r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7181eff9c60e83eb0004ece591e47dca
0fd8cd0c9d10b0547938982e57d2c43e2d98679f
89c5c0e2d6890798644174a8e31976aec03a1b3deb03812afbb520e5ed68f522
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89C5C0E2D6890798644174A8E31976AEC03A1B3DEB03812AFBB520E5ED68F522"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21546
Expires: Fri, 09 Dec 2022 18:55:22 GMT
Date: Fri, 09 Dec 2022 12:56:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 388f6fea5bafa378266622b72311a6ee
447f102dc12172ce1ba44c5e94e1d7bb49d43372
a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11798
Expires: Fri, 09 Dec 2022 16:12:54 GMT
Date: Fri, 09 Dec 2022 12:56:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11259
Expires: Fri, 09 Dec 2022 16:03:55 GMT
Date: Fri, 09 Dec 2022 12:56:16 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 12:07:50 GMT
content-type: application/json
age: 2906
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: r/H8IqvRIYeXrVw3H5ZWhB9RA4eDr1pNwKoSTipgdhz9yy3MDNq3Ln+15qQOvWLJ/Ok6KNqtrFs=
x-amz-request-id: STEHBF74DJSXN3ZB
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 12:48:20 GMT
age: 476
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 12:56:16 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Last-Modified, ETag, Cache-Control, Alert, Content-Length, Pragma, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 12:07:55 GMT
age: 2901
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
davi24.com/3ds-max-2022-free-download/
103.77.162.23301 Moved Permanently 0 B URL HTTP/1.1 davi24.com/3ds-max-2022-free-download/
IP 103.77.162.23:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /3ds-max-2022-free-download/ HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 09 Dec 2022 12:56:16 GMT
Server: Apache
X-Powered-By: PHP/7.0.33
Expires: Fri, 09 Dec 2022 13:56:16 GMT
Cache-Control: max-age=3600
X-Redirect-By: WordPress
Location: https://davi24.com/3ds-max-2022-free-download/
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e6be4d2155028ffff5d01ab6e7edf6da
07172071b5cf43c4cd7d7930b4ad8518ec1e32e9
4d8a5fa2362fd0910babd6d128d850d4460829468eb23d34ee5ee6eaa42d5a38
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3233
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 12:56:16 GMT
Last-Modified: Fri, 09 Dec 2022 12:02:23 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.213.140.56101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.213.140.56:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: NGVq+rCo3b0eeBSS4yLECw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Xv5/VKrY7+10NcP+goXSSsx3A9g=
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3001
Expires: Fri, 09 Dec 2022 13:46:19 GMT
Date: Fri, 09 Dec 2022 12:56:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3001
Expires: Fri, 09 Dec 2022 13:46:19 GMT
Date: Fri, 09 Dec 2022 12:56:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3001
Expires: Fri, 09 Dec 2022 13:46:19 GMT
Date: Fri, 09 Dec 2022 12:56:18 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fba9a3854df65740512f96efe7442e58
8fbff7725c842d70e047c635a725723a9dc9c55a
6e639298ebc82343cee9267d2910d15735af55f910e2c3de9218266b7c6fffc9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5188
x-amzn-requestid: afb8cbd2-3674-4dac-9cd9-9ff83618ac0a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ck2-5G9joAMFlPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638b6b92-2979ff216b9028aa70baef8b;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 15:30:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7Dp35PIr_WYUI1bBa21AvmCMEPi0d3jnhuS8eEk3Q3CXRcGWAnkD8g==
via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 17:01:04 GMT
age: 71714
etag: "8fbff7725c842d70e047c635a725723a9dc9c55a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d60e535659f21b4a18a798472779ec1a
5eba8756c2188c8e3c73c621a132123eda6f3778
68628710591427bdc1cccf2808e84bae912533938400a7a756f0b8a57b6d7e86
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=169829
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 12:56:18 GMT
Etag: "639324d7-117"
Expires: Sun, 11 Dec 2022 12:06:47 GMT
Last-Modified: Fri, 09 Dec 2022 12:06:47 GMT
Server: nginx
Content-Length: 279
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eb00a2a503a690cee3e4dd729b5bc9bd
cfb1e5bcab2148a777889680e6e36b9d7e8917ec
7e4583ae78ab597639f53669ac2d67d1ebd26be3278c2fc3fc95af934178c116
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7960
x-amzn-requestid: beadd240-39d0-407d-a890-6a095657cac3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEd8HC0oAMFUag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb459-44d4f63c62f58684782ef14a;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kTEbkncBnAJmQE8cdAqvDtejiwaetpRBsVcpLXy1h52lO4iUkzmOGA==
via: 1.1 74aa91fe819001bcedd882694f52b436.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 16:28:48 GMT
age: 73650
etag: "cfb1e5bcab2148a777889680e6e36b9d7e8917ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c3214044657f3b876d1f1848bca5684
7558222788f06623ddae6e883413e38e1146281e
e1f9c9c445bba7765f371dbb655cab43c1e12de7cbd015f8034c494118f7f708
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7897
x-amzn-requestid: 032fd8ae-b7e9-4e12-8546-838191a73688
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F51IAMFunw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-345ae6cd107d207f5dbe29a8;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: N-zFZ8yeL7RrOZ5xfqvfBaE3zcXWecvr6Jd-93nKiUZlCXp2n2_Bgw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 03:41:46 GMT
age: 33272
etag: "7558222788f06623ddae6e883413e38e1146281e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8546542f00ea29ef4df6ab8d3c7c2164
5c8ffe91490006a9890188b53f875568c2b6bd8f
7fb11750ac339ac283da62fd370862c6b95a103a585ca5dd8c90038718d818a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6578
x-amzn-requestid: 6392feb9-e33e-42fa-bc10-b5e31e654c9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cw4beGG7oAMF8hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63903aaf-2c890b7b0a16617346a0f7e7;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 07:03:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: H067kZXU_djWxbWO34bYMqa0xZ-WF9ntEBhZ-kV_TDoJFXQL_J1hqQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 03:34:27 GMT
age: 33711
etag: "5c8ffe91490006a9890188b53f875568c2b6bd8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 06514ce96ae21cb01f526a5febdcbeb4
ebb97e5b97f394e8c67098f55581d5329ce819a2
4099a2fb6ddc4feaa30f357a180d64aeb7c9fc73f115fc762d5fe5c221d2e89e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5169
x-amzn-requestid: 277a1b04-4e19-4313-8aac-5f9ab9076305
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEdkFGrIAMFvHg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb456-5b21edd57297665012d536cc;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Xi-bshsYa4LlKbJgAt0h-lPnB_5uQbqln5JGBRE8io2Fp1y41cS9xg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 04:08:48 GMT
age: 31650
etag: "ebb97e5b97f394e8c67098f55581d5329ce819a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5de5d319f43d9c9c641419d96655541f
cde4c7fa0145d3645af17e34c83c63c08f76a076
fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7557
x-amzn-requestid: 400d1465-ecbf-4d95-8aa8-4dce5dca0716
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctluwGo4oAMFhTg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee991-6dba29ae7065d5347a1a420d;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:04:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Lazl-stakC-31gMuQ2WzH9uFkIb0g7HaaM3xkwSFdFJMWKTaKqrBEQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 04:07:07 GMT
age: 31751
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d60e535659f21b4a18a798472779ec1a
5eba8756c2188c8e3c73c621a132123eda6f3778
68628710591427bdc1cccf2808e84bae912533938400a7a756f0b8a57b6d7e86
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=169829
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 12:56:18 GMT
Etag: "639324d7-117"
Expires: Sun, 11 Dec 2022 12:06:47 GMT
Last-Modified: Fri, 09 Dec 2022 12:06:47 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279
