Overview

URLdf2dmg1qbvzh1k.xyz/
IP 216.18.208.202 (United States)
ASN#18450 WEBNX
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-27 14:54:47 UTC
StatusLoading report..
IDS alerts0
Blocklist alert69
urlquery alerts No alerts detected
Tags None

Domain Summary (11)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-27 05:29:56 UTC 34.102.187.140
df2dmg1qbvzh1k.xyz (59) 0 2022-09-10 14:57:56 UTC 2022-09-11 20:16:19 UTC 216.18.208.202 Unknown ranking
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-27 05:29:57 UTC 34.117.237.239
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 35.162.125.72
fonts.gstatic.com (2) 0 2014-09-09 00:40:21 UTC 2022-11-27 05:33:29 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
r3.o.lencr.org (4) 344 No data No data 23.36.76.226
ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
ocsp.pki.goog (3) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.3
readed-staistiny.com (1) 200085 2018-11-12 16:31:37 UTC 2022-11-25 22:03:45 UTC 18.193.146.82

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-27 2 df2dmg1qbvzh1k.xyz/ Phishing
2022-11-27 2 df2dmg1qbvzh1k.xyz/?type=really Phishing
2022-11-27 2 df2dmg1qbvzh1k.xyz/index_files/js Phishing
2022-11-27 2 df2dmg1qbvzh1k.xyz/index_files/prognroll.js.%E4%B8%8B%E8%BC%89 Phishing
2022-11-27 2 df2dmg1qbvzh1k.xyz/index_files/dr-dtime.min.js.%E4%B8%8B%E8%BC%89 Phishing
2022-11-27 2 df2dmg1qbvzh1k.xyz/index_files/css2 Phishing
2022-11-27 2 df2dmg1qbvzh1k.xyz/index_files/jquery.min.js.%E4%B8%8B%E8%BC%89 Phishing
2022-11-27 2 df2dmg1qbvzh1k.xyz/index_files/pri4.jpeg Phishing
2022-11-27 2 df2dmg1qbvzh1k.xyz/index_files/pri3.jpeg Phishing
2022-11-27 2 df2dmg1qbvzh1k.xyz/index_files/loss34.jpeg Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed
2022-11-27 2 df2dmg1qbvzh1k.xyz Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 216.18.208.202
Date UQ / IDS / BL URL IP
2023-01-29 08:28:59 +0000 0 - 0 - 2 dk7dntq0zog2qy0.xyz/ 216.18.208.202
2023-01-29 08:28:42 +0000 0 - 0 - 3 dk5bfvwz3ea30g.xyz/ 216.18.208.202
2023-01-28 20:45:26 +0000 0 - 0 - 7 du2bbltobc1ehr.xyz/ 216.18.208.202
2023-01-28 16:11:56 +0000 0 - 0 - 69 df2bh6uh5smvhk.xyz/ 216.18.208.202
2023-01-27 20:02:33 +0000 0 - 65 - 5 xqn1dn88hfupak.life/ 216.18.208.202


Last 5 reports on ASN: WEBNX
Date UQ / IDS / BL URL IP
2023-01-29 08:28:59 +0000 0 - 0 - 2 dk7dntq0zog2qy0.xyz/ 216.18.208.202
2023-01-29 08:28:42 +0000 0 - 0 - 3 dk5bfvwz3ea30g.xyz/ 216.18.208.202
2023-01-29 03:59:29 +0000 0 - 1 - 1 zian.com.tw/1234/dhl/source/index.php?email=n (...) 64.185.234.132
2023-01-28 20:45:26 +0000 0 - 0 - 7 du2bbltobc1ehr.xyz/ 216.18.208.202
2023-01-28 16:11:56 +0000 0 - 0 - 69 df2bh6uh5smvhk.xyz/ 216.18.208.202


Last 1 reports on domain: df2dmg1qbvzh1k.xyz
Date UQ / IDS / BL URL IP
2022-11-27 14:54:47 +0000 0 - 0 - 69 df2dmg1qbvzh1k.xyz/ 216.18.208.202


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-01-28 16:11:56 +0000 0 - 0 - 69 df2bh6uh5smvhk.xyz/ 216.18.208.202
2023-01-21 03:44:41 +0000 0 - 0 - 69 xf5dkqdj7xyg21.xyz/ 216.18.208.202
2023-01-21 02:38:08 +0000 0 - 0 - 69 xf5ddcsbvw33i0.xyz/ 216.18.208.202
2023-01-20 16:35:12 +0000 0 - 0 - 10 df5adtr7ccxz79.xyz/ 23.94.41.173
2023-01-09 03:47:24 +0000 0 - 0 - 68 df1bto5vlbdx3ai.xyz/ 216.18.208.202

JavaScript

Executed Scripts (11)

Executed Evals (1)
#1 JavaScript::Eval (size: 63) - SHA256: 7beb7938591dd375a15a478331d461a56e9e6dc2460a2b886ecdc3e163d11d88
setTimeout(function() {
    window.location.href = '?type=really'
}, 500)

Executed Writes (2)
#1 JavaScript::Write (size: 11) - SHA256: 4c799bc5427ef303f67617b0936a6d134198379c8708e717cdabff14efe7aa1f
27 Novembre
#2 JavaScript::Write (size: 27) - SHA256: 8bfd022d662d77bf447b46c4da1d4a36b9f34afcb48f0a5aa2dae32532ff5fab
Dimanche, Novembre 27, 2022


HTTP Transactions (82)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4467
Expires: Sun, 27 Nov 2022 16:09:03 GMT
Date: Sun, 27 Nov 2022 14:54:36 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5996
Cache-Control: max-age=162993
Date: Sun, 27 Nov 2022 14:54:36 GMT
Etag: "63833c71-1d7"
Expires: Tue, 29 Nov 2022 12:11:09 GMT
Last-Modified: Sun, 27 Nov 2022 10:31:13 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 27 Nov 2022 14:19:23 GMT
cache-control: public,max-age=3600
age: 2113
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    567df7db606cf5d0871aa5bc9311b6da
Sha1:   4263faac7cbab2fcaf6661911dcad5091c06be17
Sha256: e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
                                        
