Overview

URLes.triavip.com/camisetas-running.html
IP 93.115.28.104 (Lithuania)
ASN#16125 UAB Cherry Servers
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-04 23:48:24 UTC
StatusLoading report..
IDS alerts0
Blocklist alert16
urlquery alerts No alerts detected
Tags None

Domain Summary (16)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
es.triavip.com (3) 0 2016-10-12 09:37:02 UTC 2022-12-04 18:59:21 UTC 93.115.28.104 Unknown ranking
r3.o.lencr.org (8) 344 No data No data 23.36.77.32
dipaka-ead.com (3) 0 2022-10-31 13:23:43 UTC 2022-12-04 14:19:04 UTC 3.212.50.125 Unknown ranking
fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-12-04 17:40:10 UTC 142.250.74.106
fonts.gstatic.com (1) 0 2014-09-09 00:40:21 UTC 2022-12-04 17:35:43 UTC 142.250.74.35 Domain (gstatic.com) ranked at: 540
ocsp.pki.goog (5) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.131
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-12-04 17:12:40 UTC 34.102.187.140
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 44.238.3.246
cartining-specute.com (1) 0 2021-01-31 23:37:43 UTC 2022-12-04 13:27:45 UTC 18.197.36.77 Unknown ranking
r3.o.lencr.org (8) 344 No data No data 23.33.119.27
megaflirt.life (11) 0 2022-07-18 14:34:41 UTC 2022-12-04 13:11:29 UTC 194.87.208.5 Unknown ranking
ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-12-04 17:12:39 UTC 34.117.237.239
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
btpnav.com (2) 207578 2018-11-21 10:03:33 UTC 2022-12-04 16:25:21 UTC 192.99.158.241

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-12-04 2 megaflirt.life/media/exit-new/exit1.js Phishing
2022-12-04 2 megaflirt.life/media/bb.js Phishing
2022-12-04 2 megaflirt.life/util/utils.js Phishing
2022-12-04 2 megaflirt.life/cookie/js.cookie.js Phishing
2022-12-04 2 megaflirt.life/media/dating/toon2/js/jquery-2.2.4.min.js Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-12-04 2 megaflirt.life Sinkholed
2022-12-04 2 megaflirt.life Sinkholed
2022-12-04 2 megaflirt.life Sinkholed
2022-12-04 2 megaflirt.life Sinkholed
2022-12-04 2 megaflirt.life Sinkholed
2022-12-04 2 megaflirt.life Sinkholed
2022-12-04 2 megaflirt.life Sinkholed
2022-12-04 2 megaflirt.life Sinkholed
2022-12-04 2 megaflirt.life Sinkholed
2022-12-04 2 megaflirt.life Sinkholed
2022-12-04 2 megaflirt.life Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 93.115.28.104
Date UQ / IDS / BL URL IP
2023-02-08 08:01:46 +0000 0 - 2 - 7 filmaijums.net/en-us/movies 93.115.28.104
2023-02-07 11:35:16 +0000 0 - 0 - 2 filmaijums.net/xfsearch/Abel+Tripaldi 93.115.28.104
2023-02-07 04:45:49 +0000 0 - 0 - 1 xieziet.do22.co/skills-of-a-sales-associate.html 93.115.28.104
2023-02-07 02:25:27 +0000 0 - 0 - 1 xieziet.do22.co/firefighter-interview.html 93.115.28.104
2023-02-07 00:59:37 +0000 0 - 2 - 7 q21nz.drofortho.com/ 93.115.28.104


Last 5 reports on ASN: UAB Cherry Servers
Date UQ / IDS / BL URL IP
2023-02-08 08:01:46 +0000 0 - 2 - 7 filmaijums.net/en-us/movies 93.115.28.104
2023-02-07 11:35:16 +0000 0 - 0 - 2 filmaijums.net/xfsearch/Abel+Tripaldi 93.115.28.104
2023-02-07 09:02:24 +0000 0 - 1 - 2 5.199.173.103/t_64.zip 5.199.173.103
2023-02-07 09:02:07 +0000 0 - 1 - 2 5.199.173.103/t.zip 5.199.173.103
2023-02-07 09:02:06 +0000 0 - 3 - 2 5.199.173.103/7za.exe 5.199.173.103