davi24.com/3ds-max-2022-free-download/
103.77.162.23200 OK 47 kB URL HTTP/1.1 davi24.com/3ds-max-2022-free-download/
IP 103.77.162.23:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1820), with CRLF, LF line terminators
Hash 7d3a0ccef80af8e89e89741d24a78c1f
954726be4e71d0bb0b41749bc7dd9706f75f63f2
fca1f5f56b73bc509c3d6c079a5e75a5cfcd55180c3878622b3aab7b9a4a5839
Analyzer Verdict Alert fortinet Malware
GET /3ds-max-2022-free-download/ HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:17 GMT
Server: Apache
X-Powered-By: PHP/7.0.33
Link: <https://davi24.com/wp-json/>; rel="https://api.w.org/", <https://davi24.com/wp-json/wp/v2/posts/3493>; rel="alternate"; type="application/json", <https://davi24.com/?p=3493>; rel=shortlink
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a0905812e8498e6c5c0a9b4b584b972f
039b784fd1e0152ec7f49a54ba027f0b2bd1e833
ee3531ef0f334dcd73a86b1e4365a020d5db69ff7b82bad136eaf1a8e9d3b47f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 12:56:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a0905812e8498e6c5c0a9b4b584b972f
039b784fd1e0152ec7f49a54ba027f0b2bd1e833
ee3531ef0f334dcd73a86b1e4365a020d5db69ff7b82bad136eaf1a8e9d3b47f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 12:56:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
davi24.com/wp-content/plugins/wp-popups-lite/src/assets/css/wppopups-base.css?ver=2.1.4.5
103.77.162.23200 OK 8.7 kB URL HTTP/1.1 davi24.com/wp-content/plugins/wp-popups-lite/src/assets/css/wppopups-base.css?ver=2.1.4.5
IP 103.77.162.23:0
Hash a560040312229062493dd4ebb2a5f8dc
1e4279b02ba4444d7ea76fd6a05de45ca3c1e610
1324a06a3a4e142ab8add34477b0309b68ef7b7a699540a7791bbbe929f7c0a9
GET /wp-content/plugins/wp-popups-lite/src/assets/css/wppopups-base.css?ver=2.1.4.5 HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/3ds-max-2022-free-download/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:18 GMT
Server: Apache
Last-Modified: Mon, 25 Oct 2021 01:09:58 GMT
Accept-Ranges: bytes
Content-Length: 8650
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
davi24.com/wp-content/fonts/904b9a3a0d79473f201bd766ac26b59d.css?ver=20201110
103.77.162.23200 OK 9.4 kB URL HTTP/1.1 davi24.com/wp-content/fonts/904b9a3a0d79473f201bd766ac26b59d.css?ver=20201110
IP 103.77.162.23:0
Hash 2b65e71b603a85359278b8c29593514f
418a8812f6d10371738c8be32d4cf8a22865cf15
0715958139a5bdb51640f5b27ab80ea4165095fed3a4ffbe0e1390dceb25c91b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/fonts/904b9a3a0d79473f201bd766ac26b59d.css?ver=20201110 HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/3ds-max-2022-free-download/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:18 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 09:22:08 GMT
Accept-Ranges: bytes
Content-Length: 9414
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
davi24.com/wp-content/plugins/related-posts-by-taxonomy/includes/assets/css/styles.css?ver=5.7.8
103.77.162.23200 OK 416 B URL HTTP/1.1 davi24.com/wp-content/plugins/related-posts-by-taxonomy/includes/assets/css/styles.css?ver=5.7.8
IP 103.77.162.23:0
Hash ef87605f3e119bb43a79486ebaae3979
cf87ed116cb0623729615a652ec444f6d7acb602
715d95401a0252ab3f290b8d318f8f6bfd0bf1163f025767fa065200c5e6f883
GET /wp-content/plugins/related-posts-by-taxonomy/includes/assets/css/styles.css?ver=5.7.8 HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/3ds-max-2022-free-download/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:18 GMT
Server: Apache
Last-Modified: Mon, 23 Aug 2021 00:21:08 GMT
Accept-Ranges: bytes
Content-Length: 416
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
davi24.com/wp-content/plugins/wp-statistics/assets/css/frontend.css?ver=12.4.2
103.77.162.23200 OK 102 B URL HTTP/1.1 davi24.com/wp-content/plugins/wp-statistics/assets/css/frontend.css?ver=12.4.2
IP 103.77.162.23:0
File type ASCII text, with CRLF line terminators
Hash d859237df9c6cae9a0bb730f762f544d
fdb0ecccf47646f316a6760dc0cb780259459374
8d3dbed10901eab7ea5726b18b9b4ad41b59993e1c079e9e71f6b8130364d576
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-statistics/assets/css/frontend.css?ver=12.4.2 HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/3ds-max-2022-free-download/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:18 GMT
Server: Apache
Last-Modified: Thu, 06 Sep 2018 01:26:09 GMT
Accept-Ranges: bytes
Content-Length: 102
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
davi24.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
103.77.162.23200 OK 11 kB URL HTTP/1.1 davi24.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 103.77.162.23:0
File type ASCII text, with very long lines (11126)
Hash 79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/3ds-max-2022-free-download/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:18 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 08:14:22 GMT
Accept-Ranges: bytes
Content-Length: 11224
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
davi24.com/wp-content/themes/donovan/assets/js/svgxuse.min.js?ver=1.2.6
103.77.162.23200 OK 2.9 kB URL HTTP/1.1 davi24.com/wp-content/themes/donovan/assets/js/svgxuse.min.js?ver=1.2.6
IP 103.77.162.23:0
File type ASCII text, with very long lines (522)
Hash a2b3c4a1205adeb5f57cd1db0acabcba
6f564918cbb2a673ab64564f4c60653c209b03bd
fb16e51480f1812bba39f47a4dd2e154767356b870f1e5e2564f0f462f40098f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/donovan/assets/js/svgxuse.min.js?ver=1.2.6 HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/3ds-max-2022-free-download/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:18 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 09:21:19 GMT
Accept-Ranges: bytes
Content-Length: 2927
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
davi24.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.8
103.77.162.23200 OK 58 kB URL HTTP/1.1 davi24.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.8
IP 103.77.162.23:0
File type Unicode text, UTF-8 text, with very long lines (29677)
Hash b5d1e2c87b60ce71c3fd90ca27073250
b65e3890ef1565f98971b344b4c85866a5f33860
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.7.8 HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/3ds-max-2022-free-download/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:18 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 08:14:57 GMT
Accept-Ranges: bytes
Content-Length: 58171
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
davi24.com/wp-content/themes/donovan/style.css?ver=1.8.2
103.77.162.23200 OK 72 kB URL HTTP/1.1 davi24.com/wp-content/themes/donovan/style.css?ver=1.8.2
IP 103.77.162.23:0
File type ASCII text, with very long lines (382)
Hash 4b5cb3bd06612a5c93996fe727ab6ce0
03bd5d290e49a6426be4cffb05a511dcf3996c4b
88794cdb73d7ecf2803e22c4978722d88dbce97ebc153002282acb1fac8f999d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/donovan/style.css?ver=1.8.2 HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/3ds-max-2022-free-download/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:18 GMT
Server: Apache
Last-Modified: Mon, 09 Aug 2021 10:28:05 GMT
Accept-Ranges: bytes
Content-Length: 71673
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
davi24.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.8
103.77.162.23200 OK 14 kB URL HTTP/1.1 davi24.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.8
IP 103.77.162.23:0
File type ASCII text, with very long lines (11272)
Hash eaa8641bcda2371f4024a71fbb67de3b
0e46c39d3821683c856605a82254115f9a6a7792
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.7.8 HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/3ds-max-2022-free-download/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:19 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 08:14:22 GMT
Accept-Ranges: bytes
Content-Length: 14229
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
davi24.com/wp-content/plugins/related-post/assets/front/css/owl.carousel.min.css?ver=5.7.8
103.77.162.23200 OK 3.0 kB URL HTTP/1.1 davi24.com/wp-content/plugins/related-post/assets/front/css/owl.carousel.min.css?ver=5.7.8
IP 103.77.162.23:0
File type ASCII text, with very long lines (2854)
Hash e0422f812aba45254cf47f9a3c96504c