                                            GET / HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Sun, 27 Nov 2022 14:54:36 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 168


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   168
Md5:    b7949a2c2cec5d0fc76270710f132d4e
Sha1:   a51a1a70d14193182bc1cca339efbf805da63a34
Sha256: 0de73e0545467494dda68a11a3203376a2653991d9b4ec3d0376175f23802a21

Alerts:
  Blocklists:
    - fortinet: Phishing
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4FD46B0B6A2EA24F5CE175985A3933C04B4C01BD3E32BEE2E50A61A65EEF7AF4"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6242
Expires: Sun, 27 Nov 2022 16:38:38 GMT
Date: Sun, 27 Nov 2022 14:54:36 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: 2NBzSIrGx++dsWiybQ4tD7eSgWcU8u4I2AMZNPX7pyH2pbA1YbYTX6Pk/LPJjStm25YZx7ULA30k2FGoOB744w==
x-amz-request-id: 3NTD38BW8Z6CMPAD
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 27 Nov 2022 14:44:40 GMT
age: 596
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 27 Nov 2022 14:54:36 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Sun, 27 Nov 2022 14:54:36 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 168


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   168
Md5:    b7949a2c2cec5d0fc76270710f132d4e
Sha1:   a51a1a70d14193182bc1cca339efbf805da63a34
Sha256: 0de73e0545467494dda68a11a3203376a2653991d9b4ec3d0376175f23802a21

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 27 Nov 2022 14:11:12 GMT
cache-control: public,max-age=3600
age: 2605
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5055
Cache-Control: max-age=156990
Date: Sun, 27 Nov 2022 14:54:37 GMT
Etag: "638328ac-1d7"
Expires: Tue, 29 Nov 2022 10:31:07 GMT
Last-Modified: Sun, 27 Nov 2022 09:06:52 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /?type=really HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/
Upgrade-Insecure-Requests: 1

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Date: Sun, 27 Nov 2022 14:54:37 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 17387


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (390)
Size:   17387
Md5:    9ca4651f038fb84693e350ac734e8a29
Sha1:   e0622adc3a493185ef5f9cdac75266a93cb4baba
Sha256: 6aa976e91ad5c941a59d23a9688c09cdba7427938e30a7482f47f2e188a856c8

Alerts:
  Blocklists:
    - fortinet: Phishing
    - quad9: Sinkholed
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: alAAlUkg9COLkLbHMhgPvw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         35.162.125.72
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: nBTVhlYxgnYFHqhE2vU44qS7Pjg=

                                        
                                            GET /index_files/js HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Sun, 27 Nov 2022 14:54:37 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 168


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   168
Md5:    b7949a2c2cec5d0fc76270710f132d4e
Sha1:   a51a1a70d14193182bc1cca339efbf805da63a34
Sha256: 0de73e0545467494dda68a11a3203376a2653991d9b4ec3d0376175f23802a21

Alerts:
  Blocklists:
    - fortinet: Phishing
    - quad9: Sinkholed
                                        
                                            GET /index_files/prognroll.js.%E4%B8%8B%E8%BC%89 HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 27 Nov 2022 14:54:37 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:48:00 GMT
ETag: "5e6-5ed829aab4400-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 557


--- Additional Info ---
Magic:  ASCII text, with very long lines (417)
Size:   557
Md5:    4862866b401f9794fd0cbdb53a94260b
Sha1:   d86c74fbced410a8e4ffeb85930b4ea03db79ee1
Sha256: 1527a1f1af051bd5dd8f052d582072fd611bfe1bc79310f0aa6aad30050d15ee

Alerts:
  Blocklists:
    - fortinet: Phishing
    - quad9: Sinkholed
                                        
                                            GET /index_files/dr-dtime.min.js.%E4%B8%8B%E8%BC%89 HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 27 Nov 2022 14:54:37 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:31 GMT
ETag: "2b76-5ed8298f0c2c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4376


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (9616), with CRLF line terminators
Size:   4376
Md5:    3441a02aafe56d944a09fcbfaf6c9ce2
Sha1:   b54d2cba99626938227bc3cb7fb436ceda75875a
Sha256: f6a3d7d660a7e24b3790503ec49d95aca17eeaaa29b81fed7ee5782a4b55145d

Alerts:
  Blocklists:
    - fortinet: Phishing
    - quad9: Sinkholed
                                        
                                            GET /index_files/css2 HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
                                        
Date: Sun, 27 Nov 2022 14:54:37 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:31 GMT
ETag: "118e-5ed8298f0c2c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 615


--- Additional Info ---
Magic:  ASCII text
Size:   615
Md5:    59558a6c9f4a960ae266991a42fd8e65
Sha1:   851c4418443f62bba0ac66422c7f241e85c99adf
Sha256: 9e01a752e68c29866c179331921b4947203dd52672e01a314d51895f1a0f39b9

Alerts:
  Blocklists:
    - fortinet: Phishing
    - quad9: Sinkholed
                                        
                                            GET /index_files/index_files_index.css HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sun, 27 Nov 2022 14:54:37 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:53 GMT
ETag: "6971-5ed829a407440-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4476


--- Additional Info ---
Magic:  ASCII text, with very long lines (1029), with CRLF line terminators
Size:   4476
Md5:    72661697f04f259b0a8e212c4f22446c
Sha1:   0f49d8c928e7659e79393e0d7885e2d01d6d6cc7
Sha256: 3174c41fa23ab1cffe3a1d5e54f126f6bb6b930406bf0abdf64a206a74d8dbc1