Last 5 reports on domain: triavip.com
Date UQ / IDS / BL URL IP
2023-01-05 06:06:12 +0000 0 - 0 - 1 es.triavip.com/ciclismo.html?limit=30 93.115.28.104
2022-12-12 15:43:48 +0000 0 - 0 - 2 es.triavip.com/nutricion-deportiva.html?dir=a (...) 93.115.28.104
2022-12-08 19:24:40 +0000 0 - 0 - 17 es.triavip.com/tienda-triatlon.html?mode=list 93.115.28.104
2022-12-04 23:48:24 +0000 0 - 0 - 16 es.triavip.com/camisetas-running.html 93.115.28.104
2022-11-26 07:48:49 +0000 0 - 0 - 16 es.triavip.com/banadores-triatlon.html 172.98.192.35


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-02-08 10:46:56 +0000 0 - 2 - 6 govyty.59b61.ev.wy5532.com/ 185.107.56.198
2023-02-08 07:32:17 +0000 0 - 2 - 5 askiven.com/index-of-refraction-of-water.html 69.16.230.42
2023-02-08 05:03:07 +0000 0 - 3 - 5 nubestorder.buzz/ 104.21.47.30
2023-02-07 22:23:22 +0000 0 - 0 - 1 iuyuy.15841.ib.wy5532.com/ 81.171.22.5
2023-02-07 09:11:32 +0000 0 - 4 - 5 methodsformale.life/?u=fy082k7&o=mb2kpbt&cid= (...) 88.198.106.203

JavaScript

Executed Scripts (11)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (48)


Request Response
                                        
                                            GET /camisetas-running.html HTTP/1.1 
Host: es.triavip.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         93.115.28.104
HTTP/1.1 200 OK
content-type: text/html; charset=utf-8
                                        
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 497
date: Sun, 04 Dec 2022 23:48:12 GMT
server: nginx
set-cookie: sid=1dbf1ea0-742e-11ed-a2a6-6f1514f7e69c; path=/; domain=.triavip.com; expires=Sat, 23 Dec 2090 03:02:20 GMT; max-age=2147483647; HttpOnly


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (497), with no line terminators
Size:   497
Md5:    6d01a3c4c176adf06f3b5313d2230ee0
Sha1:   68276e5453ef2cd9b0e279c82d6351070a35c6d1
Sha256: ce0e36665cb04a15996d1b29f8e55e19d664702658e9715bba137034d336c825
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4382
Expires: Mon, 05 Dec 2022 01:01:15 GMT
Date: Sun, 04 Dec 2022 23:48:13 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6417
Cache-Control: max-age=131401
Date: Sun, 04 Dec 2022 23:48:13 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 12:18:14 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10668
Expires: Mon, 05 Dec 2022 02:46:01 GMT
Date: Sun, 04 Dec 2022 23:48:13 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 23:20:09 GMT
cache-control: public,max-age=3600
age: 1684
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: y3q18wBmC60OjKQE0Z19JHkxaJG0P+/bCk9+DPBp9jYdaJzKbN0C5mER06Y7fQa/pTeMjznt0LsLE6OPuZT8kg==
x-amz-request-id: TYYBB1G7T0Y39V6Y
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 23:47:45 GMT
age: 28
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 04 Dec 2022 23:48:13 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: es.triavip.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://es.triavip.com/camisetas-running.html
Cookie: sid=1dbf1ea0-742e-11ed-a2a6-6f1514f7e69c

search
                                         93.115.28.104
HTTP/1.1 404 Not Found
                                        
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 9
date: Sun, 04 Dec 2022 23:48:13 GMT
server: nginx