e009863352e7e464712dd23e6160d2318333a1da
ca6300d7f9068654315e7d2af431731d1b77548635121ec125c11f33723cf1ae
GET /wp-content/plugins/related-post/assets/front/css/owl.carousel.min.css?ver=5.7.8 HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/3ds-max-2022-free-download/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:19 GMT
Server: Apache
Last-Modified: Mon, 23 Aug 2021 00:24:07 GMT
Accept-Ranges: bytes
Content-Length: 3011
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
davi24.com/wp-content/plugins/related-post/assets/front/css/related-post.css?ver=5.7.8
103.77.162.23200 OK 1.4 kB URL HTTP/1.1 davi24.com/wp-content/plugins/related-post/assets/front/css/related-post.css?ver=5.7.8
IP 103.77.162.23:0
File type ASCII text, with CRLF line terminators
Hash 448dadb0e8e65cbc8c63325299574bf1
613bf0643658e7a237eb4c0766a38214c163da56
33c81623ca55244432d30e3dc52a98f44f26e379062b5f8385b52218d9703c54
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/related-post/assets/front/css/related-post.css?ver=5.7.8 HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/3ds-max-2022-free-download/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:19 GMT
Server: Apache
Last-Modified: Mon, 23 Aug 2021 00:24:07 GMT
Accept-Ranges: bytes
Content-Length: 1433
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
davi24.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
103.77.162.23200 OK 90 kB URL HTTP/1.1 davi24.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
IP 103.77.162.23:0
File type ASCII text, with very long lines (65451)
Hash b6f7093369a0e8b83703914ce731b13c
d1889f5c173c2a4b20288f1f84758599afd346ef
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.5.1 HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/3ds-max-2022-free-download/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:18 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 08:14:22 GMT
Accept-Ranges: bytes
Content-Length: 89496
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
davi24.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
103.77.162.23200 OK 99 kB URL HTTP/1.1 davi24.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
IP 103.77.162.23:0
File type Unicode text, UTF-8 text, with very long lines (34729), with NEL line terminators
Hash 5090bae2c114802440412e301bdf5174
3850afd52816ee686eccd881df06764b426cd86a
d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4 HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/3ds-max-2022-free-download/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:19 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 08:14:53 GMT
Accept-Ranges: bytes
Content-Length: 99310
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
davi24.com/wp-includes/js/dist/hooks.min.js?ver=d0188aa6c336f8bb426fe5318b7f5b72
103.77.162.23200 OK 7.0 kB URL HTTP/1.1 davi24.com/wp-includes/js/dist/hooks.min.js?ver=d0188aa6c336f8bb426fe5318b7f5b72
IP 103.77.162.23:0
File type ASCII text, with very long lines (6944)
Hash fff58f50d2d6243f7705185a16cba7ea
144566a0887f77bf9126bd1bb46ccad9f29a5971
fcc650dabdeef66e791d2159bddf7e6ec415841c265e2e121bfdf8da9f898837
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/hooks.min.js?ver=d0188aa6c336f8bb426fe5318b7f5b72 HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/3ds-max-2022-free-download/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:19 GMT
Server: Apache
Last-Modified: Thu, 09 Sep 2021 19:44:35 GMT
Accept-Ranges: bytes
Content-Length: 6979
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
davi24.com/wp-content/plugins/google-language-translator/js/scripts.js?ver=6.0.9
103.77.162.23200 OK 14 kB URL HTTP/1.1 davi24.com/wp-content/plugins/google-language-translator/js/scripts.js?ver=6.0.9
IP 103.77.162.23:0
Hash 9ce2ef9c51d872136c9bd85bd5428ea8
4b4f270db4ec228296f5127f22df9a0b502cec84
37b945e5fe609563e83b37edcbfe3d18aac072a55fc8962978afdf597a3c4aa8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/google-language-translator/js/scripts.js?ver=6.0.9 HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/3ds-max-2022-free-download/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:19 GMT
Server: Apache
Last-Modified: Thu, 01 Jul 2021 11:32:36 GMT
Accept-Ranges: bytes
Content-Length: 13797
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
davi24.com/wp-content/themes/donovan/assets/js/navigation.min.js?ver=20200822
103.77.162.23200 OK 2.0 kB URL HTTP/1.1 davi24.com/wp-content/themes/donovan/assets/js/navigation.min.js?ver=20200822
IP 103.77.162.23:0
File type ASCII text, with very long lines (2032), with no line terminators
Hash 53f6d774e6f6ffdb29fbd56d7c15366d
035408bba4f7f4e39d205eb11204a87c622663f7
73318d6aba5551abd695904a7e686a17ae42ee85d6911fd437bb06a3bb2b63c9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/donovan/assets/js/navigation.min.js?ver=20200822 HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/3ds-max-2022-free-download/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:19 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 09:21:19 GMT
Accept-Ranges: bytes
Content-Length: 2032
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
davi24.com/wp-includes/js/wp-embed.min.js?ver=5.7.8
103.77.162.23200 OK 1.4 kB URL HTTP/1.1 davi24.com/wp-includes/js/wp-embed.min.js?ver=5.7.8
IP 103.77.162.23:0
File type ASCII text, with very long lines (1391)
Hash 905225d5711b559d3092387d5ffbedbd
6f6c39075263bafb9e8c10f1b34a1a0f7ee03c9d
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
GET /wp-includes/js/wp-embed.min.js?ver=5.7.8 HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/3ds-max-2022-free-download/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:19 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 08:14:22 GMT
Accept-Ranges: bytes
Content-Length: 1426
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
davi24.com/wp-content/plugins/wp-popups-lite/src/assets/js/wppopups.js?ver=2.1.4.5
103.77.162.23200 OK 48 kB URL HTTP/1.1 davi24.com/wp-content/plugins/wp-popups-lite/src/assets/js/wppopups.js?ver=2.1.4.5
IP 103.77.162.23:0
Hash d96ec9b36839d11ffb322518cc376138
706d19ddb93e5c9c819df90281a1fd1a730f5538
eab007b887d70722ac2232014f1085551e3d262da75db00a05952d529872bfa8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-popups-lite/src/assets/js/wppopups.js?ver=2.1.4.5 HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/3ds-max-2022-free-download/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:19 GMT
Server: Apache
Last-Modified: Mon, 25 Oct 2021 01:09:58 GMT
Accept-Ranges: bytes
Content-Length: 47635
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
davi24.com/wp-content/plugins/related-post//assets/front/js/owl.carousel.min.js?ver=5.7.8
103.77.162.23200 OK 85 kB URL HTTP/1.1 davi24.com/wp-content/plugins/related-post//assets/front/js/owl.carousel.min.js?ver=5.7.8
IP 103.77.162.23:0
File type ASCII text, with very long lines (359)
Hash c580af66c6b04b963d4b76a90569d6b5
b7b7280d64bf9402e3b101cc07f5b38abd146205
0a1aebdca3b69662a8cb029eb3909c5d8d5d20022b2be9c5497e6d2e12539b1f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/related-post//assets/front/js/owl.carousel.min.js?ver=5.7.8 HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/3ds-max-2022-free-download/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:19 GMT
Server: Apache
Last-Modified: Mon, 23 Aug 2021 00:24:07 GMT
Accept-Ranges: bytes
Content-Length: 85100
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
davi24.com/wp-content/plugins/google-language-translator/css/style.css?ver=6.0.9
103.77.162.23200 OK 129 kB URL HTTP/1.1 davi24.com/wp-content/plugins/google-language-translator/css/style.css?ver=6.0.9
IP 103.77.162.23:0
Size 129 kB (128983 bytes)
Hash f3bd90ed9190418715605b8aaa05debd
5ef128434040cdc17b99048da8c56287894ed542
e2fb63ea3b3d832a17e88ce1bdc0ec080117e17f1c9331697c822015e501cb13
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/google-language-translator/css/style.css?ver=6.0.9 HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/3ds-max-2022-free-download/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:19 GMT
Server: Apache
Last-Modified: Thu, 01 Jul 2021 11:32:36 GMT
Accept-Ranges: bytes
Content-Length: 128983