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /index_files/jquery.min.js.%E4%B8%8B%E8%BC%89 HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 27 Nov 2022 14:54:37 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:56 GMT
ETag: "15851-5ed829a6e3b00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 30677


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   30677
Md5:    c65598a79e692c79f732ea0b099f9da7
Sha1:   5459de784144478c4a5088437bf5da4690dbae5f
Sha256: 653cc57da3a15e7ba824119d448c287f3c1a9a0afb400970ed3658d48765984a

Alerts:
  Blocklists:
    - fortinet: Phishing
    - quad9: Sinkholed
                                        
                                            GET /index_files/index_files_template.css HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sun, 27 Nov 2022 14:54:37 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:55 GMT
ETag: "6d81-5ed829a5ef8c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12780


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (9743), with CRLF line terminators
Size:   12780
Md5:    bf2e840774d604a3b9556df1bccd1829
Sha1:   defa354cfc8108da19577ddcccd1d07f6934fd1a
Sha256: 5ec1f1d6153cadd1bfb495c48fe5c556ef28f759a10c27425a19daf99640e6e8

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 27 Nov 2022 14:54:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 27 Nov 2022 14:54:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/notoserif/v21/ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://df2dmg1qbvzh1k.xyz
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23948
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 21:05:10 GMT
expires: Tue, 21 Nov 2023 21:05:10 GMT
cache-control: public, max-age=31536000
age: 496168
last-modified: Mon, 09 May 2022 19:47:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 23948, version 1.0\012- data
Size:   23948
Md5:    aeb92e524ca62170347fa63974605767
Sha1:   1e10bfbd720481e42035a5469d7ce8fc51d34aab
Sha256: 25475d82cc976fb2c71b15b3e416c22bf636dd247bbb268d312e7c076ec5b6e4
                                        
                                            GET /s/notoserif/v21/ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://df2dmg1qbvzh1k.xyz
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27456
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 21:05:18 GMT
expires: Tue, 21 Nov 2023 21:05:18 GMT
cache-control: public, max-age=31536000
age: 496160
last-modified: Mon, 09 May 2022 20:10:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 27456, version 1.0\012- data
Size:   27456
Md5:    80becb8b7638756b35eebf31518f8904
Sha1:   ba154f44545a98796887a9b5cfd84d765d3d0c05
Sha256: a0a9ce1553fa74dad4d8cf55b7df7d012a3acdec01cd39d682fce0e5b52e99f2
                                        
                                            GET /d/.js?oref=http%3A%2F%2Fdf2dmg1qbvzh1k.xyz%2F&ourl=http%3A%2F%2Fdf2dmg1qbvzh1k.xyz%2F%3Ftype%3Dreally&opt=Scientific%20Institute%20of%20Dietetics&t=1669560877731 HTTP/1.1 
Host: readed-staistiny.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         18.193.146.82
HTTP/2 400 Bad Request
content-type: text/html
                                        
server: nginx
date: Sun, 27 Nov 2022 14:54:38 GMT
content-length: 152
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Size:   152
Md5:    d9bacc468aa23334526933389545e120
Sha1:   e26288b4bada404ce340ca72989f9f1193dc649c
Sha256: 0605685efb44dd3decd77517436c575731b61f807247587de67080c579ffa2d4
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 27 Nov 2022 14:54:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /index_files/index_files_231dlaxtgy.jpg HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 27 Nov 2022 14:54:38 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:37 GMT
ETag: "c6a-5ed82994c5040"
Accept-Ranges: bytes
Content-Length: 3178


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 92x92, components 3\012- data
Size:   3178
Md5:    734bf4295477afcbb0982fef1e90afdd
Sha1:   f83dff59190b8ec26470d4b27813d2e38778e74f
Sha256: 157edd4fa7f3a885ebe03f7910b3fc2f986b40d84ebd06b88630d302e69171ee

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /index_files/index_files_komment7dlaxtgy.jpg HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 27 Nov 2022 14:54:38 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:53 GMT
ETag: "3a1-5ed829a407440"
Accept-Ranges: bytes
Content-Length: 929


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Size:   929
Md5:    4357bdae640f3aba33bb1ef2fd007e7f
Sha1:   50f7869b68cd28d1b53b272d9207a49c1217ef7b
Sha256: f7a70ee80dcca7200a5856c185a3f995911683824f1680ccee7710b4f287ac42

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /index_files/index_files_27dlaxtgy.jpg HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 27 Nov 2022 14:54:38 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:38 GMT
ETag: "4e4-5ed82995b9280"
Accept-Ranges: bytes
Content-Length: 1252


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Size:   1252
Md5:    1f2d11ee3f9f8147c2cf67432bf7a9eb
Sha1:   32bb52e088899b6132a6e9be922b2600a2103e66
Sha256: 681c6ff2b6eb2eca0c65be642f57780724c9432126f7f5a817191ac72c52a3e7

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /index_files/index_files_24dlaxtgy.jpg HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 27 Nov 2022 14:54:38 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:37 GMT
ETag: "4a6-5ed82994c5040"
Accept-Ranges: bytes
Content-Length: 1190


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Size:   1190
Md5:    0e3c8ba05e970e05d03004f746f46c76
Sha1:   217a534c7915e05d64aa1453bc2e393bde9c4dba
Sha256: 48a404220987be6ca1d0c27f2515ef7744aed424bc18e61fb2fa3b21a537f637

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /index_files/burger.png HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sun, 27 Nov 2022 14:54:38 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:30 GMT
ETag: "96-5ed8298e18080"
Accept-Ranges: bytes
Content-Length: 150


--- Additional Info ---
Magic:  PNG image data, 24 x 18, 8-bit/color RGBA, non-interlaced\012- data
Size:   150
Md5:    6b4839cb1a76172902eaac1cd8be30b2
Sha1:   e7777371d5289e70d746366f2eda4775e4487386
Sha256: ab2072ca38e46cfdb5304ed7a2f5add4f22fe31ad16b427cf35dd77b718fff3c