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   9
Md5:    d8f4a1993546cc4b850cde3599e27aec
Sha1:   094b763b4cfcc0b05e5d040581cd513c3ca08067
Sha256: 907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 04 Dec 2022 23:11:19 GMT
cache-control: public,max-age=3600
age: 2215
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /camisetas-running.html?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3MDIwNDg5MywiaWF0IjoxNjcwMTk3NjkzLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc21ybnQwMGJhaWJmZTcxdjQxOGFqODEiLCJuYmYiOjE2NzAxOTc2OTMsInRzIjoxNjcwMTk3NjkzNDc2NjUwfQ.Ch_hD44g7CK6FFA7VfjdqzkLmxqHuJwQFRoeOeCXndw&sid=1dbf1ea0-742e-11ed-a2a6-6f1514f7e69c HTTP/1.1 
Host: es.triavip.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://es.triavip.com/camisetas-running.html
Cookie: sid=1dbf1ea0-742e-11ed-a2a6-6f1514f7e69c
Upgrade-Insecure-Requests: 1

search
                                         93.115.28.104
HTTP/1.1 302 Found
                                        
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Sun, 04 Dec 2022 23:48:13 GMT
location: http://btpnav.com/click?data=cnJUUDJMQmlPTlRWMTh3bWpSZTl6cDItMFEyVTV4QkN0RUc4U2NtalBOWWs2cVlMYks0MWsxbXJab2hVMGhnOXFUMDF0Vl9kNm5UOTR4TEpZUTVKRmVLQ3RYUDlFakJoZVdpYW51dFMyVVVKMXFxd1dyeWwwZmlTUVo2Z2xzZ2lfLTdPa2M4alR2eFpjTFJsZUl6b0xRMg2&id=412beb5c-77d5-4c36-aff2-54239a0f6a3e
server: nginx
set-cookie: sid=1dbf1ea0-742e-11ed-a2a6-6f1514f7e69c; path=/; domain=.triavip.com; expires=Sat, 23 Dec 2090 03:02:21 GMT; max-age=2147483647; HttpOnly


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   11
Md5:    32682312d17c7cbf18e73594f5570319
Sha1:   60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
Sha256: e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6386
Cache-Control: 'max-age=158059'
Date: Sun, 04 Dec 2022 23:48:14 GMT
Last-Modified: Sun, 04 Dec 2022 22:01:48 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /click?data=cnJUUDJMQmlPTlRWMTh3bWpSZTl6cDItMFEyVTV4QkN0RUc4U2NtalBOWWs2cVlMYks0MWsxbXJab2hVMGhnOXFUMDF0Vl9kNm5UOTR4TEpZUTVKRmVLQ3RYUDlFakJoZVdpYW51dFMyVVVKMXFxd1dyeWwwZmlTUVo2Z2xzZ2lfLTdPa2M4alR2eFpjTFJsZUl6b0xRMg2&id=412beb5c-77d5-4c36-aff2-54239a0f6a3e HTTP/1.1 
Host: btpnav.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://es.triavip.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         192.99.158.241
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Cache-Control: private
Server: Microsoft-IIS/10.0
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
Set-Cookie: bRhyuVlsWmFzQIm=bRhyuVlsWmFzQIm; path=/
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Date: Sun, 04 Dec 2022 23:48:14 GMT
Content-Length: 5441


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (349), with CRLF line terminators
Size:   5441
Md5:    2e60f0164f6025648a9883b076e415f5
Sha1:   56c1d9a2feaa05cdb073b9ef36a99fcdbfe2c051
Sha256: beeb86f1814cae9182dfdb1ab101b01edd7f29a55f27d8f1b617520545f0df80
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: XQ8KNxFJqzDJYwG9Dm3+eQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         44.238.3.246
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: R87V+o6A8+jESMOI4yh9bIpwJzw=

                                        
                                            POST /Redirect/ HTTP/1.1 
Host: btpnav.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 329
Origin: http://btpnav.com
Connection: keep-alive
Referer: http://btpnav.com/click?data=cnJUUDJMQmlPTlRWMTh3bWpSZTl6cDItMFEyVTV4QkN0RUc4U2NtalBOWWs2cVlMYks0MWsxbXJab2hVMGhnOXFUMDF0Vl9kNm5UOTR4TEpZUTVKRmVLQ3RYUDlFakJoZVdpYW51dFMyVVVKMXFxd1dyeWwwZmlTUVo2Z2xzZ2lfLTdPa2M4alR2eFpjTFJsZUl6b0xRMg2&id=412beb5c-77d5-4c36-aff2-54239a0f6a3e
Cookie: bRhyuVlsWmFzQIm=bRhyuVlsWmFzQIm
Upgrade-Insecure-Requests: 1

search
                                         192.99.158.241
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
                                        
