ybtYv1NHgQUAkgvVoGftkrEDqGEPoQUn9SWlmww7v%2Bww%2FPxszFUbAXWKstlDWgi82YIpomSZWh57wtx%2ByY%2BMn4vvggP2GW%2B0Zyw9%2BacF4ow7mjlsM\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 88e2c3286bf4abda-CPH\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T00:47:03.388486Z","times_seen":13352920,"resource_available":true,"data":null}},"time_used":348,"timings":{"blocked":93,"dns":30,"connect":26,"send":0,"wait":151,"receive":0,"ssl":45},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.pornhub.com/video/manage?o=mr\u0026t=pr2","fqdn":"www.pornhub.com","domain":"pornhub.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://megodait.site/?s1=mqmq\u0026i_ema=gpetersen@slurpmail.net\u0026s3=oo","date":"2024-06-03T21:26:36.295Z","timestamp":1717449996295,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pornhub.com","organization":"AYLO Freesites Ltd"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 15 Jan 2024 00:00:00 GMT","end":"Fri, 14 Feb 2025 23:59:59 GMT"},"fingerprint":{"sha1":"D6:BD:14:72:10:1B:49:A3:2B:24:7E:E7:CF:F6:A0:38:5E:5A:3F:DE","sha256":"68:17:25:22:36:45:1F:24:41:1B:49:1E:66:C1:B3:92:04:34:6B:1E:22:E4:AC:57:5A:21:07:78:94:E4:DC:27"}}},"request":{"raw":"GET /video/manage?o=mr\u0026t=pr2 HTTP/1.1\r\nHost: www.pornhub.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://megodait.site/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: openresty\r\ndate: Mon, 03 Jun 2024 21:26:36 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nset-cookie: platform=pc; expires=Mon, 10-Jun-2024 21:26:36 GMT; Max-Age=604800; path=/; domain=pornhub.com; secure\nss=856943957245996216; expires=Tue, 03-Jun-2025 21:26:36 GMT; Max-Age=31536000; path=/; domain=pornhub.com; secure\n__s=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=pornhub.com; secure\n__l=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=pornhub.com; secure\n__s=665E350C-42FE722901BB2082F3-564C1C0; Secure; Samesite=None\n__l=665E350C-42FE722901BB2082F3-564C1C0; Secure; Samesite=None; Max-Age=31556926\r\nx-frame-options: SAMEORIGIN\r\ncache-control: no-cache, no-store, must-revalidate\r\npragma: no-cache\r\nph-redirect: 1041\r\nlocation: /login\r\nvary: User-Agent\r\nrating: RTA-5042-1996-1400-1577-RTA\r\naccept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T00:47:03.388486Z","times_seen":13352920,"resource_available":true,"data":null}},"time_used":196,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":194,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}