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 6fba40dfdcde443855844f6241ca6d85
4ad19aa8f3a191688fbf7038760f757ddaebf11b
09b6375f2b0780ffb3c0bc96a5ab4a7332a43b23717779bd05523ee978ce5d4d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4161
Cache-Control: max-age=108831
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 12:56:20 GMT
Etag: "63922652-116"
Expires: Sat, 10 Dec 2022 19:10:11 GMT
Last-Modified: Thu, 08 Dec 2022 18:00:50 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 278
inklinkor.com/tag.min.js
104.21.91.63200 OK 25 kB IP 104.21.91.63:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 3cbfc73c52332403255e85307ac7439d
f87cd3a6a6455a38151c7fb2c406ebb100cf3ba8
84332aa8bdd210ffc39d2c47f56417c3f2bdcd8ee4890674d7c905fc951088cf
GET /tag.min.js HTTP/1.1
Host: inklinkor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 12:56:20 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: c97ad7132cf395f2d37f0bf2bab4d060
cache-control: max-age=86400
last-modified: Fri, 09 Dec 2022 06:46:36 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Sat, 10 Dec 2022 11:49:37 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 4003
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CDuCEJRFE5OFC8b%2FH7vm%2FPqelCOJPhoAgviNPtYfRJH1aV9APz1ld8n8Y8XxmlKpPhvHVZMia%2BOV8eSQ%2F6HdfrbcmZS%2FKcyXeH2p72h5QLeRxXxooJoYNFyIvLpyHGdv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776de6796f23b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4e3dc85fd71bdb106039966a96cdd02b
53d3487232ddcac30b53c224c94e63571633e5af
d0a3a292876b50c590a3fa6c04d3471a6fb726c54f57e75c21f2e1bd45424ace
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 12:56:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
translate.googleapis.com/translate_static/css/translateelement.css
216.58.207.202200 OK 3.6 kB URL HTTP/2 translate.googleapis.com/translate_static/css/translateelement.css
IP 216.58.207.202:0
File type ASCII text, with very long lines (18670)
Hash 897ba9a21d9625286674da769dacc2e2
84b4923ab7dee562395160824d53496314499b77
696cbf5c2f3f1efae555562b72abbbb22bed02eff03d62074555cab241190ae0
GET /translate_static/css/translateelement.css HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3619
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 12:00:32 GMT
expires: Fri, 09 Dec 2022 13:00:32 GMT
cache-control: public, max-age=3600
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
content-type: text/css
age: 3348
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4e3dc85fd71bdb106039966a96cdd02b
53d3487232ddcac30b53c224c94e63571633e5af
d0a3a292876b50c590a3fa6c04d3471a6fb726c54f57e75c21f2e1bd45424ace
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 12:56:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
davi24.com/wp-content/themes/donovan/assets/icons/genericons-neue.svg
103.77.162.23200 OK 28 kB URL HTTP/1.1 davi24.com/wp-content/themes/donovan/assets/icons/genericons-neue.svg
IP 103.77.162.23:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (861)
Hash 4080d1f5f976c56fb30f2150d520c49e
081eebd1ca84882c6e51e4c7c57c8bd1c89f7c42
1ef564b89fc8b8baa6609f30535c85a5f7e793f16879169cbf7a8987fd85405d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/donovan/assets/icons/genericons-neue.svg HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/3ds-max-2022-free-download/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:20 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 09:21:19 GMT
Accept-Ranges: bytes
Content-Length: 28006
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d3c2666db3c15225923dddb92dacf735
64e9db12b4b93a22a1f1246f2f53c605aecd2a5b
e951f784500dc601aa5687424d9ed761d651deedd0e05f5bf1c89127988dbdfd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E951F784500DC601AA5687424D9ED761D651DEEDD0E05F5BF1C89127988DBDFD"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15802
Expires: Fri, 09 Dec 2022 17:19:42 GMT
Date: Fri, 09 Dec 2022 12:56:20 GMT
Connection: keep-alive
davi24.com/wp-content/fonts/quicksand/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58a-wg.woff2
103.77.162.23200 OK 14 kB URL HTTP/1.1 davi24.com/wp-content/fonts/quicksand/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58a-wg.woff2
IP 103.77.162.23:0
File type Web Open Font Format (Version 2), TrueType, length 13788, version 1.0\012- data
Hash 37cb9c1de0984928fe29407fc13edd13
9241b34301953bfe0bf9b5ccac42d9dbc27e78b7
6be37f36989880a124a0df21a0b4931bfd75d67bd9d844418ecbb79a47514507
Analyzer Verdict Alert fortinet Malware
GET /wp-content/fonts/quicksand/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58a-wg.woff2 HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://davi24.com/wp-content/fonts/904b9a3a0d79473f201bd766ac26b59d.css?ver=20201110
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:20 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 09:21:33 GMT
Accept-Ranges: bytes
Content-Length: 13788
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: font/woff2
davi24.com/wp-content/fonts/raleway/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2
103.77.162.23200 OK 21 kB URL HTTP/1.1 davi24.com/wp-content/fonts/raleway/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2
IP 103.77.162.23:0
File type Web Open Font Format (Version 2), TrueType, length 21028, version 1.0\012- data
Hash 131f660715196288a68bd84296ada895
b7509bd4352f0b015c8b7d7f27157ffbab0cc3a1
1d94fd1a3793df0abe10fb36e59825864e1ec9623496e1e04c9cca624be01394
Analyzer Verdict Alert fortinet Malware
GET /wp-content/fonts/raleway/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2 HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://davi24.com/wp-content/fonts/904b9a3a0d79473f201bd766ac26b59d.css?ver=20201110
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:20 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 09:22:01 GMT
Accept-Ranges: bytes
Content-Length: 21028
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: font/woff2
davi24.com/wp-content/fonts/raleway/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCGPrEHJA.woff2
103.77.162.23200 OK 15 kB URL HTTP/1.1 davi24.com/wp-content/fonts/raleway/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCGPrEHJA.woff2
IP 103.77.162.23:0
File type Web Open Font Format (Version 2), TrueType, length 15004, version 1.0\012- data
Hash 47dfd7aed0af42f7acbadac1aeca6843
3ce05577fadfc5be08851eb482083c9b9f53c008
455b818fc3f0e627ec1837e801bff6ac1443638d486fee01f1354b0d5e30faf5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/fonts/raleway/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCGPrEHJA.woff2 HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://davi24.com/wp-content/fonts/904b9a3a0d79473f201bd766ac26b59d.css?ver=20201110
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:20 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 09:22:01 GMT
Accept-Ranges: bytes
Content-Length: 15004
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: font/woff2
davi24.com/wp-content/fonts/raleway/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCIPrE.woff2
103.77.162.23200 OK 21 kB URL HTTP/1.1 davi24.com/wp-content/fonts/raleway/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCIPrE.woff2
IP 103.77.162.23:0
File type Web Open Font Format (Version 2), TrueType, length 21352, version 1.0\012- data
Hash 01a273e07cf0950b760ee6cd9540a72f
270bb462018cc354ee6ff44d8e1b8b8fcb0e8641
0d3b3a3f34ffd3526eea2f77aebe34caa8e86c59002dfd89aa834b0986feeaa2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/fonts/raleway/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCIPrE.woff2 HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://davi24.com/wp-content/fonts/904b9a3a0d79473f201bd766ac26b59d.css?ver=20201110
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:20 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 09:22:08 GMT
Accept-Ranges: bytes
Content-Length: 21352
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: font/woff2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 5befea1ff179e1346422afeace6ac43d
313a8a8c24dd6a29b69d6fa15a29826250995e29
f61f64c91aed0910ea20c1b3cf030f219d080a3bb2087a1fe2b80a403074edb9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F61F64C91AED0910EA20C1B3CF030F219D080A3BB2087A1FE2B80A403074EDB9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4956