Cache-Control: private
Location: http://dipaka-ead.com/zcvisitor/1e151853-742e-11ed-abc9-127bf274ace7/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=50c33cb0-5407-11ed-8dac-0a918cbcbb97
Server: Microsoft-IIS/10.0
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Date: Sun, 04 Dec 2022 23:48:14 GMT
Content-Length: 270


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   270
Md5:    c96b49bb76ce9022919f3a9248d0361f
Sha1:   cde9ae8514519221f0ef732817f2a21f35409fc4
Sha256: ca44505474957ea99f77efd097b5162dc2db70b81d141fdcfd3661fa08adc54a
                                        
                                            GET /zcvisitor/1e151853-742e-11ed-abc9-127bf274ace7/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=50c33cb0-5407-11ed-8dac-0a918cbcbb97 HTTP/1.1 
Host: dipaka-ead.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://btpnav.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         3.212.50.125
HTTP/1.1 200
Content-Type: text/html;charset=UTF-8
                                        
Date: Sun, 04 Dec 2022 23:48:15 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: BvvRxpog


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1100
Md5:    6562717d4c0528f3dccdd50b8f7e5870
Sha1:   3a9070fe95a3135e66d6cb9ad3835bca37941d75
Sha256: 34490dd3b3e4c6bb07a668369a5c7928f94b1ecbd0725414c451bb0f79f09973
                                        
                                            GET /zcredirect?visitid=1e151853-742e-11ed-abc9-127bf274ace7&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1 
Host: dipaka-ead.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dipaka-ead.com/zcvisitor/1e151853-742e-11ed-abc9-127bf274ace7/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=50c33cb0-5407-11ed-8dac-0a918cbcbb97
Upgrade-Insecure-Requests: 1

search
                                         3.212.50.125
HTTP/1.1 200
Content-Type: text/html;charset=UTF-8
                                        
Date: Sun, 04 Dec 2022 23:48:15 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: VapajXGC


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (307)
Size:   700
Md5:    4f10b190928712d091ec6c8f11c40509
Sha1:   f889cb7a6d5fd16691f6d854b25932fc0575a9a1
Sha256: 2b56d267bdcf3c2121a5299c9f6289079de162f7597779885e7dff26e9b09828
                                        
                                            GET /zp-redirect?target=https%3A%2F%2Fmegaflirt.life%2F%3Fu%3Dxunwwwr%26o%3Db0bp0zy%26cid%3Dwfqh24esfqovbnuki357caei&caid=7547a5ef-6f0f-46aa-89e9-08545ec92d28&zpid=1e151853-742e-11ed-abc9-127bf274ace7&cid=wfqh24esfqovbnuki357caei&rt=R HTTP/1.1 
Host: cartining-specute.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dipaka-ead.com/
Cookie: cc-v4=Saey4A8mLSZ1UEIfdhI6ul%2FqlvDvF45578Ic0yDj5AVDQJJrDlwAHRHpyA9aqfKVaMgWjrF9uVYNELKMxYWk4JfqYmMvKzS0VTm3aAd7TkqN1Z1%2BBU6zdmrp9yJegHxwRVLz8tEd%2FnWA1feK3Ffysw%3D%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         18.197.36.77
HTTP/2 302 Found
                                        
server: nginx
date: Sun, 04 Dec 2022 23:48:15 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://megaflirt.life/?u=xunwwwr&o=b0bp0zy&cid=wfqh24esfqovbnuki357caei
pragma: no-cache
set-cookie: cc-v4=dC4Nz9Ull4KZWxdxoRw54sEzaC533kDkeVKymdLShtrXZYfJj%2BCS0IxnPkbhHmAonhTM2RVuoDRCrMt%2F9QzDjQ97TDN87xS45TA3XJ1VBzIKRpU6VpbOKdVNatb6%2FJELKgCNp3l018rPZOpvYteuJg%3D%3D; Max-Age=31536000; Expires=Mon, 04-Dec-2023 23:48:15 GMT; Domain=cartining-specute.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: dipaka-ead.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dipaka-ead.com/zcredirect?visitid=1e151853-742e-11ed-abc9-127bf274ace7&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false

search
                                         3.212.50.125
HTTP/1.1 404
Content-Type: text/html;charset=utf-8
                                        
