Overview

URL megadb.net/sfqgk8axu8cb
IP172.67.216.36
ASNCLOUDFLARENET
Location United States
Report completed2022-10-02 19:19:30 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-10-02 2 fleraprt.com Sinkholed
2022-10-02 2 goomaphy.com Sinkholed
2022-10-02 2 goomaphy.com Sinkholed


Files

No files detected



Passive DNS (24)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS www.google.com (1) 7 2016-08-04 12:36:31 UTC 2022-10-02 17:15:51 UTC 142.250.74.164
mnemonic passive DNS cdn.uponelectabuzzor.club (4) 0 2022-03-10 06:30:29 UTC 2022-10-02 16:19:03 UTC 139.45.197.239 Unknown ranking
mnemonic passive DNS ocsp.sectigo.com (2) 487 2018-12-17 11:31:55 UTC 2022-10-02 15:34:27 UTC 172.64.155.188
mnemonic passive DNS my.rtmark.net (1) 9054 2017-08-22 14:11:49 UTC 2022-10-02 11:43:59 UTC 139.45.195.8
mnemonic passive DNS ssl.google-analytics.com (1) 275 2012-10-03 00:55:57 UTC 2022-10-02 17:54:50 UTC 142.250.74.104
mnemonic passive DNS www.gstatic.com (1) 0 2016-07-26 09:37:06 UTC 2022-10-02 13:12:44 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-02 04:45:21 UTC 34.117.237.239
mnemonic passive DNS e1.o.lencr.org (2) 6159 2021-08-20 07:36:30 UTC 2022-10-02 11:34:26 UTC 23.36.77.32
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-02 10:20:02 UTC 35.82.48.240
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-10-02 11:24:29 UTC 34.120.237.76
mnemonic passive DNS ocsp.pki.goog (6) 175 2017-06-14 07:23:31 UTC 2022-10-02 05:01:45 UTC 142.250.74.3
mnemonic passive DNS fleraprt.com (1) 0 2022-01-14 22:55:14 UTC 2022-10-02 13:33:52 UTC 139.45.195.254 Unknown ranking
mnemonic passive DNS betotodilea.com (6) 52465 2021-08-17 07:55:50 UTC 2022-10-02 16:11:04 UTC 139.45.197.237
mnemonic passive DNS goomaphy.com (2) 0 2022-07-22 19:39:03 UTC 2022-10-02 16:32:33 UTC 139.45.197.239 Unknown ranking
mnemonic passive DNS megadb.net (3) 0 2021-12-04 22:36:02 UTC 2022-10-02 09:53:50 UTC 104.21.67.68 Unknown ranking
mnemonic passive DNS maxcdn.bootstrapcdn.com (2) 724 2014-06-18 00:37:31 UTC 2022-10-02 12:37:04 UTC 104.18.11.207
mnemonic passive DNS use.fontawesome.com (2) 942 2017-01-30 04:43:25 UTC 2022-10-02 11:32:49 UTC 172.64.133.15
mnemonic passive DNS tzegilo.com (1) 0 2022-01-14 15:27:15 UTC 2022-10-02 13:33:49 UTC 172.67.194.45 Unknown ranking
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-10-02 16:25:36 UTC 18.165.201.83
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-02 05:00:42 UTC 108.156.28.51
mnemonic passive DNS ocsp.digicert.com (4) 86 2012-05-21 07:02:23 UTC 2022-10-02 15:44:45 UTC 93.184.220.29
mnemonic passive DNS offerimage.com (1) 304078 2019-06-10 11:11:53 UTC 2022-10-02 16:29:19 UTC 104.22.32.172
mnemonic passive DNS fonts.gstatic.com (1) 0 2014-08-29 13:43:22 UTC 2022-10-02 11:24:27 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS r3.o.lencr.org (7) 344 2020-12-02 08:52:13 UTC 2022-10-02 05:33:45 UTC 23.36.76.226


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 172.67.216.36

Date UQ / IDS / BL URL IP
2022-12-04 11:36:10 +0000
0 - 0 - 5 megadb.net/6mohw9gq1jp5 172.67.216.36
2022-11-27 16:04:57 +0000
0 - 0 - 6 megadb.net/f45y9mxl724x 172.67.216.36
2022-11-24 02:51:03 +0000
0 - 0 - 12 megadb.net/v0i1uo9a0zw3 172.67.216.36
2022-11-21 06:50:56 +0000
0 - 0 - 4 megadb.net/aiuzn5qb4icw 172.67.216.36
2022-11-20 23:19:36 +0000
0 - 0 - 4 megadb.net/fnemb1v5xxir 172.67.216.36

Last 5 reports on ASN: CLOUDFLARENET

Date UQ / IDS / BL URL IP
2022-12-04 23:11:08 +0000
0 - 0 - 3 stfly.me/4XZD6 104.21.57.201
2022-12-04 23:10:50 +0000
0 - 0 - 3 dichvu.diamondacademy.vn/wp-content/uploads/2 (...) 188.114.97.1
2022-12-04 23:05:48 +0000
0 - 0 - 1 rehyk.ninas-lifestyle.com/ 104.21.35.154
2022-12-04 23:05:36 +0000
0 - 0 - 3 steamcommunityi.ru/profiles/7656119921279649211 188.114.97.1
2022-12-04 23:04:36 +0000
0 - 0 - 6 fa592ydj2d5e8bl2a1.youltube.biz/ 172.67.148.44

Last 5 reports on domain: megadb.net

Date UQ / IDS / BL URL IP
2022-12-04 11:36:10 +0000
0 - 0 - 5 megadb.net/6mohw9gq1jp5 172.67.216.36
2022-11-27 16:04:57 +0000
0 - 0 - 6 megadb.net/f45y9mxl724x 172.67.216.36
2022-11-24 02:51:03 +0000
0 - 0 - 12 megadb.net/v0i1uo9a0zw3 172.67.216.36
2022-11-21 06:50:56 +0000
0 - 0 - 4 megadb.net/aiuzn5qb4icw 172.67.216.36
2022-11-20 23:19:36 +0000
0 - 0 - 4 megadb.net/fnemb1v5xxir 172.67.216.36

No other reports with similar screenshot



JavaScript

Executed Scripts (34)


Executed Evals (5)

#1 JavaScript::Eval (size: 22, repeated: 1) - SHA256: e5683c5a6cd34f26d9e83cd82920f4f254eca60536c547e744adaeb0c46e36ed

                                        0,
function(p) {
    EY(p, 1)
}
                                    

#2 JavaScript::Eval (size: 22, repeated: 1) - SHA256: c27350eb28449ea5fe63d2274e8009133c1c7821812e2d4bd0073bca021cc5e2

                                        0,
function(p) {
    EY(p, 2)
}
                                    

#3 JavaScript::Eval (size: 15574, repeated: 1) - SHA256: 4f34657c24016e806ad6855ae168ee70b5948f69a252e7a9c5fdf5940467859f