Expires: Fri, 09 Dec 2022 14:18:57 GMT
Date: Fri, 09 Dec 2022 12:56:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c5e1f14021541984fb7c7ba4f76c5ef9
3334cf1d6297d8fb36a4af2ebf9b993b94897658
aa935a586a8f1e18c93bf12958884d1ee590bedf8531b0f81a90ee09bf66896a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA935A586A8F1E18C93BF12958884D1EE590BEDF8531B0F81A90EE09BF66896A"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1959
Expires: Fri, 09 Dec 2022 13:29:00 GMT
Date: Fri, 09 Dec 2022 12:56:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 27f907a256adb2c2f78f02a5f9b10c99
3411bd289f7e48859cde22993e8bd795ac9b19b2
907bff5886c7b9a138f540090f7e0010621667c24aa02c3fd075f083d0a3b683
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "907BFF5886C7B9A138F540090F7E0010621667C24AA02C3FD075F083D0A3B683"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1924
Expires: Fri, 09 Dec 2022 13:28:25 GMT
Date: Fri, 09 Dec 2022 12:56:21 GMT
Connection: keep-alive
my.rtmark.net/gid.js?userId=ff7a3498e00b46f2bc04040a4bbce394
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=ff7a3498e00b46f2bc04040a4bbce394
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 82680a28d5c61fdec4c6f7a71cb412ec
43406dcb908f6246cc72a3646ad501ade52ccc88
53828294d6997a727469a83dadf213cccf41a040f3d769a5b279bda18ee28e4e
GET /gid.js?userId=ff7a3498e00b46f2bc04040a4bbce394 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://davi24.com
Connection: keep-alive
Referer: https://davi24.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 12:56:21 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://davi24.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=ff7a3498e00b46f2bc04040a4bbce394; expires=Sat, 09 Dec 2023 12:56:21 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
davi24.com/wp-content/fonts/raleway/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCHPrEHJA.woff2
103.77.162.23200 OK 6.4 kB URL HTTP/1.1 davi24.com/wp-content/fonts/raleway/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCHPrEHJA.woff2
IP 103.77.162.23:0
File type Web Open Font Format (Version 2), TrueType, length 6376, version 1.0\012- data
Hash 60c3e2494a29e8072e29f85b789d11c0
883738ce03bb1299c071b79261c77ef209f2a5d1
a2f00e25fcc747bc0e35ccfc4c055e5fadfc7bfaa59d0766e1b387c3540d58b0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/fonts/raleway/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCHPrEHJA.woff2 HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://davi24.com/wp-content/fonts/904b9a3a0d79473f201bd766ac26b59d.css?ver=20201110
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:21 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 09:22:01 GMT
Accept-Ranges: bytes
Content-Length: 6376
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: font/woff2
tzegilo.com/stattag.js
104.21.84.149200 OK 5.7 kB IP 104.21.84.149:0
File type ASCII text, with very long lines (12966), with no line terminators
Hash a8d268e4a9655b858206748e741560c8
a2682e8eb03d393397264eb19b01d9b6a32c448b
ec883a9b7fdf46d784e15a615e193fac91569e4843cfa36ff392065e868ac0e2
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 12:56:21 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 15:07:42 GMT
etag: W/"637e373e-32a6"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 1678
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8vQNrrsuAs3QQ41Dt79OMvrut%2FimF3IsVGLMrxiDwHkYFqHgTUDiiE6Anhtjpqunecvu2ox94AH1b5%2FRht9H8dZl8XqP0GK0TulDSF3sGELb4WIhGa2%2FUv4bkY6JOw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776de67b4cc5b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash f93fe0c44e63867b7f8553c1ca73460e
e664d98cd9803e5f179af596d8a2f50d79fc92b0
dbb9ed743e3bf5d61dd66e676c81d5e2a43c8287d61ef34d90b6c7790ca6106e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:21 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 01:33:16 GMT
Expires: Tue, 13 Dec 2022 01:33:15 GMT
Etag: "e664d98cd9803e5f179af596d8a2f50d79fc92b0"
Cache-Control: max-age=304013,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 776de67c7ab1b4e8-OSL
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 45be028bb2118e21286d1256970bc0df
a4eeba1ad375008ef21bc53e25e307d5ba68f331
3ff76cbd3481f2b6fa457b7c243e11a059a2850e49c59ab89d69fb4dee3c52a3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3FF76CBD3481F2B6FA457B7C243E11A059A2850E49C59AB89D69FB4DEE3C52A3"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6068
Expires: Fri, 09 Dec 2022 14:37:29 GMT
Date: Fri, 09 Dec 2022 12:56:21 GMT
Connection: keep-alive
datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
139.45.195.253200 OK 12 B URL HTTP/1.1 datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 139.45.195.253:0
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 908
Origin: https://davi24.com
Connection: keep-alive
Referer: https://davi24.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Fri, 09 Dec 2022 12:56:21 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://davi24.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
ibrapush.com/zone?pub=0&zone_id=4606747&is_mobile=false&domain=davi24.com&var=&ymid=&var_3=
139.45.197.250200 OK 664 B URL HTTP/2 ibrapush.com/zone?pub=0&zone_id=4606747&is_mobile=false&domain=davi24.com&var=&ymid=&var_3=
IP 139.45.197.250:0
File type JSON data\012- , ASCII text, with very long lines (663)
Hash 8e562e438628ab3dc67cd8a22b636846
47c35207ae2e1a2b629a4ab0bb935c9341c377ee
8eff38f8d9c52ef08d58ee4fae74da0aebf28bc71b48396c8a9a03d778f067db
GET /zone?pub=0&zone_id=4606747&is_mobile=false&domain=davi24.com&var=&ymid=&var_3= HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://davi24.com/
Origin: https://davi24.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 12:56:21 GMT
content-type: application/json; charset=utf-8
content-length: 664
x-trace-id: 860cb3bb5a26221c18b2d0b5625f045b
access-control-allow-origin: https://davi24.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
davi24.com/wp-content/fonts/raleway/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4WjMDrMfIA.woff2
103.77.162.23200 OK 21 kB URL HTTP/1.1 davi24.com/wp-content/fonts/raleway/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4WjMDrMfIA.woff2
IP 103.77.162.23:0
File type Web Open Font Format (Version 2), TrueType, length 21448, version 1.0\012- data
Hash 876b6921f86fad633876677718ee1b2a
96d24469bb923bacbffeb89ba38957464ebe8d35
9448e5e35e9cfba49612fab330c7ef1384a4708be5205b028486288ae260b85f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/fonts/raleway/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4WjMDrMfIA.woff2 HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://davi24.com/wp-content/fonts/904b9a3a0d79473f201bd766ac26b59d.css?ver=20201110
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:21 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 09:21:42 GMT
Accept-Ranges: bytes
Content-Length: 21448
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: font/woff2
nanouwho.com/9?z=4606746&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fdavi24.com%2F3ds-max-2022-free-download%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=ff7a3498e00b46f2bc04040a4bbce394
139.45.197.242204 No Content 0 B URL HTTP/2 nanouwho.com/9?z=4606746&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fdavi24.com%2F3ds-max-2022-free-download%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=ff7a3498e00b46f2bc04040a4bbce394
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /9?z=4606746&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fdavi24.com%2F3ds-max-2022-free-download%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=ff7a3498e00b46f2bc04040a4bbce394 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://davi24.com/
Origin: https://davi24.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 09 Dec 2022 12:56:21 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://davi24.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
nanouwho.com/27/11a99959c11b6755664b3df2c6eb7de1
139.45.197.242200 OK 126 kB URL HTTP/2 nanouwho.com/27/11a99959c11b6755664b3df2c6eb7de1
IP 139.45.197.242:0