Date: Sun, 04 Dec 2022 23:48:15 GMT
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: EgYYyhUY


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Size:   653
Md5:    ba2732b1b2fa2626ffaa15f62f9e7d66
Sha1:   203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
Sha256: 879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4924
Expires: Mon, 05 Dec 2022 01:10:19 GMT
Date: Sun, 04 Dec 2022 23:48:15 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5915
Expires: Mon, 05 Dec 2022 01:26:50 GMT
Date: Sun, 04 Dec 2022 23:48:15 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4924
Expires: Mon, 05 Dec 2022 01:10:19 GMT
Date: Sun, 04 Dec 2022 23:48:15 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5915
Expires: Mon, 05 Dec 2022 01:26:50 GMT
Date: Sun, 04 Dec 2022 23:48:15 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5915
Expires: Mon, 05 Dec 2022 01:26:50 GMT
Date: Sun, 04 Dec 2022 23:48:15 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad33fba3-ee62-4ef5-9330-0bd0a142dd92.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6236
x-amzn-requestid: 0215aac5-7c44-43b0-b2e9-baddeed42fe0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjiXEEXiIAMFqIg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ae42d-5961705726e81a4e3b6a91c9;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 05:52:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ToFwGweqIr6TeGKj1mw8gMfun_defm7BE11XM-gKfL5NsEbJKC2iMg==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 22:15:59 GMT
age: 5536
etag: "532cf52021a6cdb7b7963e9108b41590f58276fe"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6236
Md5:    c9e228ec099cad3eea0fb1656da3536f
Sha1:   532cf52021a6cdb7b7963e9108b41590f58276fe
Sha256: 8e54f09dd66fdc35e5f54100cf6c56abf88cb7e724b08092e7ce82720d423135
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff698a5-ffc4-43ea-b7a3-b681cafeb108.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12830
x-amzn-requestid: 66f5f2fa-8472-4484-bbea-20ece7e98b1f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcsxGDyIAMFX4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e51-146167697890d9312ce3dbac;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CYvQg9Tc0rQB9_DoDW4RoLx2GEdMSEaXViCY3qXbijd0P5mMSZWE6Q==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 03:35:27 GMT
age: 72768
etag: "d4924ec714f5157bcb2fddcb5f768188a3dd37dc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12830
Md5:    5d72fb8d20c29763234c2817b119d11b
Sha1:   d4924ec714f5157bcb2fddcb5f768188a3dd37dc
Sha256: e9aa59142e0673ed3f58b36beaca48213c678dbe4655f9c4b64581cb0f6f22f6
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d81855b-98f7-4c0c-bfb4-78957d8c433d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7028
x-amzn-requestid: 4d20bc36-d129-468d-b30d-f6b571d528af
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKz6G86oAMF9oA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abe7f-5f9353c04487352b64ba3bf8;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:11:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: pjwTv-Ry-1NHzZj6N-Mwul76sDeRSpLlVh7azqqqls44kH-mNhnggw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 03:24:11 GMT
age: 73444
etag: "973e77db7fb34c60e08719dc7196d865e8831cb2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7028
Md5:    9b475d52dd164b9cc0efbecfd58282b6
Sha1:   973e77db7fb34c60e08719dc7196d865e8831cb2
Sha256: 3985e24217a2bd811a0ea9bf0223eb0cda31604986f3467fae028a086a8b827e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50c0f516-113b-498b-a6f2-9f0a076ff423.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7853
x-amzn-requestid: fa079a7e-1e93-41d6-bb16-2703077a0cb8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGrKEGFoAMFnBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6388517a-076131847c129c197e84901b;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:02:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Cri6Vf6-INRisbFQ4ITZ7f8RIvomQXQ-TjkjWAOkkUhmI1yhHIbTYA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 08:10:52 GMT
age: 56243
etag: "f5ed5d03e6969f81349ad78fde0e71390a4ed391"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7853
Md5:    dafdb4fe91795a9e16baebb085ccd818
Sha1:   f5ed5d03e6969f81349ad78fde0e71390a4ed391
Sha256: f535ce45d68317bad15513d3cd3d21d2c0ef12e93d6ac19cc07b704ee1651f51
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2955536-4372-40c4-bbce-37f3da5c8a64.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10031
x-amzn-requestid: ca6c11c5-8842-4ffb-bb9e-5351c4e60c5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjY0CGUVIAMFxog=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ad4e6-4282be9f505aa5764e9b1fa2;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 04:47:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: vg9n0d9YqjfrKwJHGGcztV4gsGENhNYUuC1HUmWFsxRlDdMSpV4IQw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 15:58:47 GMT
age: 28168
etag: "cd754bb6094d2e456b95dce8daace45a0de8a121"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10031
Md5:    bb029b41d342a82250aef6d6f713be6e
Sha1:   cd754bb6094d2e456b95dce8daace45a0de8a121
Sha256: c16e364547c9e7a3c487b614073d59c7c495c5e5387b75136afab0dc68bebca4
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba66ee21-e2f8-434c-a2b3-004950fdfd58.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11253
x-amzn-requestid: e0561a00-8657-4af0-b24c-08b328282f79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_wKE9coAMFjmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1334-2844266d51d5c5672f34ff61;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: v2OgP5Rhp06ijoZU2F8vOhLjBfHdBMPa2mOIg6EiYJrgCRbrKgJz2g==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:52:07 GMT
age: 6968
etag: "c314368e2e73dabf2c5d856e2c3e1fae610a3005"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11253
Md5:    557fea28a0a540d2ffdadd828e03de0b
Sha1:   c314368e2e73dabf2c5d856e2c3e1fae610a3005
Sha256: 0fdd195911cdfff46a6dd8ba7b760953e5317fd7ee88abf1e19458518979fdee
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EB2F3E6F49809176BCD71BCD1AB6EB87F2101E00D3028E196D3E096377BEA8B6"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 05 Dec 2022 05:48:16 GMT
Date: Sun, 04 Dec 2022 23:48:16 GMT
Connection: keep-alive