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /index_files/sec.png HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sun, 27 Nov 2022 14:54:38 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:48:00 GMT
ETag: "586-5ed829aab4400"
Accept-Ranges: bytes
Content-Length: 1414


--- Additional Info ---
Magic:  PNG image data, 165 x 15, 8-bit/color RGBA, non-interlaced\012- data
Size:   1414
Md5:    b1817ec508b3c6a5cdfbf77563e904b5
Sha1:   e75956eb7d92730f4865320ab7219ff092f1358b
Sha256: 4a7f8ad01ca5771ddc9c3ee9c9ae3a156c0c1f9d57a558a05927879286907243

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /index_files/index_files_25dlaxtgy.jpg HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 27 Nov 2022 14:54:38 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:38 GMT
ETag: "c279-5ed82995b9280"
Accept-Ranges: bytes
Content-Length: 49785


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 605x401, components 3\012- data
Size:   49785
Md5:    8dc9a948571589fbf93aa1b3608647ae
Sha1:   bed9661afceea64f189ca647179771595c419a2d
Sha256: 16c2428b0ec5512de4eb9585dea91e9f76431c81de1e55e28845c904d18fe690

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /index_files/index_files_ob35dlaxtgy.jpg HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 27 Nov 2022 14:54:38 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:54 GMT
ETag: "11199-5ed829a4fb680"
Accept-Ranges: bytes
Content-Length: 70041


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 550x389, components 3\012- data
Size:   70041
Md5:    655cd367a14b363a19ab960cc099bb39
Sha1:   c9cdce68815c123a4455662ccd2aaa2d3206530a
Sha256: 93c11e98334c6832fff1eba77d56997e63a0c356632321ddf6834a6bc61d86b7

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /index_files/index_files_top1dlaxtgy.jpg HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 27 Nov 2022 14:54:38 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:56 GMT
ETag: "1021f-5ed829a6e3b00"
Accept-Ranges: bytes
Content-Length: 66079


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1180x680, components 3\012- data
Size:   66079
Md5:    da9411a7daf9c540ad38fc1c23f1e837
Sha1:   a5ad9496ef3ed20b229106bbb653b0120aa2d58d
Sha256: 8ae6e3c4b72b5f285487f538aceaa7d0a89ab3173e05699cfcd26ffd36ebb050

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /index_files/mic1.jpg HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 27 Nov 2022 14:54:38 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:57 GMT
ETag: "1045b-5ed829a7d7d40"
Accept-Ranges: bytes
Content-Length: 66651


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1000x700, components 3\012- data
Size:   66651
Md5:    ec40385053210ad3b736da7873b50ac9
Sha1:   3e0bee3a50fe2188c7c9296557c2296d498a8c79
Sha256: 0cba46590ff65d959d1d5312e138ffa409d3e08f1452888f1b17978c084fbdd3

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2228
Expires: Sun, 27 Nov 2022 15:31:46 GMT
Date: Sun, 27 Nov 2022 14:54:38 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2228
Expires: Sun, 27 Nov 2022 15:31:46 GMT
Date: Sun, 27 Nov 2022 14:54:38 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10199
x-amzn-requestid: baee3bbe-7ded-425a-ae39-fccfc8169217
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iF1VIAMF09g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-5522727b2f09b27e63b23270;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: K2eKLQhrsCdd4ASsfEibRuZAYW4CpPTlO3fZs7xdoKrw1HBxfTGkEA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:42:14 GMT
etag: "ae8aa4ce6ddaccba771fe65446926b60fc5628da"
age: 61944
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10199
Md5:    2cd887044e91d7ed0f1a8d7119ff7dd0
Sha1:   ae8aa4ce6ddaccba771fe65446926b60fc5628da
Sha256: bad283c15531000b7a8c126d442154b64a880cc26196a46cbd2e6266a526db67
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15290721-a62e-49b8-80c6-967680cff24f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6883
x-amzn-requestid: 9e3878c9-1817-427e-b121-969a8cbc7ad8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cL1ySF0tIAMFY4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638169a8-5143ffea77b70cf67ef60ad7;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 01:19:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: K4mksi8EQxTxRXDqN-0iWJc-LmiI7joDX5xGmPb1HetziDj4mRCC7Q==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 05:53:37 GMT
age: 32461
etag: "590c34be54c9889eec4ff7993e070fda836f711f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6883
Md5:    f7f16c0f8a8e710210ce77c0e4c1c2a2
Sha1:   590c34be54c9889eec4ff7993e070fda836f711f
Sha256: 4224287ba765da59c877ac4f1dec65accc5bec934b7598d9cbbee669ba4ab12e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7380
x-amzn-requestid: 18589644-299c-4a39-9376-db1bd1472009
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iEegIAMFeuQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-23990acc0fdc599a75a534e3;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RqsZxAtbOkWBGbXJ3sZHxcS-ZvWOw7Yg2Qd4zj0QLhrp3wAXC8w6jA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:42:14 GMT
etag: "97a135335f5b1b042adeb385718f8808cb78528b"
age: 61944
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7380
Md5:    76c00eceed956377d7469ef58b0815cb
Sha1:   97a135335f5b1b042adeb385718f8808cb78528b
Sha256: 81fb72ab752b2eb39ab6ee015055304490b3b6c3259968703fd07c2a2eed1e61
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F661e728e-05a1-40d9-ae81-c058443324b3.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9926
x-amzn-requestid: 4e2c72af-2cce-4740-9962-6a7f9e217272
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b_cVCHwEoAMF3lQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637c7420-51c2e04b4fae5b576a679db5;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 07:02:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rZTk5ONMhQB66WF0VWIRmlTOdzEJO-NJVl4TCibzbH2fZXY_9Mx9kQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 18:42:19 GMT
age: 72739
etag: "3b349ac17a00d68875e64bee110ec85d07cffda2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9926
Md5:    892849386662d30042f01ab952a3ec14
Sha1:   3b349ac17a00d68875e64bee110ec85d07cffda2
Sha256: 893797d55f15081d45af7a31af9fefe106ace9ba236e9b113787d07ab416faf9
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AVwDLlKoy5pc9NNuR_OakMB0ONGAoO-k2AKwV--b2sjiaqYSKAWlZg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:42:14 GMT
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
age: 61944
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4803
Md5:    cc0a257323f882caff067adb86d906e4
Sha1:   cedf2f21be7cd366bd46055b62b5513db3011dfc
Sha256: c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfaef414-0c01-4bb9-800d-29da0ef5607d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8387
x-amzn-requestid: fc238ea9-0169-47fc-b92e-f12b3ee27c72
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b433YGtOoAMFexg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6379d362-2f97c67a2e5f05b6746cf858;Sampled=0
x-amzn-remapped-date: Sun, 20 Nov 2022 07:12:34 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: oMrdB0NUGe5CqTY7eFd3u8xaSy9TyDdOrf1awBikFJzm3jWreD2irQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 82c2ab57bc9900898383f6b70681b9e6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 12:30:20 GMT
age: 8658
etag: "c32a57038d3cdbc514c9081c9938eca6a04fb481"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8387
Md5:    4e97baa4851785eac92c719abf481c64
Sha1:   c32a57038d3cdbc514c9081c9938eca6a04fb481
Sha256: adb59e982648082e5421f58899a5331b2747e9d45be33c495fbe3ab8cc872b22
                                        