File type ASCII text, with very long lines (65523)
Size 126 kB (125975 bytes)
Hash 402c6c65b4148049cbe2151e6cb48a19
727a5eff371583ccf8ed44152ef6770899d0ac48
a8609daaba1c4e644f04bc06f3b9a510ff0a5975d84834552a5e07c10e08427d
Analyzer Verdict Alert quad9 Sinkholed
GET /27/11a99959c11b6755664b3df2c6eb7de1 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/
Cookie: scm=1; OAID=9874d634698a4f35b6aa07462819e2d5; oaidts=1670590581
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 12:56:21 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Wed, 07 Dec 2022 09:08:16 GMT
expires: Wed, 06 Jan 2083 09:08:16 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
bedrapiona.com/5/4606748/?oo=1&js_build=iclick-v1.459.0
139.45.197.234200 OK 1.4 kB URL HTTP/2 bedrapiona.com/5/4606748/?oo=1&js_build=iclick-v1.459.0
IP 139.45.197.234:0
File type JSON data\012- , ASCII text, with very long lines (2943), with no line terminators
Hash 2a2190f2fc77bc8a65b98a240ebba5b4
a2ed30622ad5b43906817b64041e957e9ebfeeee
db5dfd7673d0dc6fe14de655afc2b244516f2da100104014a45aa85641db1f0b
GET /5/4606748/?oo=1&js_build=iclick-v1.459.0 HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://davi24.com
Connection: keep-alive
Referer: https://davi24.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 12:56:20 GMT
content-type: application/json
x-trace-id: 067c7562b5f557468c781a5f6c0dc894
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://davi24.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=ff7a3498e00b46f2bc04040a4bbce394; expires=Sat, 09 Dec 2023 12:56:20 GMT; path=/; secure; SameSite=None
oaidts=1670590580; expires=Sat, 09 Dec 2023 12:56:20 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
davi24.com/wp-content/uploads/2022/09/cropped-DAVI24ICON1-192x192.png
103.77.162.23200 OK 14 kB URL HTTP/1.1 davi24.com/wp-content/uploads/2022/09/cropped-DAVI24ICON1-192x192.png
IP 103.77.162.23:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash dd8dbc75cbbc2f953232968eadb2806c
e3c94a36d47006415601169b285c450ab1695ecd
6040f5362877011251c02e4d4431485df4c93140cbd74a19461caf076e814454
GET /wp-content/uploads/2022/09/cropped-DAVI24ICON1-192x192.png HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/3ds-max-2022-free-download/
Cookie: prefetchAd_4606748=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:21 GMT
Server: Apache
Last-Modified: Sun, 11 Sep 2022 11:43:09 GMT
Accept-Ranges: bytes
Content-Length: 14438
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
davi24.com/wp-content/uploads/2022/09/cropped-DAVI24ICON1-32x32.png
103.77.162.23200 OK 1.3 kB URL HTTP/1.1 davi24.com/wp-content/uploads/2022/09/cropped-DAVI24ICON1-32x32.png
IP 103.77.162.23:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 6ff7db648ea97866f6c66db8b20433a8
8b5c88cd41c745a1f579fa67f9ceabd844767323
026ca12ec1c42d9ba44a85424ff270de3b653f3f8fcc8669165ec2ee875b1ee5
GET /wp-content/uploads/2022/09/cropped-DAVI24ICON1-32x32.png HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/3ds-max-2022-free-download/
Cookie: prefetchAd_4606748=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:56:21 GMT
Server: Apache
Last-Modified: Sun, 11 Sep 2022 11:43:09 GMT
Accept-Ranges: bytes
Content-Length: 1330
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
ibrapush.com/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://davi24.com/
Content-Type: application/json
Origin: https://davi24.com
Content-Length: 384
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 12:56:21 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 08f6fdbad9723cd2bfce7a9cae2b8cc1
access-control-allow-origin: https://davi24.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 09c3c1f68b4c0af769d418791b89b945
276148179360441d25d3ceea419021a31d23cd38
789b12b51dbb5d5a945e9a4f927ce33e4b3bb852320bb7bb8f904b83cc414c85
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "789B12B51DBB5D5A945E9A4F927CE33E4B3BB852320BB7BB8F904B83CC414C85"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2127
Expires: Fri, 09 Dec 2022 13:31:48 GMT
Date: Fri, 09 Dec 2022 12:56:21 GMT
Connection: keep-alive
ibrapush.com/pfe/current/tag.min.js?z=4606747
139.45.197.250200 OK 6.0 kB URL HTTP/2 ibrapush.com/pfe/current/tag.min.js?z=4606747
IP 139.45.197.250:0
File type C source, ASCII text, with very long lines (14602), with no line terminators
Hash d657bf53422fb936c772380d4f10b0a0
12c9bae16b02c957f06b1b0ec8dccef18e51e353
c0285a69f50de67dd9ac0067e87e0c2dd154a36681c02620dbd0892793adb177
GET /pfe/current/tag.min.js?z=4606747 HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 12:56:21 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 15:42:46 GMT
etag: W/"6388cb76-390a"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
link: <https://my.rtmark.net>; rel=dns-prefetch;, <https://my.rtmark.net>; rel=preconnect
content-encoding: gzip
X-Firefox-Spdy: h2
interstitial-07.com/contents/s/45/ad/fc/5dac387ae41ca4a0c1b6a9ac37/01606490601807.jpeg
139.45.197.153200 OK 9.3 kB URL HTTP/2 interstitial-07.com/contents/s/45/ad/fc/5dac387ae41ca4a0c1b6a9ac37/01606490601807.jpeg
IP 139.45.197.153:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 45adfc5dac387ae41ca4a0c1b6a9ac37
d972ecfcf25c8d8c697beac01a3fa85635e564f5
a653f78b2f5c5f1dd923fb9291bb67832dad4014266ef34b6bff707a381b1bda
GET /contents/s/45/ad/fc/5dac387ae41ca4a0c1b6a9ac37/01606490601807.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=a4VyXDG0eyp5w7A&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D2783989656%26z%3D4606746%26b%3D16043341%26c%3D6407127%26var%3D%26d%3Dhttp%253A%252F%252Fbelievemefly.com%252Fbase.php%253Fc%253D3647%2526key%253D432671afcbaec0691a80da097806f6fe%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DYLR_2yMoDx8oEZOi03EUwiBrd-SKnsyshIFzc3oA3_P4ngG4lpy_LeEc0md-JKN0slS-y3v9E1dnlPJQKqFEltKRRlAyQIawhvNpI2JJgkcovA10nZSk9twqgp5tEuxoE1cVGdSS9EpYjD3M42T1PPdR8GI01w1lG5E88E_B-wN43FQMBvxKiJIsPJ4qEv_kYhpzJgxDHMidw9cyCbcI9UY-TIWBs2HbyeuVLUogPvFntikQfaTxf4j_rDd7giP5iMwFhXhc21cHqPrACLF0QUAOeC32UOcug3T-Wy7cnIwL8H9G5NevtNTBz0orPj9kqJt9SGo86wO09-4wwtE_u6olT8I6Cpe_q2SBl5iEoOnHCk_T3A6b4sAvS61buOPvqmv0o-11-VOexh0EbDV4SKKEQ02SAygKIrXVucrKgh1Z-YFCAMfCwLNWLIYhcA-plgLNVDg9oN9MpWVJwMZNTpZV8mdUrntLtvbTrdxgjZFWIil9Ef2liCV1USvy8wNoFTKeOG6VzZrlY_giXP7wrDrKbOZg8-Y5HF8xmbWUeyx70jfhRamVkymiLAcRB0zGwv274kW71A5RP1bm9pEYsN2P1fyR53lkRpZCrPOXZ7zj7vFofGDjYSZjLLCZK-KmdHj0ucrlCfQuvuX9EOMiNl8xpJk%3D%26bag%3DsoD61sIXZfLmZDdfa4zliA%3D%3D%26ruid%3D4c6ebcc7-61e3-4db1-8612-ccb8bd6f6056%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fdavi24.com%252F3ds-max-2022-free-download%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 12:56:21 GMT
content-type: image/jpeg
content-length: 9271
last-modified: Thu, 20 Oct 2022 03:21:06 GMT
vary: Accept-Encoding
etag: "6350bea2-2437"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
interstitial-07.com/contents/s/32/13/a8/e6ac43e59294f402bbbe324953/0596778554123.jpeg
139.45.197.153200 OK 30 kB URL HTTP/2 interstitial-07.com/contents/s/32/13/a8/e6ac43e59294f402bbbe324953/0596778554123.jpeg
IP 139.45.197.153:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 492x328, components 3\012- data
Hash 3213a8e6ac43e59294f402bbbe324953
3e66ba9e6978ca9fef50e07274bd9899e3fed9c3
f880d432fbedbe3a15e8fed32985860e84e8ec4425ad6ff3e6cae446be0a6714
GET /contents/s/32/13/a8/e6ac43e59294f402bbbe324953/0596778554123.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=a4VyXDG0eyp5w7A&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D2783989656%26z%3D4606746%26b%3D16043341%26c%3D6407127%26var%3D%26d%3Dhttp%253A%252F%252Fbelievemefly.com%252Fbase.php%253Fc%253D3647%2526key%253D432671afcbaec0691a80da097806f6fe%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DYLR_2yMoDx8oEZOi03EUwiBrd-SKnsyshIFzc3oA3_P4ngG4lpy_LeEc0md-JKN0slS-y3v9E1dnlPJQKqFEltKRRlAyQIawhvNpI2JJgkcovA10nZSk9twqgp5tEuxoE1cVGdSS9EpYjD3M42T1PPdR8GI01w1lG5E88E_B-wN43FQMBvxKiJIsPJ4qEv_kYhpzJgxDHMidw9cyCbcI9UY-TIWBs2HbyeuVLUogPvFntikQfaTxf4j_rDd7giP5iMwFhXhc21cHqPrACLF0QUAOeC32UOcug3T-Wy7cnIwL8H9G5NevtNTBz0orPj9kqJt9SGo86wO09-4wwtE_u6olT8I6Cpe_q2SBl5iEoOnHCk_T3A6b4sAvS61buOPvqmv0o-11-VOexh0EbDV4SKKEQ02SAygKIrXVucrKgh1Z-YFCAMfCwLNWLIYhcA-plgLNVDg9oN9MpWVJwMZNTpZV8mdUrntLtvbTrdxgjZFWIil9Ef2liCV1USvy8wNoFTKeOG6VzZrlY_giXP7wrDrKbOZg8-Y5HF8xmbWUeyx70jfhRamVkymiLAcRB0zGwv274kW71A5RP1bm9pEYsN2P1fyR53lkRpZCrPOXZ7zj7vFofGDjYSZjLLCZK-KmdHj0ucrlCfQuvuX9EOMiNl8xpJk%3D%26bag%3DsoD61sIXZfLmZDdfa4zliA%3D%3D%26ruid%3D4c6ebcc7-61e3-4db1-8612-ccb8bd6f6056%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fdavi24.com%252F3ds-max-2022-free-download%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 12:56:21 GMT