                                        
                                            GET /?u=xunwwwr&o=b0bp0zy&cid=wfqh24esfqovbnuki357caei HTTP/1.1 
Host: megaflirt.life
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://dipaka-ead.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         194.87.208.5
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx
Date: Sun, 04 Dec 2022 23:48:16 GMT
Content-Length: 7215
Connection: keep-alive
set-cookie: sid=t1~055zalkphnq131bbhbyy2bb0; path=/
cache-control: private, no-transform


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (531), with CRLF line terminators
Size:   7215
Md5:    e48190ae1877d019cb6afdca9e7c5acf
Sha1:   ad8cf572b5bf3186ee9ccd2876326e89e897e9d9
Sha256: 7faacd4f7d771505e2b2c568473ad09d5b6ca05ae62b0fdc8beed2cf8477d67f

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /media/dating/toon2/css/animate.min.css HTTP/1.1 
Host: megaflirt.life
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaflirt.life/?u=xunwwwr&o=b0bp0zy&cid=wfqh24esfqovbnuki357caei
Cookie: sid=t1~055zalkphnq131bbhbyy2bb0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.208.5
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Sun, 04 Dec 2022 23:48:16 GMT
Content-Length: 52789
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "178b651958ceff556cbc5f355e08bbf1"
Last-Modified: Wed, 31 Aug 2022 09:34:40 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172DBB0BE2B6A8FE
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 04 Dec 2023 23:48:16 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (52592)
Size:   52789
Md5:    178b651958ceff556cbc5f355e08bbf1
Sha1:   97afa151569f046b2e01f27c1871646e9cd87caf
Sha256: 8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /media/exit-new/exit1.js HTTP/1.1 
Host: megaflirt.life
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaflirt.life/?u=xunwwwr&o=b0bp0zy&cid=wfqh24esfqovbnuki357caei
Cookie: sid=t1~055zalkphnq131bbhbyy2bb0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.208.5
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 04 Dec 2022 23:48:16 GMT
Content-Length: 3473
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "625e5e2950612f771e246beb33c9ea61"
Last-Modified: Wed, 31 Aug 2022 09:34:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172DBB545944701F
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 04 Dec 2023 23:48:16 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (641), with CRLF line terminators
Size:   3473
Md5:    625e5e2950612f771e246beb33c9ea61
Sha1:   e4fc251c6c000496c285f8dc3fa097040b031681
Sha256: 618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46