                                        /* Anti-spam. Want to say hello? Contact (base64) Ym90Z3VhcmQtY29udGFjdEBnb29nbGUuY29t */
(function() {
    var A = function(S) {
            return S
        },
        V = function(S, D) {
            if (!(D = (S = null, Z.trustedTypes), D) || !D.createPolicy) return S;
            try {
                S = D.createPolicy("bg", {
                    createHTML: A,
                    createScript: A,
                    createScriptURL: A
                })
            } catch (p) {
                Z.console && Z.console.error(p.message)
            }
            return S
        },
        Z = this || self;
    (0, eval)(function(S, D) {
        return (D = V()) && 1 === S.eval(D.createScript("1")) ? function(p) {
            return D.createScript(p)
        } : function(p) {
            return "" + p
        }
    }(Z)(Array(7824 * Math.random() | 0).join("\n") + '(function(){var S9=function(S,D){return(D=D.create().shift(),S.K).create().length||S.A.create().length||(S.A=void 0,S.K=void 0),D},pb=function(S,D,A,Z){for(;S.X.length;){A=(S.o=null,S.X.pop());try{Z=D_(S,A)}catch(e){v(S,e)}if(D&&S.o){D=S.o,D(function(){B(true,true,S)});break}}return Z},A4=function(S,D,A,Z,e,p){function V(){if(D.j==D){if(D.D){var R=[X,Z,A,void 0,e,p,arguments];if(2==S)var h=B(false,false,(d(D,R),D));else if(1==S){var P=!D.X.length;d(D,R),P&&B(false,false,D)}else h=D_(D,R);return h}e&&p&&e.removeEventListener(p,V,H)}}return V},WP=function(S,D,A,Z,e){for(e=(Z=(S.xE=(S.ja=(S.oy=(S.bJ=(S.Ct=Z_,S[a]),VK),R7(S.I,{get:function(){return this.concat()}})),L)[S.I](S.ja,{value:{value:{}}}),[]),0);128>e;e++)Z[e]=String.fromCharCode(e);B(true,true,((d(S,(d(S,[(N(S,(K(function(p,V,R,h){(R=M((V=M((h=M(p),p)),p)),N)(p,R,f(h,p)||f(V,p))},(N(S,161,[(K((K(function(p,V,R,h,P){N((V=(P=f((h=(R=M(p),P=M(p),M(p)),V=M(p),h=f(h,p),P),p),f)(V,p),p),R,A4(V,p,h,P))},S,(S.mr=(N(S,(K(function(){},(N(S,(K(function(p,V,R,h){N(p,(h=(V=f((R=(V=(h=M(p),M)(p),M(p)),V),p),f(h,p))==V,R),+h)},(N(S,(K(function(p,V,R,h){if(h=p.kE.pop()){for(R=m(p);0<R;R--)V=M(p),h[V]=p.D[V];p.D=((h[239]=p.D[239],h)[195]=p.D[195],h)}else N(p,110,p.Y)},S,(K(function(p){vP(4,p)},S,((K(function(p,V,R,h,P,E,x,u,W,Q,C,n){function l(r,F){for(;W<r;)h|=m(p)<<W,W+=8;return h>>=(F=(W-=r,h&(1<<r)-1),r),F}for(h=W=(x=M(p),0),Q=(l(3)|0)+1,E=l(5),n=[],P=u=0;u<E;u++)R=l(1),n.push(R),P+=R?0:1;for(C=(P=(u=((P|0)-1).toString(2).length,0),[]);P<E;P++)n[P]||(C[P]=l(u));for(u=0;u<E;u++)n[u]&&(C[u]=M(p));for(V=[];Q--;)V.push(f(M(p),p));K(function(r,F,G,q,k){for(F=[],q=[],k=0;k<E;k++){if(!n[G=C[k],k]){for(;G>=q.length;)q.push(M(r));G=q[G]}F.push(G)}r.A=(r.K=dx(V.slice(),r),dx)(F,r)},p,x)},(K(function(p){EY(p,4)},(K(function(p,V,R,h,P){0!==(h=f((R=(V=(P=M((h=M(p),p)),M(p)),M(p)),h),p.j),R=f(R,p),P=f(P,p),V=f(V,p),h)&&(V=A4(1,p,R,V,h,P),h.addEventListener(P,V,H),N(p,345,[h,P,V]))},S,(K(function(p,V,R,h,P,E){c(false,p,V,true)||(E=e9(p.j),V=E.P,P=E.C,h=E.DA,R=P.length,E=E.nt,V=0==R?new h[V]:1==R?new h[V](P[0]):2==R?new h[V](P[0],P[1]):3==R?new h[V](P[0],P[1],P[2]):4==R?new h[V](P[0],P[1],P[2],P[3]):2(),N(p,E,V))},(K((K(function(p,V,R){N(p,(V=M(p),R=M(p),R),""+f(V,p))},S,(K(function(p,V,R,h){(V=(R=(V=M((h=M(p),p)),M(p)),h=f(h,p),f(V,p)),N)(p,R,h[V])},(K(function(p,V,R){c(false,p,V,true)||(V=M(p),R=M(p),N(p,R,function(h){return eval(h)}(h4(f(V,p.j)))))},S,(N(S,480,(N(S,((N(S,(K(function(p,V){(p=(V=M(p),f)(V,p.j),p)[0].removeEventListener(p[1],p[2],H)},(K(function(p,V,R,h,P,E){if(!c(true,p,V,true)){if("object"==(p=f((P=f((E=(V=(P=M((V=(R=M(p),M)(p),p)),E=M(p),f(V,p)),f)(E,p),P),p),R),p),BP(p))){for(h in R=[],p)R.push(h);p=R}for(R=(P=(h=p.length,0)<P?P:1,0);R<h;R+=P)V(p.slice(R,(R|0)+(P|0)),E)}},S,(K(function(p,V,R){V=(V=M(p),R=M(p),V=f(V,p),BP(V)),N(p,R,V)},S,(K(function(p,V,R,h,P,E,x){for(R=(x=(P=f(259,(V=(h=M(p),$X(p)),E="",p)),P.length),0);V--;)R=((R|0)+($X(p)|0))%x,E+=Z[P[R]];N(p,h,E)},(S.Ji=(N(S,(K(function(p,V,R,h,P){for(V=(R=(P=$X((h=M(p),p)),0),[]);R<P;R++)V.push(m(p));N(p,h,V)},S,(K(function(p){vP(1,p)},(K(function(p,V,R,h){h=M((R=M(p),V=m(p),p)),N(p,h,f(R,p)>>>V)},S,(N(S,207,[0,(N(S,(K(function(p,V,R,h){N(p,(R=f((V=(h=M((V=(R=M(p),M(p)),p)),f(V,p)),R),p),h),R in V|0)},(N(S,(K(function(p){PP(p,4)},S,(K((K(function(p,V,R,h){!c(false,p,V,true)&&(V=e9(p),h=V.P,R=V.DA,p.j==p||h==p.Kt&&R==p)&&(N(p,V.nt,h.apply(R,V.C)),p.G=p.U())},S,(K(function(p,V,R,h){N(p,(R=(V=(h=(R=M(p),M(p)),f(h,p)),f(R,p)),h),V+R)},(N(S,479,(N(S,((S.v=0,S.O=1,S.H=(S.K=void 0,[]),S.D=[],S.R=(S.Wa=false,S.l=25,e=window.performance||{},(S.G=(S.Y=0,(S.T=8001,S).W=void 0,0),S.B=0,S).V=(S.g=void 0,S.s=!(S.h=void 0,1),S.J=(S.F=0,void 0),S.Kt=function(p){this.j=p},void 0),S.o=(S.u=[],null),S.j=(S.S=(S.X=[],false),S.i=0,S.Ai=0,S),S.kE=[],[]),S).A=void 0,S.Iy=e.timeOrigin||(e.timing||{}).navigationStart||0,110),0),0)),S),300),255)),function(p,V,R){0!=f((R=(R=(V=M(p),M)(p),f(R,p)),V),p)&&N(p,110,R)}),S,162),283)),486),Y(4)),S),79),476),[]),0),0]),157)),S),171),374)),195),2048),0),S),11),208)),457)),S),91),64),{}),S).Ql=0,271),J),590)),243)),S),183),499)),function(p,V){Xn((V=f(M(p),p),p.j),V)}),S,215),S),76),425)),S),266),S),74),K)(function(p,V,R,h,P){(h=(P=M((V=M(p),p)),M(p)),p.j)==p&&(R=f(V,p),h=f(h,p),P=f(P,p),R[P]=h,65==V&&(p.g=void 0,2==P&&(p.J=y(32,p,false),p.g=void 0)))},S,242),401)),84)),370),S),S),24),239),[]),S),225),345),0),0),20)),function(p){PP(p,3)}),S,262),160),0,0]),S),62),427),0),xX)]),[U,A])),d)(S,[uR,D]),S))},m=function(S){return S.K?S9(S,S.A):y(8,S,true)},T=function(S,D,A,Z,e,p){if(S.j==S)for(e=f(A,S),486==A?(A=function(V,R,h,P){if(R=(P=e.length,(P|0)-4)>>3,e.yl!=R){R=(R<<3)-(h=[0,0,p[1],p[e.yl=R,2]],4);try{e.pt=HP(h,a7(e,R),a7(e,(R|0)+4))}catch(E){throw E;}}e.push(e.pt[P&7]^V)},p=f(207,S)):A=function(V){e.push(V)},Z&&A(Z&255),S=0,Z=D.length;S<Z;S++)A(D[S])},Ns=function(S,D,A,Z,e,p,V,R){return(V=L[D.I]((Z=(e=Lb,[(R=A&7,-49),81,60,-23,96,-93,Z,-15,53,53]),D.ja)),V)[D.I]=function(h){R+=6+(p=h,7*A),R&=7},V.concat=function(h){return(h=(h=+R-96*S*S*p-1104*p+Z[h=S%16+1,R+11&7]*S*h+(e()|0)*h-3888*S*p+48*p*p-h*p+2*S*S*h,Z[h]),p=void 0,Z)[(R+53&7)+(A&2)]=h,Z[R+(A&2)]=81,h},V},EY=function(S,D,A,Z){for(A=(Z=M(S),0);0<D;D--)A=A<<8|m(S);N(S,Z,A)},a7=function(S,D){return S[D]<<24|S[(D|0)+1]<<16|S[(D|0)+2]<<8|S[(D|0)+3]},t=function(S,D,A,Z){for(A=((Z=[],D)|0)-1;0<=A;A--)Z[(D|0)-1-(A|0)]=S>>8*A&255;return Z},d=function(S,D){S.X.splice(0,0,D)},o7=function(S,D,A){if(3==S.length){for(A=0;3>A;A++)D[A]+=S[A];for(A=(S=[13,8,13,12,16,5,3,10,15],0);9>A;A++)D[3](D,A%3,S[A])}},y=function(S,D,A,Z,e,p,V,R,h,P,E,x,u,W){if(h=f(110,D),h>=D.Y)throw[O,31];for(E=(V=(W=h,D).bJ.length,S),Z=0;0<E;)x=W>>3,P=D.u[x],e=W%8,p=8-(e|0),p=p<E?p:E,A&&(u=D,u.g!=W>>6&&(u.g=W>>6,R=f(65,u),u.V=HP([0,0,R[1],R[2]],u.J,u.g)),P^=D.V[x&V]),Z|=(P>>8-(e|0)-(p|0)&(1<<p)-1)<<(E|0)-(p|0),W+=p,E-=p;return N(D,110,(h|0)+(A=Z,S|0)),A},e9=function(S,D,A,Z,e,p){for(A=(D=M((p=((Z=M((e=S[Cb]||{},S)),e).nt=M(S),e.C=[],S.j==S?(m(S)|0)-1:1),S)),0);A<p;A++)e.C.push(M(S));for(e.P=f(Z,S);p--;)e.C[p]=f(e.C[p],S);return e.DA=f(D,S),e},Y=function(S,D){for(D=[];S--;)D.push(255*Math.random()|0);return D},f=function(S,D){if((D=D.D[S],void 0)===D)throw[O,30,S];if(D.value)return D.create();return D.create(2*S*S+81*S+23),D.prototype},D_=function(S,D,A,Z,e){if((Z=D[0],Z)==z)S.l=25,S.N(D);else if(Z==a){e=D[1];try{A=S.W||S.N(D)}catch(p){v(S,p),A=S.W}e(A)}else if(Z==rx)S.N(D);else if(Z==U)S.N(D);else if(Z==uR){try{for(A=0;A<S.R.length;A++)try{e=S.R[A],e[0][e[1]](e[2])}catch(p){}}catch(p){}(0,D[1])(function(p,V){S.L(p,true,V)},(S.R=[],function(p){(p=!S.X.length,d)(S,[Kb]),p&&B(false,true,S)}))}else{if(Z==X)return A=D[2],N(S,4,D[6]),N(S,64,A),S.N(D);Z==Kb?