content-type: image/jpeg
content-length: 29997
last-modified: Thu, 20 Oct 2022 03:21:02 GMT
vary: Accept-Encoding
etag: "6350be9e-752d"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 814fe52c4aeed574082cd7e710264365
f5b51f3a7a6f8dd635975ec4a4065155b96b5e8b
110ab90d6cd1b47566ff3524136449ef590f42dcd838fb5d3802b67c846a84f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "110AB90D6CD1B47566FF3524136449EF590F42DCD838FB5D3802B67C846A84F9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2406
Expires: Fri, 09 Dec 2022 13:36:27 GMT
Date: Fri, 09 Dec 2022 12:56:21 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 4fbea77a0d1d179d738cb7851746552e
8808e4b54c414ca5a58c5b859ff335d61b472a8c
414fa4b36451eb121315b4a80993f6632206eb5ea7fe8c65ddf65acfdf18ae15
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2311
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 12:56:21 GMT
Last-Modified: Fri, 09 Dec 2022 12:17:50 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 278
betotodilea.com/500/4606745?excludes=&oaid=ff7a3498e00b46f2bc04040a4bbce394&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fdavi24.com%2F3ds-max-2022-free-download%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 10 kB URL HTTP/2 betotodilea.com/500/4606745?excludes=&oaid=ff7a3498e00b46f2bc04040a4bbce394&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fdavi24.com%2F3ds-max-2022-free-download%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Hash 4439dca056191655ad51b4625133ec26
c65228f561ddad85ed74106646a8808375e5bc9a
d34511fbb4a65de9957284970d29ff3f971fb0ccb3e9ff713e46aa694a941551
GET /500/4606745?excludes=&oaid=ff7a3498e00b46f2bc04040a4bbce394&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fdavi24.com%2F3ds-max-2022-free-download%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://davi24.com
Connection: keep-alive
Referer: https://davi24.com/
Cookie: OAID=cd92cfd9d1224fae9a30d78ea3b37659
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 12:56:21 GMT
content-type: application/javascript
x-trace-id: 682a510b489f8cfb70e53250379ac5f6
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://davi24.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=ff7a3498e00b46f2bc04040a4bbce394; expires=Sat, 09 Dec 2023 12:56:21 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
interstitial-07.com/?l=a4VyXDG0eyp5w7A&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D2783989656%26z%3D4606746%26b%3D16043341%26c%3D6407127%26var%3D%26d%3Dhttp%253A%252F%252Fbelievemefly.com%252Fbase.php%253Fc%253D3647%2526key%253D432671afcbaec0691a80da097806f6fe%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DYLR_2yMoDx8oEZOi03EUwiBrd-SKnsyshIFzc3oA3_P4ngG4lpy_LeEc0md-JKN0slS-y3v9E1dnlPJQKqFEltKRRlAyQIawhvNpI2JJgkcovA10nZSk9twqgp5tEuxoE1cVGdSS9EpYjD3M42T1PPdR8GI01w1lG5E88E_B-wN43FQMBvxKiJIsPJ4qEv_kYhpzJgxDHMidw9cyCbcI9UY-TIWBs2HbyeuVLUogPvFntikQfaTxf4j_rDd7giP5iMwFhXhc21cHqPrACLF0QUAOeC32UOcug3T-Wy7cnIwL8H9G5NevtNTBz0orPj9kqJt9SGo86wO09-4wwtE_u6olT8I6Cpe_q2SBl5iEoOnHCk_T3A6b4sAvS61buOPvqmv0o-11-VOexh0EbDV4SKKEQ02SAygKIrXVucrKgh1Z-YFCAMfCwLNWLIYhcA-plgLNVDg9oN9MpWVJwMZNTpZV8mdUrntLtvbTrdxgjZFWIil9Ef2liCV1USvy8wNoFTKeOG6VzZrlY_giXP7wrDrKbOZg8-Y5HF8xmbWUeyx70jfhRamVkymiLAcRB0zGwv274kW71A5RP1bm9pEYsN2P1fyR53lkRpZCrPOXZ7zj7vFofGDjYSZjLLCZK-KmdHj0ucrlCfQuvuX9EOMiNl8xpJk%3D%26bag%3DsoD61sIXZfLmZDdfa4zliA%3D%3D%26ruid%3D4c6ebcc7-61e3-4db1-8612-ccb8bd6f6056%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fdavi24.com%252F3ds-max-2022-free-download%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
139.45.197.153200 OK 4.7 kB URL HTTP/2 interstitial-07.com/?l=a4VyXDG0eyp5w7A&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D2783989656%26z%3D4606746%26b%3D16043341%26c%3D6407127%26var%3D%26d%3Dhttp%253A%252F%252Fbelievemefly.com%252Fbase.php%253Fc%253D3647%2526key%253D432671afcbaec0691a80da097806f6fe%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DYLR_2yMoDx8oEZOi03EUwiBrd-SKnsyshIFzc3oA3_P4ngG4lpy_LeEc0md-JKN0slS-y3v9E1dnlPJQKqFEltKRRlAyQIawhvNpI2JJgkcovA10nZSk9twqgp5tEuxoE1cVGdSS9EpYjD3M42T1PPdR8GI01w1lG5E88E_B-wN43FQMBvxKiJIsPJ4qEv_kYhpzJgxDHMidw9cyCbcI9UY-TIWBs2HbyeuVLUogPvFntikQfaTxf4j_rDd7giP5iMwFhXhc21cHqPrACLF0QUAOeC32UOcug3T-Wy7cnIwL8H9G5NevtNTBz0orPj9kqJt9SGo86wO09-4wwtE_u6olT8I6Cpe_q2SBl5iEoOnHCk_T3A6b4sAvS61buOPvqmv0o-11-VOexh0EbDV4SKKEQ02SAygKIrXVucrKgh1Z-YFCAMfCwLNWLIYhcA-plgLNVDg9oN9MpWVJwMZNTpZV8mdUrntLtvbTrdxgjZFWIil9Ef2liCV1USvy8wNoFTKeOG6VzZrlY_giXP7wrDrKbOZg8-Y5HF8xmbWUeyx70jfhRamVkymiLAcRB0zGwv274kW71A5RP1bm9pEYsN2P1fyR53lkRpZCrPOXZ7zj7vFofGDjYSZjLLCZK-KmdHj0ucrlCfQuvuX9EOMiNl8xpJk%3D%26bag%3DsoD61sIXZfLmZDdfa4zliA%3D%3D%26ruid%3D4c6ebcc7-61e3-4db1-8612-ccb8bd6f6056%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fdavi24.com%252F3ds-max-2022-free-download%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
IP 139.45.197.153:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1463)
Hash 0f643313eb5fbbf11a154e7ee168c626
316541faa419edb6b91f45d839af2d784f4aea6f
6fcac4124704e6d64fbdf495e0d9cb4ee9203ed909515b16e729a1ffe89a6590
GET /?l=a4VyXDG0eyp5w7A&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D2783989656%26z%3D4606746%26b%3D16043341%26c%3D6407127%26var%3D%26d%3Dhttp%253A%252F%252Fbelievemefly.com%252Fbase.php%253Fc%253D3647%2526key%253D432671afcbaec0691a80da097806f6fe%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DYLR_2yMoDx8oEZOi03EUwiBrd-SKnsyshIFzc3oA3_P4ngG4lpy_LeEc0md-JKN0slS-y3v9E1dnlPJQKqFEltKRRlAyQIawhvNpI2JJgkcovA10nZSk9twqgp5tEuxoE1cVGdSS9EpYjD3M42T1PPdR8GI01w1lG5E88E_B-wN43FQMBvxKiJIsPJ4qEv_kYhpzJgxDHMidw9cyCbcI9UY-TIWBs2HbyeuVLUogPvFntikQfaTxf4j_rDd7giP5iMwFhXhc21cHqPrACLF0QUAOeC32UOcug3T-Wy7cnIwL8H9G5NevtNTBz0orPj9kqJt9SGo86wO09-4wwtE_u6olT8I6Cpe_q2SBl5iEoOnHCk_T3A6b4sAvS61buOPvqmv0o-11-VOexh0EbDV4SKKEQ02SAygKIrXVucrKgh1Z-YFCAMfCwLNWLIYhcA-plgLNVDg9oN9MpWVJwMZNTpZV8mdUrntLtvbTrdxgjZFWIil9Ef2liCV1USvy8wNoFTKeOG6VzZrlY_giXP7wrDrKbOZg8-Y5HF8xmbWUeyx70jfhRamVkymiLAcRB0zGwv274kW71A5RP1bm9pEYsN2P1fyR53lkRpZCrPOXZ7zj7vFofGDjYSZjLLCZK-KmdHj0ucrlCfQuvuX9EOMiNl8xpJk%3D%26bag%3DsoD61sIXZfLmZDdfa4zliA%3D%3D%26ruid%3D4c6ebcc7-61e3-4db1-8612-ccb8bd6f6056%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fdavi24.com%252F3ds-max-2022-free-download%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 12:56:21 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.24
set-cookie: reverse=8QrBMyPcjucjyUdlpAdHPqCLfKo1Y93N1rKkuVrHZ0g; expires=Fri, 09-Dec-2022 13:56:21 GMT; Max-Age=3600; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: br
X-Firefox-Spdy: h2
unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbl?t=72747&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 09 Dec 2022 12:56:21 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 29069485f70cb5f99c18aee0b32ece34
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 12:56:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 12:56:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/images/branding/product/1x/translate_24dp.png
142.250.74.99200 OK 846 B URL HTTP/2 www.gstatic.com/images/branding/product/1x/translate_24dp.png
IP 142.250.74.99:0
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash e9cd262114358f26b7608b56905185dc
6dbde0a96deaab2b529723ce26c62043cf9180ab
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
GET /images/branding/product/1x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 846
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 10:31:30 GMT
expires: Sat, 09 Dec 2023 10:31:30 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 8692
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/images/branding/product/2x/translate_24dp.png
142.250.74.99200 OK 1.8 kB URL HTTP/2 www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP 142.250.74.99:0
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://translate.googleapis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 12:36:33 GMT
expires: Sat, 09 Dec 2023 12:36:33 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 1189
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 12:56:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ibrapush.com/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://davi24.com/
Content-Type: application/json
Origin: https://davi24.com
Content-Length: 754
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 12:56:22 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 1f1e832eadb4806bf5734b98d0817f41
access-control-allow-origin: https://davi24.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
davi24.com/sw.js
103.77.162.23404 Not Found 56 kB IP 103.77.162.23:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1820), with CRLF, LF line terminators
Hash 4c6edb7bb95cc86ae3e0a23e0cbc40d7
02be2988d5c52634bab96cd5c0c84df9ee0d2469
325ce7fc78a956bf4296341b806711b22bac3b4184b692e4ce16dc5d2901d83a
Analyzer Verdict Alert fortinet Malware
GET /sw.js HTTP/1.1
Host: davi24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://davi24.com/3ds-max-2022-free-download/
Connection: keep-alive
Cookie: prefetchAd_4606748=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 09 Dec 2022 12:56:21 GMT
Server: Apache
X-Powered-By: PHP/7.0.33
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://davi24.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f3c5738-c186-4a1f-a431-33143797bcd5.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f3c5738-c186-4a1f-a431-33143797bcd5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 659b6eb1f1c430e2780758c7787b9a23
4792b0893827924e84cc51450012407717da4d2b
f14393b6bcc036fa9ed61114944ebb25192adfec72c09807eb7948a88c790d69
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f3c5738-c186-4a1f-a431-33143797bcd5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8345
x-amzn-requestid: 4e42c335-cc27-41bc-8d5c-cbe3dcc1f623
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpwRBF_gIAMFdCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d60d3-254d38575d76726a4462c66f;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 03:09:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Z2JMjvOva19O3uj7la6UmjCpwleEyo3y2IfRCp4qp5iuob0AYN9Mng==
via: 1.1 b4085435efbe95a420f374958bd145be.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 12:32:24 GMT
age: 1440
etag: "4792b0893827924e84cc51450012407717da4d2b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ibrapush.com/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://davi24.com/
Content-Type: application/json
Origin: https://davi24.com
Content-Length: 392
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 12:56:25 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 117ecfdda8f21854a9f9961372968b6a
access-control-allow-origin: https://davi24.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
nanouwho.com/1?z=4606746
139.45.197.242200 OK 0 B IP 139.45.197.242:0
Analyzer Verdict Alert quad9 Sinkholed
GET /1?z=4606746 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 12:56:21 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: f9fd20bb24d857e09f31a43f4d1ea114
access-control-expose-headers: X-Sc
x-sc: bcR0WzVNx9Ujl6QqOViUjzIjHTndvz89lXf5cdGJoDiAh0SDGbLrjFYacDSsH03n_8s-enovXlZWUcfwpCxn3MNdkPY=
set-cookie: scm=1; expires=Sat, 09 Dec 2023 12:56:21 GMT; secure; SameSite=None
OAID=9874d634698a4f35b6aa07462819e2d5; expires=Sat, 09 Dec 2023 12:56:21 GMT; secure; SameSite=None
oaidts=1670590581; expires=Sat, 09 Dec 2023 12:56:21 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
betotodilea.com/400/4606745
139.45.197.237200 OK 0 B URL HTTP/2 betotodilea.com/400/4606745
IP 139.45.197.237:0
GET /400/4606745 HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 12:56:21 GMT
content-type: application/javascript
x-trace-id: 5d36a35d4264552f9945eff051b10b6a
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=cd92cfd9d1224fae9a30d78ea3b37659; expires=Sat, 09 Dec 2023 12:56:21 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
ibrapush.com/pfe/current/universal.min.js?v=3.1.409
139.45.197.250200 OK 0 B URL HTTP/2 ibrapush.com/pfe/current/universal.min.js?v=3.1.409
IP 139.45.197.250:0
GET /pfe/current/universal.min.js?v=3.1.409 HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://davi24.com/
Origin: https://davi24.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 12:56:21 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 15:42:46 GMT
etag: W/"6388cb76-18c6c"
access-control-allow-origin: https://davi24.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
www.adz2you.net/serve/ads.js
172.67.148.181200 OK 0 B URL HTTP/2 www.adz2you.net/serve/ads.js
IP 172.67.148.181:0
GET /serve/ads.js HTTP/1.1
Host: www.adz2you.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 12:56:18 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1263
etag: W/"5d4508b2-4ef"
last-modified: Sat, 03 Aug 2019 04:08:18 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p0mlA1uIh4OKsjNVmWDzNq5eQNPTVj%2B%2FxKqWGWwMJxHDwZOyw%2BO4x4lVDZeK2CO38wGA4J66JyTPtQkwYZfXedVvI8%2FcAIO2J6%2FIggqwgklfM8vSobEAhnUSWRE%2F8cUgs%2Bc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776de6695f86b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
onmarshtompor.com/?rb=AxAZ4NusEj93h34U0_gJM901pXQJyUTpI243C4fS2CJK7BFtdm1JCaCYBXjJ_X6qKvQj6HnDRUCkSNIM_fgDLZJ-mGgR1vMZpfSA9hW7Q_yIMCapRrRrhG3b1w4C9a7MTznLlvjgVAGOpVNWj1e153ULM3ZABz5kmhg8l4gvAzXxHSFvm7VPtREMR1Kih0Y2VnX5HCfO0IyrQxfw_WrmWMJq5IQFVgr2FRuKOJIV6y0%3D&request_ab2=96003&zoneid=4606748&js_build=iclick-v1.459.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fdavi24.com%2F3ds-max-2022-free-download%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.459.0&bs=b13e7f89-4ce9-4385-8755-f9724908d125&userId=ff7a3498e00b46f2bc04040a4bbce394&m=link
139.45.197.243200 OK 0 B URL HTTP/2 onmarshtompor.com/?rb=AxAZ4NusEj93h34U0_gJM901pXQJyUTpI243C4fS2CJK7BFtdm1JCaCYBXjJ_X6qKvQj6HnDRUCkSNIM_fgDLZJ-mGgR1vMZpfSA9hW7Q_yIMCapRrRrhG3b1w4C9a7MTznLlvjgVAGOpVNWj1e153ULM3ZABz5kmhg8l4gvAzXxHSFvm7VPtREMR1Kih0Y2VnX5HCfO0IyrQxfw_WrmWMJq5IQFVgr2FRuKOJIV6y0%3D&request_ab2=96003&zoneid=4606748&js_build=iclick-v1.459.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fdavi24.com%2F3ds-max-2022-free-download%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.459.0&bs=b13e7f89-4ce9-4385-8755-f9724908d125&userId=ff7a3498e00b46f2bc04040a4bbce394&m=link
IP 139.45.197.243:0
GET /?rb=AxAZ4NusEj93h34U0_gJM901pXQJyUTpI243C4fS2CJK7BFtdm1JCaCYBXjJ_X6qKvQj6HnDRUCkSNIM_fgDLZJ-mGgR1vMZpfSA9hW7Q_yIMCapRrRrhG3b1w4C9a7MTznLlvjgVAGOpVNWj1e153ULM3ZABz5kmhg8l4gvAzXxHSFvm7VPtREMR1Kih0Y2VnX5HCfO0IyrQxfw_WrmWMJq5IQFVgr2FRuKOJIV6y0%3D&request_ab2=96003&zoneid=4606748&js_build=iclick-v1.459.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fdavi24.com%2F3ds-max-2022-free-download%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.459.0&bs=b13e7f89-4ce9-4385-8755-f9724908d125&userId=ff7a3498e00b46f2bc04040a4bbce394&m=link HTTP/1.1
Host: onmarshtompor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://davi24.com/
Origin: https://davi24.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 12:56:21 GMT
content-type: application/json
x-trace-id: 592c33556246b28bb0534562a4a92199
access-control-allow-origin: https://davi24.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=ff7a3498e00b46f2bc04040a4bbce394; expires=Sat, 09 Dec 2023 12:56:21 GMT; path=/; secure; SameSite=None
oaidts=1670590581; expires=Sat, 09 Dec 2023 12:56:21 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Fri, 16 Dec 2022 12:56:21 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
translate.google.com/translate_a/element.js?cb=GoogleLanguageTranslatorInit
142.250.74.174200 OK 0 B URL HTTP/2 translate.google.com/translate_a/element.js?cb=GoogleLanguageTranslatorInit
IP 142.250.74.174:0
GET /translate_a/element.js?cb=GoogleLanguageTranslatorInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://davi24.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 09 Dec 2022 12:56:18 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+213; expires=Sun, 08-Dec-2024 12:56:18 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2