Alerts:
  Blocklists:
    - fortinet: Phishing
    - quad9: Sinkholed
                                        
                                            GET /media/bb.js HTTP/1.1 
Host: megaflirt.life
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaflirt.life/?u=xunwwwr&o=b0bp0zy&cid=wfqh24esfqovbnuki357caei
Cookie: sid=t1~055zalkphnq131bbhbyy2bb0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.208.5
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 04 Dec 2022 23:48:16 GMT
Content-Length: 639
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "0d553e4bac91c74bfee2dbabba61e99e"
Last-Modified: Wed, 31 Aug 2022 09:32:33 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172DBB283330637E
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 04 Dec 2023 23:48:16 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (639), with no line terminators
Size:   639
Md5:    0d553e4bac91c74bfee2dbabba61e99e
Sha1:   5af71e2377c9c012a7826a695f2724901941b19b
Sha256: 1be1304c675449b1bad38ea8c3da6c1da0763ed2fad339ee1aa461c7bf4e2a68

Alerts:
  Blocklists:
    - fortinet: Phishing
    - quad9: Sinkholed
                                        
                                            GET /util/utils.js HTTP/1.1 
Host: megaflirt.life
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaflirt.life/?u=xunwwwr&o=b0bp0zy&cid=wfqh24esfqovbnuki357caei
Cookie: sid=t1~055zalkphnq131bbhbyy2bb0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.208.5
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 04 Dec 2022 23:48:16 GMT
Content-Length: 7512
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "01816d15ca03032751161a746e2fb7c3"
Last-Modified: Wed, 31 Aug 2022 09:38:20 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172DBADFCDD04FD1
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 04 Dec 2023 23:48:16 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (641), with CRLF line terminators
Size:   7512
Md5:    01816d15ca03032751161a746e2fb7c3
Sha1:   dcc72ea5fa1356490ba473288159df9786b4a3c3
Sha256: 8b3c83a330bf1120a13eff6ef60c1e268b827b7bc49b42a7a1f5d8ad6941f2ea

Alerts:
  Blocklists:
    - fortinet: Phishing
    - quad9: Sinkholed
                                        
                                            GET /media/dating/toon2/css/style.css HTTP/1.1 
Host: megaflirt.life
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaflirt.life/?u=xunwwwr&o=b0bp0zy&cid=wfqh24esfqovbnuki357caei
Cookie: sid=t1~055zalkphnq131bbhbyy2bb0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.208.5
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Sun, 04 Dec 2022 23:48:16 GMT
Content-Length: 8608
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "549edaff59c582a6a3ca91f95c60ea71"
Last-Modified: Wed, 31 Aug 2022 09:34:40 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172DBB0BFB08A5EF
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 04 Dec 2023 23:48:16 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   8608
Md5:    549edaff59c582a6a3ca91f95c60ea71
Sha1:   a9edcba7d667efcfd812bcd413ccbdcb2b67cc88
Sha256: b28722475035fc8fdc751034c2df8f49d66eb25cf28cf031c4e7357414a131da

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /cookie/js.cookie.js HTTP/1.1 
Host: megaflirt.life
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaflirt.life/?u=xunwwwr&o=b0bp0zy&cid=wfqh24esfqovbnuki357caei
Cookie: sid=t1~055zalkphnq131bbhbyy2bb0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.208.5
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 04 Dec 2022 23:48:16 GMT
Content-Length: 4264
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "a7e9883924072f15259de6888d5ef515"
Last-Modified: Wed, 31 Aug 2022 09:31:17 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172DBB0657A1149E
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 04 Dec 2023 23:48:16 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (1709), with CRLF line terminators
Size:   4264
Md5:    a7e9883924072f15259de6888d5ef515
Sha1:   7f4f6e5938e68f55aef81e0cd0145f008cd28382
Sha256: 985659942ab60a92b3c0a7f876d9ef60e8f048ff655a622a172fa4b44f901b6c