                                            GET /index_files/pri4.jpeg HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 27 Nov 2022 14:54:38 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:59 GMT
ETag: "164bf-5ed829a9c01c0"
Accept-Ranges: bytes
Content-Length: 91327


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 730x548, components 3\012- data
Size:   91327
Md5:    0e1aec37857c58dfd5b2116046c05d9d
Sha1:   d730362fece9d511126a712e7631aa9ddc2b521c
Sha256: 84417a4ca8438f602f8df03799d3c526aa84230a862f891f2e4107ac135e6285

Alerts:
  Blocklists:
    - fortinet: Phishing
    - quad9: Sinkholed
                                        
                                            GET /index_files/pri3.jpeg HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 27 Nov 2022 14:54:38 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:58 GMT
ETag: "12905-5ed829a8cbf80"
Accept-Ranges: bytes
Content-Length: 76037


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 679x487, components 3\012- data
Size:   76037
Md5:    fe61f839012d79e536bd0284d6114140
Sha1:   a364f61b3a36901b78985555b5d0c8133d2cd850
Sha256: ffb37f12b1a172b681f5a0054d35f08c682ef91e86ca3242d981210e319888d1

Alerts:
  Blocklists:
    - fortinet: Phishing
    - quad9: Sinkholed
                                        
                                            GET /index_files/loss34.jpeg HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 27 Nov 2022 14:54:38 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:57 GMT
ETag: "bf44-5ed829a7d7d40"
Accept-Ranges: bytes
Content-Length: 48964


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 730x548, components 3\012- data
Size:   48964
Md5:    c2af2b89060b25e9b45ebe360540f27b
Sha1:   68f67ac14b017928f71ab120311e7242e5b6b2cb
Sha256: aaff85f2a6faa2defa0c065467bdb417b177a2296a9b999dd57d3845f1a3507d

Alerts:
  Blocklists:
    - fortinet: Phishing
    - quad9: Sinkholed
                                        
                                            GET /index_files/index_files_img1dlaxtgy.jpg HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 27 Nov 2022 14:54:38 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:50 GMT
ETag: "d4e5-5ed829a12ad80"
Accept-Ranges: bytes
Content-Length: 54501


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x363, components 3\012- data
Size:   54501
Md5:    04fb0128d94ee7ec73356d6d5fe81db5
Sha1:   1b8e0ebf5d3ade5d683635e4f7ec7b4c09f9970c
Sha256: b39ba7f7113856ddc5792bedb6aec00fa5d8da843a667f8028c2836b02662783

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /index_files/index_files_img2dlaxtgy.jpg HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 27 Nov 2022 14:54:39 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:50 GMT
ETag: "6708-5ed829a12ad80"
Accept-Ranges: bytes
Content-Length: 26376


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 604x292, components 3\012- data
Size:   26376
Md5:    2a92eb2fb651d2ecc2036cc6cb5f54d6
Sha1:   152bfae160f58f5646b8e6ebfca69c611ee04852
Sha256: 40f3b3dff8933315cb0119ab982934ac64f57d159677cf999ab6eeb8ed526e24

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /index_files/index_files_img3dlaxtgy.jpg HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 27 Nov 2022 14:54:39 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:51 GMT
ETag: "d6f3-5ed829a21efc0"
Accept-Ranges: bytes
Content-Length: 55027


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x513, components 3\012- data
Size:   55027
Md5:    f50509afafbce629664bb8f8f0c7e8fd
Sha1:   adc09e246a76b8c5ea4b4570d2785965455c0ad6
Sha256: d7907c6010df19a0876c743a8167426ddcfb1f5089b88dda16189a898aa438b7

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /index_files/checkmark-green-sm.png HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sun, 27 Nov 2022 14:54:39 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:30 GMT
ETag: "320-5ed8298e18080"
Accept-Ranges: bytes
Content-Length: 800


--- Additional Info ---
Magic:  PNG image data, 18 x 20, 8-bit colormap, non-interlaced\012- data
Size:   800
Md5:    c5b46ecb67a9fce24781bd440ef0d49d
Sha1:   396dc2ab6927d56b4da1a96eaa200f7903ecf47c
Sha256: bb87f9a8baf68a3ca10734f83ae49269140adce6f405ac9c3391b58950557a1f

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /index_files/100-guarantee-seal-1_2.png HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sun, 27 Nov 2022 14:54:39 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:29 GMT
ETag: "20fd-5ed8298d23e40"
Accept-Ranges: bytes
Content-Length: 8445


--- Additional Info ---
Magic:  PNG image data, 150 x 132, 8-bit colormap, non-interlaced\012- data
Size:   8445
Md5:    65a9fb2ab38e8b753b02e080ad9cf604
Sha1:   5c0c099220723b5ddb8c2e025bc1f7c655d17996
Sha256: c933753f362af10c379a78ded6587bf009cff81745f17b5497d9655b55d75d3c

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /index_files/index_files_doc-kz2-1dlaxtgy.jpg HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 27 Nov 2022 14:54:39 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:49 GMT
ETag: "64d7-5ed829a036b40"
Accept-Ranges: bytes
Content-Length: 25815


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 559x440, components 3\012- data
Size:   25815
Md5:    78003ab2c0fbe2cf5394f941e2957447
Sha1:   01e16cecc9fd76d646fec172b23f46c506939805
Sha256: a0a367bd3975d3f2b3d35175b0d58468c2657a13f6ff7dfadf58831b127d3cf9

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /index_files/index_files_ob372dlaxtgy.jpg HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 27 Nov 2022 14:54:39 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:54 GMT
ETag: "899b-5ed829a4fb680"
Accept-Ranges: bytes
Content-Length: 35227


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 550x384, components 3\012- data
Size:   35227
Md5:    999bcead0b31a054ec84d75543a326f5
Sha1:   1ef6772dd45a4df20606dc4d1bdf80a117fc55ad
Sha256: 67e1602b3f9e30b97ba37fbcc459e48e830b742f3cc257004d74e897ee417495

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /index_files/product.png HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sun, 27 Nov 2022 14:54:39 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:59 GMT
ETag: "c44b-5ed829a9c01c0"
Accept-Ranges: bytes
Content-Length: 50251


--- Additional Info ---
Magic:  PNG image data, 787 x 550, 8-bit colormap, non-interlaced\012- data
Size:   50251
Md5:    0393a6114375b017f38f4010c5a39cbc
Sha1:   195c6918d40c7be9fc474d5b32950b01c46e574e
Sha256: e485dbc76805326fcda5bf2aeef202400fb8be98101389b8c865d3d3e0735028

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /index_files/index_files_img8dlaxtgy.jpg HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 27 Nov 2022 14:54:39 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:52 GMT
ETag: "5366-5ed829a313200"
Accept-Ranges: bytes
Content-Length: 21350


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 504x244, components 3\012- data
Size:   21350
Md5:    2dfc44344b619478aed5136afee552fe
Sha1:   a9e0252dee8066de39bc6092b5276d0eb7e20d6d
Sha256: fc927ec6d6628c7cc75438adbe90cf4b669b590123d1d428d93a3e7a21acee80

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /index_files/index_files_21dlaxtgy.jpg HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 27 Nov 2022 14:54:39 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:35 GMT
ETag: "954f-5ed82992dcbc0"
Accept-Ranges: bytes
Content-Length: 38223


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 487x454, components 3\012- data
Size:   38223
Md5:    496d7bff15f800cd27d114619bd2a100
Sha1:   23011c142a6666efbde9df984f402f72acd28475
Sha256: bf10accdb2860db2af7566fe58cb21ccb5e14b13b43b52260dd615ddbbddda8c

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /index_files/index_files_107dlaxtgy.jpg HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 27 Nov 2022 14:54:39 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:32 GMT
ETag: "6c56-5ed8299000500"
Accept-Ranges: bytes
Content-Length: 27734


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 528x500, components 3\012- data
Size:   27734
Md5:    a452700876136a29e21bd4e153e3f3b7
Sha1:   ef770c7a8454d9eb0192ccf330f374b02adc2bc9
Sha256: af29fd1747f817f6550a28055116ec49155139fa0c269cae7c17524df75d4778

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /index_files/index_files_img9dlaxtgy.jpg HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 27 Nov 2022 14:54:39 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:52 GMT
ETag: "10558-5ed829a313200"
Accept-Ranges: bytes
Content-Length: 66904


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 606x673, components 3\012- data
Size:   66904
Md5:    5e0c27c9b8231cbd28d6a29217337c3c
Sha1:   84bee19d7da24a07247368810c12e6d36eb45122
Sha256: 777ba79b52a6fd33317aa50d2e4f054cea7127796615f185ca66cca1f2d26ba5

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /index_files/index_files_1072dlaxtgy.jpg HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 27 Nov 2022 14:54:39 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:32 GMT
ETag: "8c93-5ed8299000500"
Accept-Ranges: bytes
Content-Length: 35987


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 528x337, components 3\012- data
Size:   35987
Md5:    fffcfb1ba48578444481c34f55f49da5
Sha1:   31f6c2aeaaba583e9c076e0a981fa3185cb832fa
Sha256: d1cdd707e15f054c02502223424730cc4d3a73cfab4b2eea8f70265e0adce73c

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /index_files/index_files_300dlaxtgy.jpg HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 27 Nov 2022 14:54:40 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:39 GMT
ETag: "488-5ed82996ad4c0"
Accept-Ranges: bytes
Content-Length: 1160


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Size:   1160
Md5:    993a53c5522df94ca87f5459bc93f37b
Sha1:   1106e2521d57af71eda730fe23a0c368dbbaf404
Sha256: c26c960f28cfcc4480a6884b466335d5df0b68b7f0c3724fb285afbcfc62af7d

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /index_files/index_files_223dlaxtgy.jpg HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 27 Nov 2022 14:54:40 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:36 GMT
ETag: "3fd-5ed82993d0e00"
Accept-Ranges: bytes
Content-Length: 1021


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Size:   1021
Md5:    41ab757312409ed79800e4a4b1d3b86d
Sha1:   3dae9ba467e00ab42679102120dd5f550148f67b
Sha256: a2d8c235d7416a4fb4954ea828d76bc82d43ad66b4c1873d750bf98358f2d33a

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /index_files/index_files_30dlaxtgy.jpg HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 27 Nov 2022 14:54:40 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:44 GMT
ETag: "4c3-5ed8299b72000"
Accept-Ranges: bytes
Content-Length: 1219


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 64x64, components 3\012- data
Size:   1219
Md5:    f2656f14024917849002d82302f384a0
Sha1:   bb84e5188964eebe4f0ed4c2eae42834aedc5636
Sha256: 79dd3680f58b7abbe3ca83b284d6955599c0044d42d99b6a41ccbee28b64db4e

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /index_files/index_files_201dlaxtgy.jpg HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 27 Nov 2022 14:54:39 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:34 GMT
ETag: "17efb-5ed82991e8980"
Accept-Ranges: bytes
Content-Length: 98043


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x800, components 3\012- data
Size:   98043
Md5:    b9c6cff31dd36947d4b2e2bb0cc891d2
Sha1:   0c2325c4cef2032f3bbc6baeff553c0a768262d6
Sha256: e2405681c9735063dbbb0d5ac1cbcde020160a40d7fdc471cfe7f837d95c6acd

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /index_files/index_files_28dlaxtgy.jpg HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 27 Nov 2022 14:54:40 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:39 GMT
ETag: "4e2-5ed82996ad4c0"
Accept-Ranges: bytes
Content-Length: 1250


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Size:   1250
Md5:    4c3bb1b178159e6113ad2406347eaacf
Sha1:   aadc4e6344809d01ec24a0c89d3acff900f0c862
Sha256: 6ab46939948c947f99c4faf1a522f6ada8cd9f4548fe8df0e28bb6289eb1d033

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /index_files/index_files_2233dlaxtgy.png HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sun, 27 Nov 2022 14:54:40 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:35 GMT
ETag: "16a57-5ed82992dcbc0"
Accept-Ranges: bytes
Content-Length: 92759


--- Additional Info ---
Magic:  PNG image data, 500 x 500, 8-bit colormap, non-interlaced\012- data
Size:   92759
Md5:    763d6fd92a577770e39708277da4bc6f
Sha1:   594eefab04f907927a38cd32184a7b25b76f5609
Sha256: dc4df3e1cb96584229853e4a4977284199fa597f639ed1e33aa7281cf6977ecc

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /index_files/index_files_12_00100dlaxtgy.jpg HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 27 Nov 2022 14:54:40 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:34 GMT
ETag: "331-5ed82991e8980"
Accept-Ranges: bytes
Content-Length: 817


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Size:   817
Md5:    38a856a56a2909344b7f332a0a76a80a
Sha1:   e5e2a41232cfb7a4fe0eda07f317157551217313
Sha256: edcbfa18fbafbe05a70f3dc9ec833ec8620fa722f37fac059829185edf1ff0d9

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /index_files/index_files_302dlaxtgy.jpg HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 27 Nov 2022 14:54:40 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:40 GMT
ETag: "50c-5ed82997a1700"
Accept-Ranges: bytes
Content-Length: 1292


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Size:   1292
Md5:    27c58a39a8d592d49f784d2cd8f2b8a9
Sha1:   2a9f381ed537d67662015b94f2be938a9d59d2e0
Sha256: 90071a64e5f5548ac868405216c9441810fcdf06c6d7979666b58704659154d0

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /index_files/index_files_303dlaxtgy.jpg HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 27 Nov 2022 14:54:40 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:41 GMT
ETag: "534-5ed8299895940"
Accept-Ranges: bytes
Content-Length: 1332


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Size:   1332
Md5:    1d05ca2520c5bfd913f5f87ebf23f29e
Sha1:   fcd7624df8e5a4239b610359bc20f67acb5e4d58
Sha256: 6e80c0b1f6a49a98f82a76ec88508a7dc3e6f5a68a88852429b9f87bbf5e7db5

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /index_files/index_files_304dlaxtgy.jpg HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 27 Nov 2022 14:54:40 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:41 GMT
ETag: "c61-5ed8299895940"
Accept-Ranges: bytes
Content-Length: 3169


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 90x90, components 3\012- data
Size:   3169
Md5:    dc357479dc60777ba77b7335ee5f5bb9
Sha1:   8aa1aa255bcfa9a9ace9220097fca892194b575a
Sha256: f5d28dff1f9fe4dad5b4c29afbc55405eb1689130e479514c07526ba8191cae1

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /index_files/index_files_307dlaxtgy.jpg HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 27 Nov 2022 14:54:40 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:43 GMT
ETag: "4ca-5ed8299a7ddc0"
Accept-Ranges: bytes
Content-Length: 1226


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Size:   1226
Md5:    e031944a17a7f14d1d8cc63af5863342
Sha1:   98f51a4d0bbc1c97b2ddef90de12e8ea318611f1
Sha256: c457ad47707b79d056c5c0cd6f7472bc9675250e9af66287cd0dfd687b07ab9b

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /index_files/index_files_305dlaxtgy.jpg HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 27 Nov 2022 14:54:40 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:42 GMT
ETag: "4a6-5ed8299989b80"
Accept-Ranges: bytes
Content-Length: 1190


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Size:   1190
Md5:    c7bd1f13272000da45cf0b4a8f150956
Sha1:   bc5090427926ecfdbbb44e80e097ea1b5cdc7ae5
Sha256: 54bb639a13da8afebe5b08816860eb2ac057b9d46aab5eaf4a1557df2be1a467

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /index_files/index_files_308dlaxtgy.jpg HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 27 Nov 2022 14:54:40 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:43 GMT
ETag: "6f9-5ed8299a7ddc0"
Accept-Ranges: bytes
Content-Length: 1785


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 64x74, components 3\012- data
Size:   1785
Md5:    bae8e0014ada324e1c5f69a914193c1f
Sha1:   0cba70d1b9e4978a3ba4f6236b8d94d4159f5df6
Sha256: 556862126866d05b1563737aff79054162b08074b5fb5540ac8efcc0fb758097

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /index_files/index_files_314dlaxtgy.jpg HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 27 Nov 2022 14:54:40 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:46 GMT
ETag: "511-5ed8299d5a480"
Accept-Ranges: bytes
Content-Length: 1297


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Size:   1297
Md5:    e191757f84ec66956c91bab70431ab22
Sha1:   727563b18e5365d0a845ebfd6a88b4b5d8aeb611
Sha256: 8d668c6f5f477b6f4a6165b5ae30e1bff8483de45ddc90986d74d44843e7f460

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /index_files/index_files_312dlaxtgy.jpg HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 27 Nov 2022 14:54:40 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:45 GMT
ETag: "321-5ed8299c66240"
Accept-Ranges: bytes
Content-Length: 801


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 40x40, components 3\012- data
Size:   801
Md5:    6dd79075db09075c3ab6a53ccaef6024
Sha1:   d841b9e41a0eea59112aa63c4272215a595b8015
Sha256: 503a56457247aa221f5a15fc7e344f146ee0aa79fb9110f9b69617896fd50ae9

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /index_files/index_files_310dlaxtgy.jpg HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 27 Nov 2022 14:54:40 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:45 GMT
ETag: "50e-5ed8299c66240"
Accept-Ranges: bytes
Content-Length: 1294


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Size:   1294
Md5:    ba3a4fb10b5a1b41b147c8dbaf04e200
Sha1:   29e28c199919e5fa8972a7002c75e1143f69fc88
Sha256: 1e1e44262dfd4f85a0de8395905fde8fc2d5bb968da6673503b2547f2d57a2d2

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /index_files/index_files_315dlaxtgy.jpg HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 27 Nov 2022 14:54:40 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:46 GMT
ETag: "3c5-5ed8299d5a480"
Accept-Ranges: bytes
Content-Length: 965


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Size:   965
Md5:    b7ddf78074c19a092eeefbb541020ce4
Sha1:   6c3330523652e54fb1d07bd98e78fba14429e097
Sha256: fbb50aa76fad05ef789019de576cf4db385a55857f1ad6611f9e21cd6fdf2bbc

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /index_files/index_files_av6dlaxtgy.jpg HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 27 Nov 2022 14:54:40 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:47 GMT
ETag: "2f6-5ed8299e4e6c0"
Accept-Ranges: bytes
Content-Length: 758


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Size:   758
Md5:    36eb50f3ce1e3245f28dfcb10df80394
Sha1:   867c952a8ffa81d5e2bb656ecfa2594cfaf65953
Sha256: 154368d5ffbdba901829d363ed1dd6e03d89c2926d928ced61e3079bcb7537a6

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /index_files/index_files_av50dlaxtgy.jpg HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 27 Nov 2022 14:54:40 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:47 GMT
ETag: "31f-5ed8299e4e6c0"
Accept-Ranges: bytes
Content-Length: 799


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Size:   799
Md5:    a187cf633638ffe4e683bf1cf0077a1d
Sha1:   1b3be8f6cf52ed0a9449904227ccf9e87a3fa049
Sha256: 1d7369b5fb036d4ce81c28391d3cdb170845de994ba47872c724cb57f6ad314f

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /index_files/index_files_av7dlaxtgy.jpg HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 27 Nov 2022 14:54:40 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:48 GMT
ETag: "469-5ed8299f42900"
Accept-Ranges: bytes
Content-Length: 1129


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Size:   1129
Md5:    39f65ad4915beb0bbdf5b8197a98a18a
Sha1:   1e36b8660cdc0b782f37625ca44ebdadb8da483e
Sha256: d1326e5c5f0f30d143ff92794daca1da266037455074f5db154ff004ce9034f2

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /index_files/index_files_av8dlaxtgy.jpg HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 27 Nov 2022 14:54:41 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:49 GMT
ETag: "7bf-5ed829a036b40"
Accept-Ranges: bytes
Content-Length: 1983


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 64x64, components 3\012- data
Size:   1983
Md5:    fcf43b35d0018afa6a84539c98ff3c59
Sha1:   a79991996617c8bb86782b0c8e4563c2f6de139d
Sha256: b7afda787d7c02b2bae3156cae43f2ecc3a8e4ba87b5616d6d61d035c577d1d8

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /index_files/index_files_1111dlaxtgy.jpg HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 27 Nov 2022 14:54:41 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:33 GMT
ETag: "525-5ed82990f4740"
Accept-Ranges: bytes
Content-Length: 1317


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Size:   1317
Md5:    67bd7dafca9b46edb679a5580f143e5c
Sha1:   6d1dc86349177e30c3187494832a604d6c7c7383
Sha256: 111ec758e0888747bd3298121d4f318027a8543de036a9aed760e421884052b9

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /index_files/index_files_306dlaxtgy.jpg HTTP/1.1 
Host: df2dmg1qbvzh1k.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df2dmg1qbvzh1k.xyz/?type=really

search
                                         216.18.208.202
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 27 Nov 2022 14:54:41 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:42 GMT
ETag: "54b-5ed8299989b80"
Accept-Ranges: bytes
Content-Length: 1355


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 64x64, components 3\012- data
Size:   1355
Md5:    b621cd83856ccb86aa65d0ee87ebe430
Sha1:   427ce753469629a8b7df9eb5140c6bc400c9351e
Sha256: 05b2330d80ddb0ce7e545d4a476827e6f50332e4956bf2558074cf8d44aaf283

Alerts:
  Blocklists:
    - quad9: Sinkholed