(S.D=null,S.u=[],S.H=[]):Z==xX&&"loading"===J.document.readyState&&(S.o=function(p,V){function R(){V||(V=true,p())}V=false,J.document.addEventListener("DOMContentLoaded",R,H),J.addEventListener("load",R,H)})}},Xn=function(S,D){N(S,((S.kE.push(S.D.slice()),S).D[110]=void 0,110),D)},b,Ms=function(S,D,A){return S.L(function(Z){A=Z},false,D),A},nb=function(S,D,A,Z,e,p){if(!D.W){D.B++;try{for(e=(A=(Z=void 0,D).Y,0);--S;)try{if(p=void 0,D.K)Z=S9(D,D.K);else{if(e=f(110,D),e>=A)break;Z=(p=M((N(D,479,e),D)),f)(p,D)}c(false,D,(Z&&Z[Kb]&2048?Z(D,S):g([O,21,p],0,D),S),false)}catch(V){f(480,D)?g(V,22,D):N(D,480,V)}if(!S){if(D.MV){nb(171153967572,(D.B--,D));return}g([O,33],0,D)}}catch(V){try{g(V,22,D)}catch(R){v(D,R)}}D.B--}},sY=function(S,D,A,Z){try{Z=S[((D|0)+2)%3],S[D]=(S[D]|0)-(S[((D|0)+1)%3]|0)-(Z|0)^(1==D?Z<<A:Z>>>A)}catch(e){throw e;}},fb=function(S,D){D.push(S[0]<<24|S[1]<<16|S[2]<<8|S[3]),D.push(S[4]<<24|S[5]<<16|S[6]<<8|S[7]),D.push(S[8]<<24|S[9]<<16|S[10]<<8|S[11])},HP=function(S,D,A,Z,e){for(e=(S=S[2]|(Z=S[3]|0,0),0);14>e;e++)A=A>>>8|A<<24,Z=Z>>>8|Z<<24,Z+=S|0,Z^=e+3261,A+=D|0,D=D<<3|D>>>29,A^=S+3261,D^=A,S=S<<3|S>>>29,S^=Z;return[D>>>24&255,D>>>16&255,D>>>8&255,D>>>0&255,A>>>24&255,A>>>16&255,A>>>8&255,A>>>0&255]},w,H={passive:true,capture:true},J=this||self,PP=function(S,D,A,Z,e){T(S,(((Z=(A=M((Z=(D&=(e=D&4,3),M(S)),S)),f(Z,S)),e)&&(Z=cP(""+Z)),D)&&T(S,t(Z.length,2),A),Z),A)},Fn=function(S,D,A,Z){function e(){}return Z=YX((A=void 0,S),function(p){e&&(D&&lR(D),A=p,e(),e=void 0)},!!D)[0],{invoke:function(p,V,R,h){function P(){A(function(E){lR(function(){p(E)})},R)}if(!V)return V=Z(R),p&&p(V),V;A?P():(h=e,e=function(){lR((h(),P))})}}},lR=J.requestIdleCallback?function(S){requestIdleCallback(function(){S()},{timeout:4})}:J.setImmediate?function(S){setImmediate(S)}:function(S){setTimeout(S,0)},vP=function(S,D,A,Z){Z=(A=M(D),M)(D),T(D,t(f(A,D),S),Z)},J4=function(S,D){if(D=(S=null,J.trustedTypes),!D||!D.createPolicy)return S;try{S=D.createPolicy("bg",{createHTML:m2,createScript:m2,createScriptURL:m2})}catch(A){J.console&&J.console.error(A.message)}return S},v=function(S,D){S.W=((S.W?S.W+"~":"E:")+D.message+":"+D.stack).slice(0,2048)},N=function(S,D,A){if(110==D||479==D)S.D[D]?S.D[D].concat(A):S.D[D]=dx(A,S);else{if(S.s&&65!=D)return;161==D||486==D||476==D||239==D||207==D?S.D[D]||(S.D[D]=Ns(D,S,86,A)):S.D[D]=Ns(D,S,17,A)}65==D&&(S.J=y(32,S,false),S.g=void 0)},yK=function(S,D,A,Z){return f(64,(((Z=f(110,A),A.u)&&Z<A.Y?(N(A,110,A.Y),Xn(A,D)):N(A,110,D),nb)(S,A),N(A,110,Z),A))},B=function(S,D,A,Z,e,p){if(A.X.length){A.Wa=(A.S&&0(),D),A.S=true;try{e=A.U(),A.G=e,A.i=e,A.h=0,p=pb(A,D),Z=A.U()-A.i,A.F+=Z,Z<(S?0:10)||0>=A.l--||(Z=Math.floor(Z),A.H.push(254>=Z?Z:254))}finally{A.S=false}return p}},$X=function(S,D){return D=m(S),D&128&&(D=D&127|m(S)<<7),D},cP=function(S,D,A,Z,e){for(A=Z=(e=(S=S.replace(/\\r\\n/g,"\\n"),[]),0);A<S.length;A++)D=S.charCodeAt(A),128>D?e[Z++]=D:(2048>D?e[Z++]=D>>6|192:(55296==(D&64512)&&A+1<S.length&&56320==(S.charCodeAt(A+1)&64512)?(D=65536+((D&1023)<<10)+(S.charCodeAt(++A)&1023),e[Z++]=D>>18|240,e[Z++]=D>>12&63|128):e[Z++]=D>>12|224,e[Z++]=D>>6&63|128),e[Z++]=D&63|128);return e},g=function(S,D,A,Z,e,p){if(!A.s){if(S=f(195,((0==(e=f(239,((Z=void 0,S&&S[0]===O)&&(Z=S[2],D=S[1],S=void 0),A)),e.length)&&(p=f(479,A)>>3,e.push(D,p>>8&255,p&255),void 0!=Z&&e.push(Z&255)),D="",S)&&(S.message&&(D+=S.message),S.stack&&(D+=":"+S.stack)),A)),3<S){A.j=(Z=(D=(S-=(D=D.slice(0,(S|0)-3),D.length|0)+3,cP)(D),A.j),A);try{T(A,t(D.length,2).concat(D),486,9)}finally{A.j=Z}}N(A,195,S)}},YX=function(S,D,A,Z){return(Z=b[S.substring(0,3)+"_"])?Z(S.substring(3),D,A):UY(S,D)},m2=function(S){return S},M=function(S,D){if(S.K)return S9(S,S.A);return D=y(8,S,true),D&128&&(D^=128,S=y(2,S,true),D=(D<<2)+(S|0)),D},c=function(S,D,A,Z,e,p,V,R,h){if(((D.O+=(V=(R=(h=(p=(Z||D.h++,0<D.v&&D.S)&&D.Wa&&1>=D.B&&!D.K&&!D.o&&(!Z||1<D.T-A)&&0==document.hidden,e=4==D.h)||p?D.U():D.G,h)-D.G,R>>14),D.J&&(D.J^=V*(R<<2)),V),D).j=V||D.j,e)||p)D.h=0,D.G=h;if(!p||h-D.i<D.v-(S?255:Z?5:2))return false;return(N(D,(S=f((D.T=A,Z?479:110),D),110),D.Y),D.X).push([rx,S,Z?A+1:A]),D.o=lR,true},R7=function(S,D){return L[S](L.prototype,{document:D,call:D,prototype:D,propertyIsEnumerable:D,floor:D,pop:D,parent:D,replace:D,splice:D,stack:D,length:D,console:D})},K=function(S,D,A){S[N(D,A,S),xX]=2796},BP=function(S,D,A){if("object"==(D=typeof S,D))if(S){if(S instanceof Array)return"array";if(S instanceof Object)return D;if("[object Window]"==(A=Object.prototype.toString.call(S),A))return"object";if("[object Array]"==A||"number"==typeof S.length&&"undefined"!=typeof S.splice&&"undefined"!=typeof S.propertyIsEnumerable&&!S.propertyIsEnumerable("splice"))return"array";if("[object Function]"==A||"undefined"!=typeof S.call&&"undefined"!=typeof S.propertyIsEnumerable&&!S.propertyIsEnumerable("call"))return"function"}else return"null";else if("function"==D&&"undefined"==typeof S.call)return"object";return D},dx=function(S,D,A){return(A=L[D.I](D.xE),A)[D.I]=function(){return S},A.concat=function(Z){S=Z},A},UY=function(S,D){return[(D(function(A){A(S)}),function(){return S})]},I=function(S,D,A){A=this;try{WP(this,S,D)}catch(Z){v(this,Z),S(function(e){e(A.W)})}},Cb=String.fromCharCode(105,110,116,101,103,67,104,101,99,107,66,121,112,97,115,115),a=[],U=[],O={},rx=[],z=(I.prototype.uJ=(I.prototype.GH=void 0,I.prototype.Z="toString",void 0),[]),uR=[],Kb=[],xX=[],X=(I.prototype.MV=false,[]),Lb=(((fb,Y,function(){})(sY),function(){})(o7),void 0),L=((w=I.prototype,I.prototype).I="create",O).constructor;I.prototype.N=((w.L=function(S,D,A,Z,e){if(A="array"===BP(A)?A:[A],this.W)S(this.W);else try{e=!this.X.length,Z=[],d(this,[z,Z,A]),d(this,[a,S,Z]),D&&!e||B(true,D,this)}catch(p){v(this,p),S(this.W)}},w.rg=function(){return Math.floor(this.U())},(w.NV=function(S,D,A,Z,e,p){for(p=(Z=e=0,[]);e<S.length;e++)for(A=A<<D|S[e],Z+=D;7<Z;)Z-=8,p.push(A>>Z&255);return p},w).YE=function(S,D,A){return(D=(D^=D<<13,D^=D>>17,(D^D<<5)&A))||(D=1),S^D},w).U=((w.gg=function(S,D,A,Z,e){for(Z=e=0;Z<S.length;Z++)e+=S.charCodeAt(Z),e+=e<<10,e^=e>>6;return e=new Number((e+=e<<3,e^=e>>11,S=e+(e<<15)>>>0,S&(1<<D)-1)),e[0]=(S>>>D)%A,e},window.performance)||{}).now?function(){return this.Iy+window.performance.now()}:function(){return+new Date},w.Es=function(){return Math.floor(this.F+(this.U()-this.i))},function(S,D){return D=(S=(Lb=function(){return D==S?23:41},{}),{}),function(A,Z,e,p,V,R,h,P,E,x,u,W,Q,C,n){D=(Q=D,S);try{if(E=A[0],E==U){V=A[1];try{for(x=(R=0,h=(P=[],atob(V)),0);x<h.length;x++)p=h.charCodeAt(x),255<p&&(P[R++]=p&255,p>>=8),P[R++]=p;N(this,65,[(this.u=P,this.Y=this.u.length<<3,0),0,0])}catch(l){g(l,17,this);return}nb(8001,this)}else if(E==z)A[1].push(f(476,this).length,f(486,this).length,f(195,this),f(161,this).length),N(this,64,A[2]),this.D[89]&&yK(8001,f(89,this),this);else{if(E==a){this.j=(n=(W=t((f(161,(R=A[2],this)).length|0)+2,2),this.j),this);try{u=f(239,this),0<u.length&&T(this,t(u.length,2).concat(u),161,10),T(this,t(this.O,1),161,109),T(this,t(this[a].length,1),161),h=0,Z=f(486,this),h-=(f(161,this).length|0)+5,h+=f(427,this)&2047,4<Z.length&&(h-=(Z.length|0)+3),0<h&&T(this,t(h,2).concat(Y(h)),161,15),4<Z.length&&T(this,t(Z.length,2).concat(Z),161,156)}finally{this.j=n}if(((x=Y(2).concat(f(161,this)),x)[1]=x[0]^6,x[3]=x[1]^W[0],x)[4]=x[1]^W[1],e=this.Xj(x))e="!"+e;else for(h=0,e="";h<x.length;h++)C=x[h][this.Z](16),1==C.length&&(C="0"+C),e+=C;return f(161,(N(this,195,((f(476,(P=e,this)).length=R.shift(),f(486,this)).length=R.shift(),R.shift())),this)).length=R.shift(),P}if(E==rx)yK(A[2],A[1],this);else if(E==X)return yK(8001,A[1],this)}}finally{D=Q}}}());var VK,Z_=(I.prototype[uR]=[0,0,1,1,0,1,1],I.prototype.Us=(I.prototype.Xj=function(S,D,A,Z){if(D=window.btoa){for(A=(Z=0,"");Z<S.length;Z+=8192)A+=String.fromCharCode.apply(null,S.slice(Z,Z+8192));S=D(A).replace(/\\+/g,"-").replace(/\\//g,"_").replace(/=/g,"")}else S=void 0;return S},I.prototype.ti=0,0),/./),Tj=U.pop.bind(I.prototype[z]),h4=((VK=R7(I.prototype.I,(Z_[I.prototype.Z]=Tj,{get:Tj})),I.prototype).dg=void 0,function(S,D){return(D=J4())&&1===S.eval(D.createScript("1"))?function(A){return D.createScript(A)}:function(A){return""+A}}(J));((b=J.botguard||(J.botguard={}),40<b.m)||(b.m=41,b.bg=Fn,b.a=YX),b).HBW_=function(S,D,A){return A=new I(D,S),[function(Z){return Ms(A,Z)}]};}).call(this);'));
}).call(this);
                                    

#4 JavaScript::Eval (size: 17586, repeated: 1) - SHA256: 7f6b72290dc59499efc2a77a5633a3231c87b6eb8ab1f5612c9a07b54349a688

                                        (function() {
    var S9 = function(S, D) {
            return (D = D.create().shift(), S.K).create().length || S.A.create().length || (S.A = void 0, S.K = void 0), D
        },
        pb = function(S, D, A, Z) {
            for (; S.X.length;) {
                A = (S.o = null, S.X.pop());
                try {
                    Z = D_(S, A)
                } catch (e) {
                    v(S, e)
                }
                if (D && S.o) {
                    D = S.o, D(function() {
                        B(true, true, S)
                    });
                    break
                }
            }
            return Z
        },
        A4 = function(S, D, A, Z, e, p) {
            function V() {
                if (D.j == D) {
                    if (D.D) {
                        var R = [X, Z, A, void 0, e, p, arguments];
                        if (2 == S) var h = B(false, false, (d(D, R), D));
                        else if (1 == S) {
                            var P = !D.X.length;
                            d(D, R), P && B(false, false, D)
                        } else h = D_(D, R);
                        return h
                    }
                    e && p && e.removeEventListener(p, V, H)
                }
            }
            return V
        },
        WP = function(S, D, A, Z, e) {
            for (e = (Z = (S.xE = (S.ja = (S.oy = (S.bJ = (S.Ct = Z_, S[a]), VK), R7(S.I, {get: function() {
                        return this.concat()
                    }
                })), L)[S.I](S.ja, {
                    value: {
                        value: {}
                    }
                }), []), 0); 128 > e; e++) Z[e] = String.fromCharCode(e);
            B(true, true, ((d(S, (d(S, [(N(S, (K(function(p, V, R, h) {
                (R = M((V = M((h = M(p), p)), p)), N)(p, R, f(h, p) || f(V, p))
            }, (N(S, 161, [(K((K(function(p, V, R, h, P) {
                N((V = (P = f((h = (R = M(p), P = M(p), M(p)), V = M(p), h = f(h, p), P), p), f)(V, p), p), R, A4(V, p, h, P))
            }, S, (S.mr = (N(S, (K(function() {}, (N(S, (K(function(p, V, R, h) {
                N(p, (h = (V = f((R = (V = (h = M(p), M)(p), M(p)), V), p), f(h, p)) == V, R), +h)
            }, (N(S, (K(function(p, V, R, h) {
                if (h = p.kE.pop()) {
                    for (R = m(p); 0 < R; R--) V = M(p), h[V] = p.D[V];
                    p.D = ((h[239] = p.D[239], h)[195] = p.D[195], h)
                } else N(p, 110, p.Y)
            }, S, (K(function(p) {
                vP(4, p)
            }, S, ((K(function(p, V, R, h, P, E, x, u, W, Q, C, n) {
                function l(r, F) {
                    for (; W < r;) h |= m(p) << W, W += 8;
                    return h >>= (F = (W -= r, h & (1 << r) - 1), r), F
                }
                for (h = W = (x = M(p), 0), Q = (l(3) | 0) + 1, E = l(5), n = [], P = u = 0; u < E; u++) R = l(1), n.push(R), P += R ? 0 : 1;
                for (C = (P = (u = ((P | 0) - 1).toString(2).length, 0), []); P < E; P++) n[P] || (C[P] = l(u));
                for (u = 0; u < E; u++) n[u] && (C[u] = M(p));
                for (V = []; Q--;) V.push(f(M(p), p));
                K(function(r, F, G, q, k) {
                    for (F = [], q = [], k = 0; k < E; k++) {
                        if (!n[G = C[k], k]) {
                            for (; G >= q.length;) q.push(M(r));
                            G = q[G]
                        }
                        F.push(G)
                    }
                    r.A = (r.K = dx(V.slice(), r), dx)(F, r)
                }, p, x)
            }, (K(function(p) {
                EY(p, 4)
            }, (K(function(p, V, R, h, P) {
                0 !== (h = f((R = (V = (P = M((h = M(p), p)), M(p)), M(p)), h), p.j), R = f(R, p), P = f(P, p), V = f(V, p), h) && (V = A4(1, p, R, V, h, P), h.addEventListener(P, V, H), N(p, 345, [h, P, V]))
            }, S, (K(function(p, V, R, h, P, E) {
                c(false, p, V, true) || (E = e9(p.j), V = E.P, P = E.C, h = E.DA, R = P.length, E = E.nt, V = 0 == R ? new h[V] : 1 == R ? new h[V](P[0]) : 2 == R ? new h[V](P[0], P[1]) : 3 == R ? new h[V](P[0], P[1], P[2]) : 4 == R ? new h[V](P[0], P[1], P[2], P[3]) : 2(), N(p, E, V))
            }, (K((K(function(p, V, R) {
                N(p, (V = M(p), R = M(p), R), "" + f(V, p))
            }, S, (K(function(p, V, R, h) {
                (V = (R = (V = M((h = M(p), p)), M(p)), h = f(h, p), f(V, p)), N)(p, R, h[V])
            }, (K(function(p, V, R) {
                c(false, p, V, true) || (V = M(p), R = M(p), N(p, R, function(h) {
                    return eval(h)
                }(h4(f(V, p.j)))))
            }, S, (N(S, 480, (N(S, ((N(S, (K(function(p, V) {
                (p = (V = M(p), f)(V, p.j), p)[0].removeEventListener(p[1], p[2], H)
            }, (K(function(p, V, R, h, P, E) {
                if (!c(true, p, V, true)) {
                    if ("object" == (p = f((P = f((E = (V = (P = M((V = (R = M(p), M)(p), p)), E = M(p), f(V, p)), f)(E, p), P), p), R), p), BP(p))) {
                        for (h in R = [], p) R.push(h);
                        p = R
                    }
                    for (R = (P = (h = p.length, 0) < P ? P : 1, 0); R < h; R += P) V(p.slice(R, (R | 0) + (P | 0)), E)
                }
            }, S, (K(function(p, V, R) {
                V = (V = M(p), R = M(p), V = f(V, p), BP(V)), N(p, R, V)
            }, S, (K(function(p, V, R, h, P, E, x) {
                for (R = (x = (P = f(259, (V = (h = M(p), $X(p)), E = "", p)), P.length), 0); V--;) R = ((R | 0) + ($X(p) | 0)) % x, E += Z[P[R]];
                N(p, h, E)
            }, (S.Ji = (N(S, (K(function(p, V, R, h, P) {
                for (V = (R = (P = $X((h = M(p), p)), 0), []); R < P; R++) V.push(m(p));
                N(p, h, V)
            }, S, (K(function(p) {
                vP(1, p)
            }, (K(function(p, V, R, h) {
                h = M((R = M(p), V = m(p), p)), N(p, h, f(R, p) >>> V)
            }, S, (N(S, 207, [0, (N(S, (K(function(p, V, R, h) {
                N(p, (R = f((V = (h = M((V = (R = M(p), M(p)), p)), f(V, p)), R), p), h), R in V | 0)
            }, (N(S, (K(function(p) {
                PP(p, 4)
            }, S, (K((K(function(p, V, R, h) {
                !c(false, p, V, true) && (V = e9(p), h = V.P, R = V.DA, p.j == p || h == p.Kt && R == p) && (N(p, V.nt, h.apply(R, V.C)), p.G = p.U())
            }, S, (K(function(p, V, R, h) {
                N(p, (R = (V = (h = (R = M(p), M(p)), f(h, p)), f(R, p)), h), V + R)
            }, (N(S, 479, (N(S, ((S.v = 0, S.O = 1, S.H = (S.K = void 0, []), S.D = [], S.R = (S.Wa = false, S.l = 25, e = window.performance || {}, (S.G = (S.Y = 0, (S.T = 8001, S).W = void 0, 0), S.B = 0, S).V = (S.g = void 0, S.s = !(S.h = void 0, 1), S.J = (S.F = 0, void 0), S.Kt = function(p) {
                this.j = p
            }, void 0), S.o = (S.u = [], null), S.j = (S.S = (S.X = [], false), S.i = 0, S.Ai = 0, S), S.kE = [], []), S).A = void 0, S.Iy = e.timeOrigin || (e.timing || {}).navigationStart || 0, 110), 0), 0)), S), 300), 255)), function(p, V, R) {
                0 != f((R = (R = (V = M(p), M)(p), f(R, p)), V), p) && N(p, 110, R)
            }), S, 162), 283)), 486), Y(4)), S), 79), 476), []), 0), 0]), 157)), S), 171), 374)), 195), 2048), 0), S), 11), 208)), 457)), S), 91), 64), {}), S).Ql = 0, 271), J), 590)), 243)), S), 183), 499)), function(p, V) {
                Xn((V = f(M(p), p), p.j), V)
            }), S, 215), S), 76), 425)), S), 266), S), 74), K)(function(p, V, R, h, P) {
                (h = (P = M((V = M(p), p)), M(p)), p.j) == p && (R = f(V, p), h = f(h, p), P = f(P, p), R[P] = h, 65 == V && (p.g = void 0, 2 == P && (p.J = y(32, p, false), p.g = void 0)))
            }, S, 242), 401)), 84)), 370), S), S), 24), 239), []), S), 225), 345), 0), 0), 20)), function(p) {
                PP(p, 3)
            }), S, 262), 160), 0, 0]), S), 62), 427), 0), xX)]), [U, A])), d)(S, [uR, D]), S))
        },
        m = function(S) {
            return S.K ? S9(S, S.A) : y(8, S, true)
        },
        T = function(S, D, A, Z, e, p) {
            if (S.j == S)
                for (e = f(A, S), 486 == A ? (A = function(V, R, h, P) {
                        if (R = (P = e.length, (P | 0) - 4) >> 3, e.yl != R) {
                            R = (R << 3) - (h = [0, 0, p[1], p[e.yl = R, 2]], 4);
                            try {
                                e.pt = HP(h, a7(e, R), a7(e, (R | 0) + 4))
                            } catch (E) {
                                throw E;
                            }
                        }
                        e.push(e.pt[P & 7] ^ V)
                    }, p = f(207, S)) : A = function(V) {
                        e.push(V)
                    }, Z && A(Z & 255), S = 0, Z = D.length; S < Z; S++) A(D[S])
        },
        Ns = function(S, D, A, Z, e, p, V, R) {
            return (V = L[D.I]((Z = (e = Lb, [(R = A & 7, -49), 81, 60, -23, 96, -93, Z, -15, 53, 53]), D.ja)), V)[D.I] = function(h) {
                R += 6 + (p = h, 7 * A), R &= 7
            }, V.concat = function(h) {
                return (h = (h = +R - 96 * S * S * p - 1104 * p + Z[h = S % 16 + 1, R + 11 & 7] * S * h + (e() | 0) * h - 3888 * S * p + 48 * p * p - h * p + 2 * S * S * h, Z[h]), p = void 0, Z)[(R + 53 & 7) + (A & 2)] = h, Z[R + (A & 2)] = 81, h
            }, V
        },
        EY = function(S, D, A, Z) {
            for (A = (Z = M(S), 0); 0 < D; D--) A = A << 8 | m(S);
            N(S, Z, A)
        },
        a7 = function(S, D) {
            return S[D] << 24 | S[(D | 0) + 1] << 16 | S[(D | 0) + 2] << 8 | S[(D | 0) + 3]
        },
        t = function(S, D, A, Z) {
            for (A = ((Z = [], D) | 0) - 1; 0 <= A; A--) Z[(D | 0) - 1 - (A | 0)] = S >> 8 * A & 255;
            return Z
        },
        d = function(S, D) {
            S.X.splice(0, 0, D)
        },
        o7 = function(S, D, A) {
            if (3 == S.length) {
                for (A = 0; 3 > A; A++) D[A] += S[A];
                for (A = (S = [13, 8, 13, 12, 16, 5, 3, 10, 15], 0); 9 > A; A++) D[3](D, A % 3, S[A])
            }
        },
        y = function(S, D, A, Z, e, p, V, R, h, P, E, x, u, W) {
            if (h = f(110, D), h >= D.Y) throw [O, 31];
            for (E = (V = (W = h, D).bJ.length, S), Z = 0; 0 < E;) x = W >> 3, P = D.u[x], e = W % 8, p = 8 - (e | 0), p = p < E ? p : E, A && (u = D, u.g != W >> 6 && (u.g = W >> 6, R = f(65, u), u.V = HP([0, 0, R[1], R[2]], u.J, u.g)), P ^= D.V[x & V]), Z |= (P >> 8 - (e | 0) - (p | 0) & (1 << p) - 1) << (E | 0) - (p | 0), W += p, E -= p;
            return N(D, 110, (h | 0) + (A = Z, S | 0)), A
        },
        e9 = function(S, D, A, Z, e, p) {
            for (A = (D = M((p = ((Z = M((e = S[Cb] || {}, S)), e).nt = M(S), e.C = [], S.j == S ? (m(S) | 0) - 1 : 1), S)), 0); A < p; A++) e.C.push(M(S));
            for (e.P = f(Z, S); p--;) e.C[p] = f(e.C[p], S);
            return e.DA = f(D, S), e
        },
        Y = function(S, D) {
            for (D = []; S--;) D.push(255 * Math.random() | 0);
            return D
        },
        f = function(S, D) {
            if ((D = D.D[S], void 0) === D) throw [O, 30, S];
            if (D.value) return D.create();
            return D.create(2 * S * S + 81 * S + 23), D.prototype
        },
        D_ = function(S, D, A, Z, e) {
            if ((Z = D[0], Z) == z) S.l = 25, S.N(D);
            else if (Z == a) {
                e = D[1];
                try {
                    A = S.W || S.N(D)
                } catch (p) {
                    v(S, p), A = S.W
                }
                e(A)
            } else if (Z == rx) S.N(D);
            else if (Z == U) S.N(D);
            else if (Z == uR) {
                try {
                    for (A = 0; A < S.R.length; A++) try {
                        e = S.R[A], e[0][e[1]](e[2])
                    } catch (p) {}
                } catch (p) {}(0, D[1])(function(p, V) {
                    S.L(p, true, V)
                }, (S.R = [], function(p) {
                    (p = !S.X.length, d)(S, [Kb]), p && B(false, true, S)
                }))
            } else {
                if (Z == X) return A = D[2], N(S, 4, D[6]), N(S, 64, A), S.N(D);
                Z == Kb ? (S.D = null, S.u = [], S.H = []) : Z == xX && "loading" === J.document.readyState && (S.o = function(p, V) {
                    function R() {
                        V || (V = true, p())
                    }
                    V = false, J.document.addEventListener("DOMContentLoaded", R, H), J.addEventListener("load", R, H)
                })
            }
        },
        Xn = function(S, D) {
            N(S, ((S.kE.push(S.D.slice()), S).D[110] = void 0, 110), D)
        },
        b, Ms = function(S, D, A) {
            return S.L(function(Z) {
                A = Z
            }, false, D), A
        },
        nb = function(S, D, A, Z, e, p) {
            if (!D.W) {
                D.B++;
                try {
                    for (e = (A = (Z = void 0, D).Y, 0); --S;) try {
                        if (p = void 0, D.K) Z = S9(D, D.K);
                        else {
                            if (e = f(110, D), e >= A) break;
                            Z = (p = M((N(D, 479, e), D)), f)(p, D)
                        }
                        c(false, D, (Z && Z[Kb] & 2048 ? Z(D, S) : g([O, 21, p], 0, D), S), false)
                    } catch (V) {
                        f(480, D) ? g(V, 22, D) : N(D, 480, V)
                    }
                    if (!S) {
                        if (D.MV) {
                            nb(171153967572, (D.B--, D));
                            return
                        }
                        g([O, 33], 0, D)
                    }
                } catch (V) {
                    try {
                        g(V, 22, D)
                    } catch (R) {
                        v(D, R)
                    }
                }
                D.B--
            }
        },
        sY = function(S, D, A, Z) {
            try {
                Z = S[((D | 0) + 2) % 3], S[D] = (S[D] | 0) - (S[((D | 0) + 1) % 3] | 0) - (Z | 0) ^ (1 == D ? Z << A : Z >>> A)
            } catch (e) {
                throw e;
            }
        },
        fb = function(S, D) {
            D.push(S[0] << 24 | S[1] << 16 | S[2] << 8 | S[3]), D.push(S[4] << 24 | S[5] << 16 | S[6] << 8 | S[7]), D.push(S[8] << 24 | S[9] << 16 | S[10] << 8 | S[11])
        },
        HP = function(S, D, A, Z, e) {
            for (e = (S = S[2] | (Z = S[3] | 0, 0), 0); 14 > e; e++) A = A >>> 8 | A << 24, Z = Z >>> 8 | Z << 24, Z += S | 0, Z ^= e + 3261, A += D | 0, D = D << 3 | D >>> 29, A ^= S + 3261, D ^= A, S = S << 3 | S >>> 29, S ^= Z;
            return [D >>> 24 & 255, D >>> 16 & 255, D >>> 8 & 255, D >>> 0 & 255, A >>> 24 & 255, A >>> 16 & 255, A >>> 8 & 255, A >>> 0 & 255]
        },
        w, H = {
            passive: true,
            capture: true
        },
        J = this || self,
        PP = function(S, D, A, Z, e) {
            T(S, (((Z = (A = M((Z = (D &= (e = D & 4, 3), M(S)), S)), f(Z, S)), e) && (Z = cP("" + Z)), D) && T(S, t(Z.length, 2), A), Z), A)
        },
        Fn = function(S, D, A, Z) {
            function e() {}
            return Z = YX((A = void 0, S), function(p) {
                e && (D && lR(D), A = p, e(), e = void 0)
            }, !!D)[0], {
                invoke: function(p, V, R, h) {
                    function P() {
                        A(function(E) {
                            lR(function() {
                                p(E)
                            })
                        }, R)
                    }
                    if (!V) return V = Z(R), p && p(V), V;
                    A ? P() : (h = e, e = function() {
                        lR((h(), P))
                    })
                }
            }
        },
        lR = J.requestIdleCallback ? function(S) {
            requestIdleCallback(function() {
                S()
            }, {
                timeout: 4
            })
        } : J.setImmediate ? function(S) {
            setImmediate(S)
        } : function(S) {
            setTimeout(S, 0)
        },
        vP = function(S, D, A, Z) {
            Z = (A = M(D), M)(D), T(D, t(f(A, D), S), Z)
        },
        J4 = function(S, D) {
            if (D = (S = null, J.trustedTypes), !D || !D.createPolicy) return S;
            try {
                S = D.createPolicy("bg", {
                    createHTML: m2,
                    createScript: m2,
                    createScriptURL: m2
                })
            } catch (A) {
                J.console && J.console.error(A.message)
            }
            return S
        },
        v = function(S, D) {
            S.W = ((S.W ? S.W + "~" : "E:") + D.message + ":" + D.stack).slice(0, 2048)
        },
        N = function(S, D, A) {
            if (110 == D || 479 == D) S.D[D] ? S.D[D].concat(A) : S.D[D] = dx(A, S);
            else {
                if (S.s && 65 != D) return;
                161 == D || 486 == D || 476 == D || 239 == D || 207 == D ? S.D[D] || (S.D[D] = Ns(D, S, 86, A)) : S.D[D] = Ns(D, S, 17, A)
            }
            65 == D && (S.J = y(32, S, false), S.g = void 0)
        },
        yK = function(S, D, A, Z) {
            return f(64, (((Z = f(110, A), A.u) && Z < A.Y ? (N(A, 110, A.Y), Xn(A, D)) : N(A, 110, D), nb)(S, A), N(A, 110, Z), A))
        },
        B = function(S, D, A, Z, e, p) {
            if (A.X.length) {
                A.Wa = (A.S && 0(), D), A.S = true;
                try {
                    e = A.U(), A.G = e, A.i = e, A.h = 0, p = pb(A, D), Z = A.U() - A.i, A.F += Z, Z < (S ? 0 : 10) || 0 >= A.l-- || (Z = Math.floor(Z), A.H.push(254 >= Z ? Z : 254))
                } finally {
                    A.S = false
                }
                return p
            }
        },
        $X = function(S, D) {
            return D = m(S), D & 128 && (D = D & 127 | m(S) << 7), D
        },
        cP = function(S, D, A, Z, e) {
            for (A = Z = (e = (S = S.replace(/\r\n/g, "\n"), []), 0); A < S.length; A++) D = S.charCodeAt(A), 128 > D ? e[Z++] = D : (2048 > D ? e[Z++] = D >> 6 | 192 : (55296 == (D & 64512) && A + 1 < S.length && 56320 == (S.charCodeAt(A + 1) & 64512) ? (D = 65536 + ((D & 1023) << 10) + (S.charCodeAt(++A) & 1023), e[Z++] = D >> 18 | 240, e[Z++] = D >> 12 & 63 | 128) : e[Z++] = D >> 12 | 224, e[Z++] = D >> 6 & 63 | 128), e[Z++] = D & 63 | 128);
            return e
        },
        g = function(S, D, A, Z, e, p) {
            if (!A.s) {
                if (S = f(195, ((0 == (e = f(239, ((Z = void 0, S && S[0] === O) && (Z = S[2], D = S[1], S = void 0), A)), e.length) && (p = f(479, A) >> 3, e.push(D, p >> 8 & 255, p & 255), void 0 != Z && e.push(Z & 255)), D = "", S) && (S.message && (D += S.message), S.stack && (D += ":" + S.stack)), A)), 3 < S) {
                    A.j = (Z = (D = (S -= (D = D.slice(0, (S | 0) - 3), D.length | 0) + 3, cP)(D), A.j), A);
                    try {
                        T(A, t(D.length, 2).concat(D), 486, 9)
                    } finally {
                        A.j = Z
                    }
                }
                N(A, 195, S)
            }
        },
        YX = function(S, D, A, Z) {
            return (Z = b[S.substring(0, 3) + "_"]) ? Z(S.substring(3), D, A) : UY(S, D)
        },
        m2 = function(S) {
            return S
        },
        M = function(S, D) {
            if (S.K) return S9(S, S.A);
            return D = y(8, S, true), D & 128 && (D ^= 128, S = y(2, S, true), D = (D << 2) + (S | 0)), D
        },
        c = function(S, D, A, Z, e, p, V, R, h) {
            if (((D.O += (V = (R = (h = (p = (Z || D.h++, 0 < D.v && D.S) && D.Wa && 1 >= D.B && !D.K && !D.o && (!Z || 1 < D.T - A) && 0 == document.hidden, e = 4 == D.h) || p ? D.U() : D.G, h) - D.G, R >> 14), D.J && (D.J ^= V * (R << 2)), V), D).j = V || D.j, e) || p) D.h = 0, D.G = h;
            if (!p || h - D.i < D.v - (S ? 255 : Z ? 5 : 2)) return false;
            return (N(D, (S = f((D.T = A, Z ? 479 : 110), D), 110), D.Y), D.X).push([rx, S, Z ? A + 1 : A]), D.o = lR, true
        },
        R7 = function(S, D) {
            return L[S](L.prototype, {
                document: D,
                call: D,
                prototype: D,
                propertyIsEnumerable: D,
                floor: D,
                pop: D,
                parent: D,
                replace: D,
                splice: D,
                stack: D,
                length: D,
                console: D
            })
        },
        K = function(S, D, A) {
            S[N(D, A, S), xX] = 2796
        },
        BP = function(S, D, A) {
            if ("object" == (D = typeof S, D))
                if (S) {
                    if (S instanceof Array) return "array";
                    if (S instanceof Object) return D;
                    if ("[object Window]" == (A = Object.prototype.toString.call(S), A)) return "object";
                    if ("[object Array]" == A || "number" == typeof S.length && "undefined" != typeof S.splice && "undefined" != typeof S.propertyIsEnumerable && !S.propertyIsEnumerable("splice")) return "array";
                    if ("[object Function]" == A || "undefined" != typeof S.call && "undefined" != typeof S.propertyIsEnumerable && !S.propertyIsEnumerable("call")) return "function"
                } else return "null";
            else if ("function" == D && "undefined" == typeof S.call) return "object";
            return D
        },
        dx = function(S, D, A) {
            return (A = L[D.I](D.xE), A)[D.I] = function() {
                return S
            }, A.concat = function(Z) {
                S = Z
            }, A
        },
        UY = function(S, D) {
            return [(D(function(A) {
                A(S)
            }), function() {
                return S
            })]
        },
        I = function(S, D, A) {
            A = this;
            try {
                WP(this, S, D)
            } catch (Z) {
                v(this, Z), S(function(e) {
                    e(A.W)
                })
            }
        },
        Cb = String.fromCharCode(105, 110, 116, 101, 103, 67, 104, 101, 99, 107, 66, 121, 112, 97, 115, 115),
        a = [],
        U = [],
        O = {},
        rx = [],
        z = (I.prototype.uJ = (I.prototype.GH = void 0, I.prototype.Z = "toString", void 0), []),
        uR = [],
        Kb = [],
        xX = [],
        X = (I.prototype.MV = false, []),
        Lb = (((fb, Y, function() {})(sY), function() {})(o7), void 0),
        L = ((w = I.prototype, I.prototype).I = "create", O).constructor;
    I.prototype.N = ((w.L = function(S, D, A, Z, e) {
        if (A = "array" === BP(A) ? A : [A], this.W) S(this.W);
        else try {
            e = !this.X.length, Z = [], d(this, [z, Z, A]), d(this, [a, S, Z]), D && !e || B(true, D, this)
        } catch (p) {
            v(this, p), S(this.W)
        }
    }, w.rg = function() {
        return Math.floor(this.U())
    }, (w.NV = function(S, D, A, Z, e, p) {
        for (p = (Z = e = 0, []); e < S.length; e++)
            for (A = A << D | S[e], Z += D; 7 < Z;) Z -= 8, p.push(A >> Z & 255);
        return p
    }, w).YE = function(S, D, A) {
        return (D = (D ^= D << 13, D ^= D >> 17, (D ^ D << 5) & A)) || (D = 1), S ^ D
    }, w).U = ((w.gg = function(S, D, A, Z, e) {
        for (Z = e = 0; Z < S.length; Z++) e += S.charCodeAt(Z), e += e << 10, e ^= e >> 6;
        return e = new Number((e += e << 3, e ^= e >> 11, S = e + (e << 15) >>> 0, S & (1 << D) - 1)), e[0] = (S >>> D) % A, e
    }, window.performance) || {}).now ? function() {
        return this.Iy + window.performance.now()
    } : function() {
        return +new Date
    }, w.Es = function() {
        return Math.floor(this.F + (this.U() - this.i))
    }, function(S, D) {
        return D = (S = (Lb = function() {
                return D == S ? 23 : 41
            }, {}), {}),
            function(A, Z, e, p, V, R, h, P, E, x, u, W, Q, C, n) {
                D = (Q = D, S);
                try {
                    if (E = A[0], E == U) {
                        V = A[1];
                        try {
                            for (x = (R = 0, h = (P = [], atob(V)), 0); x < h.length; x++) p = h.charCodeAt(x), 255 < p && (P[R++] = p & 255, p >>= 8), P[R++] = p;
                            N(this, 65, [(this.u = P, this.Y = this.u.length << 3, 0), 0, 0])
                        } catch (l) {
                            g(l, 17, this);
                            return
                        }
                        nb(8001, this)
                    } else if (E == z) A[1].push(f(476, this).length, f(486, this).length, f(195, this), f(161, this).length), N(this, 64, A[2]), this.D[89] && yK(8001, f(89, this), this);
                    else {
                        if (E == a) {
                            this.j = (n = (W = t((f(161, (R = A[2], this)).length | 0) + 2, 2), this.j), this);
                            try {
                                u = f(239, this), 0 < u.length && T(this, t(u.length, 2).concat(u), 161, 10), T(this, t(this.O, 1), 161, 109), T(this, t(this[a].length, 1), 161), h = 0, Z = f(486, this), h -= (f(161, this).length | 0) + 5, h += f(427, this) & 2047, 4 < Z.length && (h -= (Z.length | 0) + 3), 0 < h && T(this, t(h, 2).concat(Y(h)), 161, 15), 4 < Z.length && T(this, t(Z.length, 2).concat(Z), 161, 156)
                            } finally {
                                this.j = n
                            }
                            if (((x = Y(2).concat(f(161, this)), x)[1] = x[0] ^ 6, x[3] = x[1] ^ W[0], x)[4] = x[1] ^ W[1], e = this.Xj(x)) e = "!" + e;
                            else
                                for (h = 0, e = ""; h < x.length; h++) C = x[h][this.Z](16), 1 == C.length && (C = "0" + C), e += C;
                            return f(161, (N(this, 195, ((f(476, (P = e, this)).length = R.shift(), f(486, this)).length = R.shift(), R.shift())), this)).length = R.shift(), P
                        }
                        if (E == rx) yK(A[2], A[1], this);
                        else if (E == X) return yK(8001, A[1], this)
                    }
                } finally {
                    D = Q
                }
            }
    }());
    var VK, Z_ = (I.prototype[uR] = [0, 0, 1, 1, 0, 1, 1], I.prototype.Us = (I.prototype.Xj = function(S, D, A, Z) {
            if (D = window.btoa) {
                for (A = (Z = 0, ""); Z < S.length; Z += 8192) A += String.fromCharCode.apply(null, S.slice(Z, Z + 8192));
                S = D(A).replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "")
            } else S = void 0;
            return S
        }, I.prototype.ti = 0, 0), /./),
        Tj = U.pop.bind(I.prototype[z]),
        h4 = ((VK = R7(I.prototype.I, (Z_[I.prototype.Z] = Tj, {get: Tj
        })), I.prototype).dg = void 0, function(S, D) {
            return (D = J4()) && 1 === S.eval(D.createScript("1")) ? function(A) {
                return D.createScript(A)
            } : function(A) {
                return "" + A
            }
        }(J));
    ((b = J.botguard || (J.botguard = {}), 40 < b.m) || (b.m = 41, b.bg = Fn, b.a = YX), b).HBW_ = function(S, D, A) {
        return A = new I(D, S), [function(Z) {
            return Ms(A, Z)
        }]
    };
}).call(this);
                                    

#5 JavaScript::Eval (size: 64, repeated: 1) - SHA256: 1fd69b8f0686d42ddd41501e73001c058475edeaf8efb5bb0c998e05177fcbb5

                                        0,
function(p, V, R) {
    N(p, (V = (R = (V = M(p), M(p)), p.D[V]) && f(V, p), R), V)
}
                                    

Executed Writes (0)



HTTP Transactions (59)


Request Response
                                        
                                            GET /sfqgk8axu8cb HTTP/1.1 
Host: megadb.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         104.21.67.68
HTTP/1.1 301 Moved Permanently
                                        
Date: Sun, 02 Oct 2022 19:19:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 02 Oct 2022 20:19:18 GMT
Location: https://megadb.net/sfqgk8axu8cb
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q3XBxMCeNqmXYHDk21ijm7IEDQECAEuvzmbEbU%2B6flcrqiZNygpuc%2Fxp1LKCmfnCm10cGO72QfvgTW7vyeKaR8fIZpjDOCwNi1eYYoZSbTBrNqs2A4Xk0G9xlM%2Fh"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 753fc9f70ef8b524-OSL
alt-svc: h2=":443"; ma=60

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "763E2DADFDD286A51327CD2000CA335E30CD0B9B7267875D22CA33F7556BA200"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8167
Expires: Sun, 02 Oct 2022 21:35:26 GMT
Date: Sun, 02 Oct 2022 19:19:19 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         18.165.201.83
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 02 Oct 2022 19:03:14 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 e963d9388521b938ab0c2d19e2400bee.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: FbLvpBJUAKuutjf6E28dxYBZWuvkdfDRBkN5BZ_ot14vbhZyx8n3Gw==
Age: 965


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1b3053fa528e28810f8a2cc9284cc921
Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a
Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "7AAC17BE3346D7A5D144DB6994CF30EA4D77664AA0AE84D347ED1EE67804D83D"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6872
Expires: Sun, 02 Oct 2022 21:13:51 GMT
Date: Sun, 02 Oct 2022 19:19:19 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         108.156.28.51
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 02 Oct 2022 03:33:17 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 ee8862e43d7837ef5478becfe2eb7116.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: rr55j_Obog2foTIVHPr5EmQl9qixe0e9Rdow3fczJgen_IhPc1pFEA==
age: 56763
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 02 Oct 2022 19:19:19 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         18.165.201.83
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Sun, 02 Oct 2022 18:32:57 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sun, 02 Oct 2022 18:33:30 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 4ae6e5888b43b4133973ba1aadad8194.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: -n_sJkVwbAqTUYWsW3iq72gr9Tt1AtbmCIJph2TYxCNWc63nCfSY1A==
Age: 2786


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4315
Cache-Control: 'max-age=158059'
Date: Sun, 02 Oct 2022 19:19:19 GMT
Last-Modified: Sun, 02 Oct 2022 18:07:25 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 18nYRpb2okQyhDiHN+G2lA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.82.48.240
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: PLOpfC+3wAGKy0L5AS2Vw03kI5U=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6294
Expires: Sun, 02 Oct 2022 21:04:15 GMT
Date: Sun, 02 Oct 2022 19:19:21 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6294
Expires: Sun, 02 Oct 2022 21:04:15 GMT
Date: Sun, 02 Oct 2022 19:19:21 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59054e54-a013-42c5-98a5-abe2b6af4fc6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4987
x-amzn-requestid: 763edd04-7f8d-42ae-8864-482be3549958
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEHpFs4oAMFbqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3ca-2f7b67e85aa83b69183e62b5;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:26 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2Zoggf30lA-Kvt5QYa-IdhGePHCNiphR7pfFiOaFvL8ZkWZIaiK4pA==
via: 1.1 f4367b41311e3e9a490d7461b7b85490.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:54:45 GMT
etag: "2e533332ee5c49143e58dad32ee3717a39179532"
age: 77076
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4987
Md5:    463bdcfbec5426e18ecef83b1c373b71
Sha1:   2e533332ee5c49143e58dad32ee3717a39179532
Sha256: 2c40befd28781482b9be249a792571612d68d7045324083d2c832fa5ec42f04b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1526ec30-d948-4741-bb43-1e4c0afdc4d7.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 14117
x-amzn-requestid: adb8a06b-48c2-4805-90ed-1db82d873d49
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDpmFdjoAMFY_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b30a-7f09d2c748de72ca663022df;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: awdd8Vr7y-2zR0OTFdMb8PnD2XDg6hsS736tOIH_c5AVOwOSik1zPQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:47:13 GMT
age: 77528
etag: "f73cabc101017a4af09e675ca9262774c177d16a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   14117
Md5:    fbddbe1f7958f13b80e50ab39094b9ab
Sha1:   f73cabc101017a4af09e675ca9262774c177d16a
Sha256: ebbe6a54e5c390f49452d0afd55899f4dec3836451906945c79bbf165e4e0724
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d5b1efd-2ddc-4e8a-b89c-c9601bfeba68.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7314
x-amzn-requestid: ba9e3b47-d9dd-49c1-9645-bac582351957
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDpnGqOoAMFUTA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b30a-0604dff004a5f6364f0fe11c;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: YIlHaBRTk6SiYb8HYfirSHj_stXgWp455OC-J5mRoKH0r42pn9mNeQ==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:53:36 GMT
etag: "e06bd8868eff8c42f5d2e2deec9a361170c8d3ea"
age: 77145
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7314
Md5:    ef85af3ef63e35a54bc15fbca5d7236b
Sha1:   e06bd8868eff8c42f5d2e2deec9a361170c8d3ea
Sha256: 0291104bb66ac4849ac5fd433fdf9cbbc7f4a2fcaa1f137aca08be2a4878f54c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18b1ba6d-ca56-4474-afa8-cd3b53cce28e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9340
x-amzn-requestid: e892265e-836d-4638-871f-0548eda57745
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDf8FCEoAMFyow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b2cc-7f39bb92066a75a90868dd03;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:36:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Sk1Dahp1gliiBIghSCZselE7-Fy45svrCk7TdmunOwNefSNqY1P1jA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:47:23 GMT
age: 77518
etag: "6d6d52fb5024e7772dd45dd459bfe3ec90cb5ce4"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9340
Md5:    6047192460abf4afd600948abb5e6ee1
Sha1:   6d6d52fb5024e7772dd45dd459bfe3ec90cb5ce4
Sha256: d1fd21a5913f6831d2128c8e9e84767d9730bf9e779da5395dc31b82a10e32e9
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 04:41:39 GMT
age: 52662
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6315
Md5:    206fb65e75dbadf119512f71e0b78402
Sha1:   58ff0bf8ce7528b303d28bab01a80ad721705569
Sha256: 56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb5f775-a073-47ba-b076-ad1c96659b64.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11083
x-amzn-requestid: 53e2c961-bcc0-4977-8648-ee3c1aed9cde
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEHRFWfIAMFhlA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3c7-070212d7386d5efa1b4aa8d3;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Z1KmxHJh9QNfg5x0enkqOjbmiqHvg7nlQiMnuDuCRNWQUBFEiKELbw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:53:35 GMT
etag: "d63b6ba630736d32c364b0e6a369274b2389b7ff"
age: 77146
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11083
Md5:    edded48f558f739287a040151349ef67
Sha1:   d63b6ba630736d32c364b0e6a369274b2389b7ff
Sha256: 33b4a459df0ba7b36b907ba96d74e08660cc75640c42a5748b97d18ec2e9d533
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "7AAC17BE3346D7A5D144DB6994CF30EA4D77664AA0AE84D347ED1EE67804D83D"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6870
Expires: Sun, 02 Oct 2022 21:13:51 GMT
Date: Sun, 02 Oct 2022 19:19:21 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5394
Cache-Control: 'max-age=158059'
Date: Sun, 02 Oct 2022 19:19:23 GMT
Last-Modified: Sun, 02 Oct 2022 17:49:29 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5394
Cache-Control: 'max-age=158059'
Date: Sun, 02 Oct 2022 19:19:23 GMT
Last-Modified: Sun, 02 Oct 2022 17:49:29 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5394
Cache-Control: 'max-age=158059'
Date: Sun, 02 Oct 2022 19:19:23 GMT
Last-Modified: Sun, 02 Oct 2022 17:49:29 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 19:19:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /recaptcha/api.js HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megadb.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.164
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
expires: Sun, 02 Oct 2022 19:19:23 GMT
date: Sun, 02 Oct 2022 19:19:23 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 555
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (850), with no line terminators
Size:   555
Md5:    e75e7b4c9bf71c4a14d5e1d1946b161a
Sha1:   36148f31ea702a23a3f0dafd907a9069234021e7
Sha256: e43b40968f165ec7b121020103aa40529d891aa2d03ead26ed47adefc4d6ab6d
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 19:19:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "813DA8BBFC3D126718E3264728B3F384609812A93924A54E9BEF0161E4EB7ECD"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19671
Expires: Mon, 03 Oct 2022 00:47:15 GMT
Date: Sun, 02 Oct 2022 19:19:24 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "72A885423CE3702633D7C7D2E57F720CD5C9244D6DF1612C8418970F3CDB93EF"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11360
Expires: Sun, 02 Oct 2022 22:28:44 GMT
Date: Sun, 02 Oct 2022 19:19:24 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B284A02E0EB364ADACFC91984181F8F0918596B5FEDABD34ADD0EE59E4542931"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10912
Expires: Sun, 02 Oct 2022 22:21:16 GMT
Date: Sun, 02 Oct 2022 19:19:24 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6A6DF1ADEEB9CCE8042BEAADE4A80B1DBD32C5426DC1162188178C73B5E51AEE"
Last-Modified: Sun, 02 Oct 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1816
Expires: Sun, 02 Oct 2022 19:49:40 GMT
Date: Sun, 02 Oct 2022 19:19:24 GMT
Connection: keep-alive

                                        
                                            GET /stattag.js HTTP/1.1 
Host: tzegilo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megadb.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.194.45
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 02 Oct 2022 19:19:24 GMT
last-modified: Thu, 04 Aug 2022 15:18:11 GMT
etag: W/"62ebe333-8007"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 5264
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ShE4TVRnWKzw3QKoqncBtBdPlrkTSCtj1yOCjMvzXjq0EvYOdtjnS9ziuPIzV7ArRlZLbYvqumIp%2BbaYncvluznS4kMckCVL7YEMdiiOC401zSOyIgdSjY4j2iA5LQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 753fca1b1b270b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, Unicode text, UTF-8 text, with very long lines (32771), with no line terminators
Size:   12724
Md5:    35c463ced8933d46699f74b9bf3f1c99
Sha1:   2576e95d852699244108e9a52fb49e441e72cdcc
Sha256: 6d9f731482c3c3163415a3cec2e00075c227d9d839e67c5d4168ff1af6581b23
                                        
                                            GET /1?z=4909538 HTTP/1.1 
Host: cdn.uponelectabuzzor.club
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megadb.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.239
HTTP/2 200 OK
content-type: text/javascript
                                        
server: nginx
date: Sun, 02 Oct 2022 19:19:24 GMT
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 35437f1883591d1ada5f3ffc7bc47e7e
access-control-expose-headers: X-Sc
x-sc: lPK3L_bmQq5yP_Q3YD-0bGhYzp3bzBiNEi4QQC76u7Z9EoZp149ysJ2jXWui78xwjqUwVCVU8YGnLM2PaWJVdsYphq0=
set-cookie: scm=1; expires=Mon, 02 Oct 2023 19:19:24 GMT; secure; SameSite=None OAID=78c6367ed2a145d784612fcdc43a48b5; expires=Mon, 02 Oct 2023 19:19:24 GMT; secure; SameSite=None oaidts=1664738364; expires=Mon, 02 Oct 2023 19:19:24 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (7767)
Size:   3555
Md5:    bf81062b246600e0f3d065091811085a
Sha1:   25b796b405906d4fa459bdff1a7ffc80b13e1375
Sha256: 0c64ba031c9e1137e35443bda5ae589fc250830674581f46dd1260bbe08f7b82
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 19:19:25 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 29 Sep 2022 18:25:21 GMT
Expires: Thu, 06 Oct 2022 18:25:20 GMT
Etag: "dc78dc227b42d1d4967d64c81374693440bf3f4f"
Cache-Control: max-age=341754,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 753fca1cc8bbb4ed-OSL

                                        
                                            GET /gid.js HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://megadb.net
Connection: keep-alive
Referer: https://megadb.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.195.8
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Sun, 02 Oct 2022 19:19:25 GMT
content-length: 65
access-control-allow-origin: https://megadb.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=c2d22663ab7645a2878397765fb7f08c; expires=Mon, 02 Oct 2023 19:19:25 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   65
Md5:    6d3faa0b192e6b85722a77c8e37965d9
Sha1:   05e54262ae2b4067fe43ee5d90944126aaad2cc0
Sha256: 1f9d2a0762c24aa029dbd7c97aad49bdd263df587b67a798579563ca87f42d1b
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 19:19:25 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 29 Sep 2022 12:52:18 GMT
Expires: Thu, 06 Oct 2022 12:52:17 GMT
Etag: "49d78923340dd0afa2d8eaadb8aa32bb14c0b6b3"
Cache-Control: max-age=321771,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 753fca1c8fcdfac4-OSL

                                        
                                            POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1 
Host: fleraprt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megadb.net/
Content-Type: text/plain;charset=UTF-8
Origin: https://megadb.net
Content-Length: 1756
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.195.254
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Server: nginx/1.19.10
Date: Sun, 02 Oct 2022 19:19:45 GMT
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://megadb.net
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    adb4650bfc9d2a73d4dd69583b0ceb14
Sha1:   1ce399d6e936232aaf2192cd7903a279c5015f22
Sha256: 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            OPTIONS /500/4779551?excludes=&oaid=c2d22663ab7645a2878397765fb7f08c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fmegadb.net%2Fdownload&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: betotodilea.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://megadb.net/
Origin: https://megadb.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.237
HTTP/2 200 OK
                                        
server: nginx
date: Sun, 02 Oct 2022 19:19:25 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://megadb.net
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET /27/b7bd02994a2771796f8a835cfb750d4b HTTP/1.1 
Host: cdn.uponelectabuzzor.club
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megadb.net/
Cookie: scm=1; OAID=78c6367ed2a145d784612fcdc43a48b5; oaidts=1664738364
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 02 Oct 2022 19:19:24 GMT
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Thu, 22 Sep 2022 08:42:06 GMT
expires: Thu, 22 Oct 2082 08:42:06 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65523)
Size:   131245
Md5:    369181a44ab40b3cc2510921246c5f4c
Sha1:   ffcd2eea059c0aaba575bf0b397f89c81f83e802
Sha256: d064fbc3c4aa4abe30d92bbdf1ec17c20c900b730ddac549f35e762bec33717b
                                        
                                            GET /500/4888955?excludes=&oaid=c2d22663ab7645a2878397765fb7f08c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fmegadb.net%2Fdownload&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: goomaphy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://megadb.net
Connection: keep-alive
Referer: https://megadb.net/
Cookie: OAID=c5bdd2784a904ae69a889e18b2aac57c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 02 Oct 2022 19:19:25 GMT
x-trace-id: ca6bcf909a84e8cd04e9d19c105cb3bc
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://megadb.net
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=c2d22663ab7645a2878397765fb7f08c; expires=Mon, 02 Oct 2023 19:19:25 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   77223
Md5:    f3d57919686eb22abf7f5fda5d000ab3
Sha1:   c880a5109e41f3d03d8ae39667ee94b70acb59dc
Sha256: 0b6b0f07ec653a0b52f59a04c2db799e6cb5595404a1784709e65e2d910172ee

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /500/4779551?excludes=&oaid=c2d22663ab7645a2878397765fb7f08c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fmegadb.net%2Fdownload&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: betotodilea.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://megadb.net
Connection: keep-alive
Referer: https://megadb.net/
Cookie: OAID=c8baf133358a4546982a3a51805cbe08
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.237
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 02 Oct 2022 19:19:25 GMT
x-trace-id: dbe76f61059ad0b4a602f11803cd7d46
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://megadb.net
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=c2d22663ab7645a2878397765fb7f08c; expires=Mon, 02 Oct 2023 19:19:25 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   24282
Md5:    c40af3de5f73794d9d1ae23b6e520bd7
Sha1:   c7824a77bd70354bd97ec4b4bc48f5490a74b4d4
Sha256: 443c043683fffe6493b8e34b4f29a9b62b9a5381cf633d58fa746188a3593739
                                        
                                            OPTIONS /9?z=4909538&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmegadb.net%2Fdownload&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=c2d22663ab7645a2878397765fb7f08c HTTP/1.1 
Host: cdn.uponelectabuzzor.club
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://megadb.net/
Origin: https://megadb.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 204 No Content
                                        
server: nginx
date: Sun, 02 Oct 2022 19:19:25 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://megadb.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

                                        
                                            POST /9?z=4909538&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmegadb.net%2Fdownload&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=c2d22663ab7645a2878397765fb7f08c HTTP/1.1 
Host: cdn.uponelectabuzzor.club
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 153
Origin: https://megadb.net
Connection: keep-alive
Referer: https://megadb.net/
Cookie: scm=1; OAID=78c6367ed2a145d784612fcdc43a48b5; oaidts=1664738364
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 02 Oct 2022 19:19:25 GMT
content-length: 7
access-control-allow-credentials: true
access-control-allow-origin: https://megadb.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: e2fca066498a769a8459f45560d224c6
access-control-expose-headers: X-Sc
set-cookie: OAID=c2d22663ab7645a2878397765fb7f08c; expires=Mon, 02 Oct 2023 19:19:25 GMT; secure; SameSite=None oaidts=1664738364; expires=Mon, 02 Oct 2023 19:19:25 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   7
Md5:    a97eb6fbe6f13b601d5d48c0eba8baae
Sha1:   736efb938caf3d0edec406932ada889f1a4f2268
Sha256: a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
                                        
                                            GET /impression/WsKIMFI5XuBsG7fFTtDlEOal2x04MkkgJik4dyiFMV3dYaEOC9U7wz4-IS0luzAeyhC-yt-bv2dZhAun-D6jrmr6pYXTLoMCNYOc3g0De7giJgJmIP8r3CBW1we3qaJixYDqeWtlNDDGZapgCkvnPQxlAdIMqel8Vm-OrFBFCupFHzzjwqEC-ck1kXecb1AzhQyP9bePm2viTug6_HiIGlUd7UsHPCiZyim2HuUdZ83T7ZhN1DDY5wXSFqGbRCYqUWK_MSBJyP8nBowopzqR9UmuCD8n1Gop_DGUQLjSKP8kVU0wyYTl0oy9CUZFRMCs7_DoNz6to2xZEbuacKYIHGFwG-XdUKlvWrQfGFVOP9yu2quDZJBU8wdIDe-xp5jRt1w35MRXmJ3RO42Po7YDEvXG7iR1HT1iGBCbBhB1RPkgkV13tlSKt3Z2zBbCv-_YcX32sRUQGRWU04jV47QWxdwUHLLnNpVo53hVUNi8Fs5Fq7JBDsNOKogvz1NB-7QUJUuFB3P9jB1prT9ePzbd9TdHX6-yjLKWCmwR0a42TpRqo8XjC9H1PyeB3MfHktjm8X4pPJhh-IFRMeKTAmImyQ4Gvlcp1lN6mL5zZoevpmjCp46GYym8JD5S2JjeMG0XWdRQo6WUUJaKSsMY?_z=4779551&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fmegadb.net%2Fdownload&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: betotodilea.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megadb.net/
Cookie: OAID=c2d22663ab7645a2878397765fb7f08c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.237
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Sun, 02 Oct 2022 19:19:25 GMT
content-length: 43
x-trace-id: 7bddff6cca0c1032893b449daca57520
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   11994
Md5:    a8365817fed5360ae3c0a03fe59d82ca
Sha1:   4f10bdb062bfb791b46911c31d21bd4779b39d74
Sha256: 1958d8512ac53186ef9e8920713611ff66281906568f4a7fbadcf80fcf195c0f
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 19:19:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 19:19:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ga.js HTTP/1.1 
Host: ssl.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megadb.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.104
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Sun, 02 Oct 2022 18:17:11 GMT
expires: Sun, 02 Oct 2022 20:17:11 GMT
cache-control: public, max-age=7200
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
age: 3734
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1305)
Size:   17168
Md5:    01d5892e6e243b52998310c2925b9f3a
Sha1:   58180151b6a6ee4af73583a214b68efb9e8844d4
Sha256: 7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
                                        
                                            GET /recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://megadb.net
Connection: keep-alive
Referer: https://megadb.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 158844
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 01:05:31 GMT
expires: Sun, 01 Oct 2023 01:05:31 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
age: 152034
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (711)
Size:   158844
Md5:    b4ed95d4318e3b78b936c9c0f1ffa96e
Sha1:   b53c9376b1459afb07fb4b5c2e8d8dad776d3a02
Sha256: 3c21880cb7be6bec40f9d40c23ad39c9758999cf950cec07b86c83b21fde175f
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 19:19:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 19:19:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            OPTIONS /500/4779551?excludes=14745758&oaid=c2d22663ab7645a2878397765fb7f08c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=5&pl=https%3A%2F%2Fmegadb.net%2Fdownload&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: betotodilea.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://megadb.net/
Origin: https://megadb.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.237
HTTP/2 200 OK
                                        
server: nginx
date: Sun, 02 Oct 2022 19:19:25 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://megadb.net
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET /www/images/375d4eace3e9692bfe2fc21648f4c59a.jpeg HTTP/1.1 
Host: offerimage.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megadb.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.22.32.172
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 02 Oct 2022 19:19:26 GMT
content-length: 13449
cache-control: max-age=86400
cf-bgj: h2pri
etag: "6231b480-3489"
expires: Mon, 03 Oct 2022 13:43:03 GMT
last-modified: Wed, 16 Mar 2022 09:57:20 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 20182
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 753fca238d6e98eb-ARN
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Size:   13449
Md5:    375d4eace3e9692bfe2fc21648f4c59a
Sha1:   57ef9b8278b63d567eab92b8607b68cee29071b8
Sha256: 46005b3961515220591e6df79d2713774deb57a082dda8162c3d182bcad3aa1b
                                        
                                            GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 12:31:58 GMT
expires: Sun, 01 Oct 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 110848
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size:   15344
Md5:    5d4aeb4e5f5ef754e307d7ffaef688bd
Sha1:   06db651cdf354c64a7383ea9c77024ef4fb4cef8
Sha256: 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
                                        
                                            GET /download HTTP/1.1 
Host: megadb.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: file_code=sfqgk8axu8cb; lang=english
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

                                         
                                         104.21.67.68
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Sun, 02 Oct 2022 19:19:23 GMT
strict-transport-security: max-age=0;includeSubDomains;
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
expires: Sat, 01 Oct 2022 19:19:23 GMT
set-cookie: aff=2; domain=.megadb.net; path=/; expires=Sun, 16-Oct-2022 19:19:23 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Det6gXBarXIVFhC23pOcSYLGJ6d%2BPfWYQ%2BnGaE4hEnxw0EDYo1JeeExZPb0S%2F1DEgqdyClwvSkDcIbeVE3lGQSmIom8NGb3fXzDYwLEZxaIh89FBNIAp6lPf%2FBT%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 753fca05bc2eb51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /bootstrap/3.3.7/css/bootstrap-theme.min.css HTTP/1.1 
Host: maxcdn.bootstrapcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://megadb.net
Connection: keep-alive
Referer: https://megadb.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.11.207
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Sun, 02 Oct 2022 19:19:23 GMT
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 08/03/2021 14:28:52
cdn-edgestorageid: 601
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-proxyver: 1.0
cdn-status: 200
cdn-requestid: d0c272812b6b417496670ded5cc7e53a
cdn-cache: HIT
cf-cache-status: HIT
age: 10163680
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 753fca14aad50b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /releases/v5.1.1/css/v4-shims.css HTTP/1.1 
Host: use.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megadb.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.133.15
HTTP/2 200 OK
content-type: text/css
                                        
date: Sun, 02 Oct 2022 19:19:23 GMT
x-amz-id-2: X2MspkU322QTS1GU3Jo4f5a2Asc8lvw/0+KqaHNn71uqHUoLmnY+4cw//nqEoaJp6Ve594YQLAI=
x-amz-request-id: 12P8BHJ25NHBWV4F
last-modified: Wed, 30 Jun 2021 15:30:50 GMT
etag: W/"01727b5056f65c2ac938f5db4e552b10"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 2222538
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yInBykekGwAKSY0rTwoa%2FI5y0pwOzkP58vXjQHXqtxzEE0FP5T8aig5cQM%2F%2FSG6aWVmKYt%2BIMUi5c9Prwb1EAkuagtNnLQjGslVaTE1KCrzXJN%2FVY5PJBsjlcFUPayIkvAfVjGk9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 753fca14eac706c1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sfqgk8axu8cb HTTP/1.1 
Host: megadb.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         104.21.67.68
HTTP/2 302 Found
                                        
date: Sun, 02 Oct 2022 19:19:21 GMT
location: https://megadb.net/download
set-cookie: file_code=sfqgk8axu8cb; domain=.megadb.net; path=/; expires=Sun, 02-Oct-2022 20:19:21 GMT lang=english; domain=.megadb.net; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JJGr%2F6Oqvjnda5AdwKJXskujhFq4YjihDsg%2Fl4H3VmGOUXp8RyHJaAfPKMkt47B4D1EB23k9quyGBAgscnDxfjjuXWKNBv5phdLctlRJxHhiBQjk%2Fd9oj4dLgrzH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 753fc9f8ae50b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /font-awesome/4.3.0/css/font-awesome.min.css HTTP/1.1 
Host: maxcdn.bootstrapcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megadb.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.11.207
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Sun, 02 Oct 2022 19:19:23 GMT
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 632, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 2021-06-08 21:08:57
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: e6a55b08fe5091f45c9e99ce9e9f98c2
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 10179962
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 753fca149fddb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /releases/v5.1.1/css/all.css HTTP/1.1 
Host: use.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megadb.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.133.15
HTTP/2 200 OK
content-type: text/css
                                        
date: Sun, 02 Oct 2022 19:19:23 GMT
x-amz-id-2: JDlpBDjOLEQJoLbpDpgEHFkbnXUVRFlWa8Ng8VyJW5AxfPFcaV0TrF/+uXO4BuVx3Dku9v+ENVU=
x-amz-request-id: K7K1RQ1C3WW22NV6
last-modified: Wed, 30 Jun 2021 15:30:50 GMT
etag: W/"597b70b2ce6b1483f72526c906918fe9"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 2222538
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DYgixPKkfkbjilLrgesEN4l0Ie5zk%2B7Cy3KKji7okQCRFvN1hcJko%2F%2FwCLfF6t25LyaxraP13axti%2BFu1oRu65ukB8qxj1WdiQd2BhXG5M0nU4GfzFZPZyTG2JfOO9KUa8f7otyD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 753fca14eac006c1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /400/4888955 HTTP/1.1 
Host: goomaphy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megadb.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.239
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 02 Oct 2022 19:19:24 GMT
x-trace-id: d904ec6e7c9798c2de22cfa5f5e5e335
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=c5bdd2784a904ae69a889e18b2aac57c; expires=Mon, 02 Oct 2023 19:19:24 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /400/4779551 HTTP/1.1 
Host: betotodilea.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megadb.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.237
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 02 Oct 2022 19:19:24 GMT
x-trace-id: 9dd6058b2d7044ac77ec10867bd6f11d
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=c8baf133358a4546982a3a51805cbe08; expires=Mon, 02 Oct 2023 19:19:24 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /500/4779551?excludes=14745758&oaid=c2d22663ab7645a2878397765fb7f08c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=5&pl=https%3A%2F%2Fmegadb.net%2Fdownload&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: betotodilea.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://megadb.net
Connection: keep-alive
Referer: https://megadb.net/
Cookie: OAID=c2d22663ab7645a2878397765fb7f08c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.237
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 02 Oct 2022 19:19:25 GMT
x-trace-id: 23ab5f95b9cc47ef39a52dfdc49b7b67
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://megadb.net
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=c2d22663ab7645a2878397765fb7f08c; expires=Mon, 02 Oct 2023 19:19:25 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---