Alerts:
  Blocklists:
    - fortinet: Phishing
    - quad9: Sinkholed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 23:48:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /media/dating/toon2/js/jquery-2.2.4.min.js HTTP/1.1 
Host: megaflirt.life
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaflirt.life/?u=xunwwwr&o=b0bp0zy&cid=wfqh24esfqovbnuki357caei
Cookie: sid=t1~055zalkphnq131bbhbyy2bb0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.208.5
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 04 Dec 2022 23:48:16 GMT
Content-Length: 85578
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "2f6b11a7e914718e0290410e85366fe9"
Last-Modified: Wed, 31 Aug 2022 09:34:40 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172DBB0C1542CA5C
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 04 Dec 2023 23:48:16 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (32065)
Size:   85578
Md5:    2f6b11a7e914718e0290410e85366fe9
Sha1:   69bb69e25ca7d5ef0935317584e6153f3fd9a88c
Sha256: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Alerts:
  Blocklists:
    - fortinet: Phishing
    - quad9: Sinkholed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 23:48:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 23:48:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 23:48:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /media/dating/toon2/images/123.jpg HTTP/1.1 
Host: megaflirt.life
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaflirt.life/?u=xunwwwr&o=b0bp0zy&cid=wfqh24esfqovbnuki357caei
Cookie: sid=t1~055zalkphnq131bbhbyy2bb0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.208.5
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Sun, 04 Dec 2022 23:48:16 GMT
Content-Length: 179176
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "a2d245e1c43c61ca34bea001510dd6d9"
Last-Modified: Wed, 31 Aug 2022 09:34:40 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172DBB0C26C3356C
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 04 Dec 2023 23:48:16 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1069, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=620], progressive, precision 8, 620x1032, components 3\012- data
Size:   179176
Md5:    a2d245e1c43c61ca34bea001510dd6d9
Sha1:   7a7e0dbf8bb132958fecd093e6741ffe49d060b5
Sha256: f6113b1f6bdd279404fd53c920f6ba411b66a897db4c67e16d2129af22370a57

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext,latin-ext HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaflirt.life/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 04 Dec 2022 23:48:16 GMT
date: Sun, 04 Dec 2022 23:48:16 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   24426
Md5:    aab7015aff882787323be7700b497d3f
Sha1:   3ba0c56ad624f1530bb01a5a12493234cb12a741
Sha256: 536e7d38aafc92b68e9b23d9173a960cb5d80e40f9bacdf23c6fb860e9f4e6a7
                                        
                                            GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://megaflirt.life
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.35
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 17:11:08 GMT
expires: Wed, 29 Nov 2023 17:11:08 GMT
cache-control: public, max-age=31536000
age: 455828
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Size:   23580
Md5:    e1b3b5908c9cf23dfb2b9c52b9a023ab
Sha1:   fcd4136085f2a03481d9958cc6793a5ed98e714c
Sha256: 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 23:48:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /media/dating/toon2/images/bg.jpg HTTP/1.1 
Host: megaflirt.life
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaflirt.life/media/dating/toon2/css/style.css
Cookie: sid=t1~055zalkphnq131bbhbyy2bb0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.208.5
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Sun, 04 Dec 2022 23:48:16 GMT
Content-Length: 119754
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "842a5629f17ec8342230aa12ea32291a"
Last-Modified: Wed, 31 Aug 2022 09:34:40 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172DBB0C295218AA
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 04 Dec 2023 23:48:16 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=660, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1279], progressive, precision 8, 1279x660, components 3\012- data
Size:   119754
Md5:    842a5629f17ec8342230aa12ea32291a
Sha1:   0f2390a3eda1a71d676f1cd1866956fef8e77090
Sha256: 1c7361fcec43aecb4c517914dde9ecbf1fe1aaa0969411a7a383391236f335f4

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: megaflirt.life
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaflirt.life/?u=xunwwwr&o=b0bp0zy&cid=wfqh24esfqovbnuki357caei
Cookie: sid=t1~055zalkphnq131bbhbyy2bb0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.208.5
HTTP/1.1 204 No Content
                                        
Server: nginx
Date: Sun, 04 Dec 2022 23:48:17 GMT
Connection: keep-alive
Cache-Control: no-transform


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed