bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111
301 Moved Permanently 369 B URL HTTP/1.1 bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111
IP
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e96e646e97533b83fbdc2965a18b2cfc
3d50cc7f76681ac66bd7883c9f3f00d95f697554
87c132f25a6747ebd6f4e2b0e1be16e1f4f35be649cfa1ea6c6413791189022d
GET /aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111 HTTP/1.1
Host: bodytouch.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 14 Nov 2022 18:50:50 GMT
Server: Apache/2.4.41 (Ubuntu)
Location: https://bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111
Content-Length: 369
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7786cd9bd97e024b3a1d16215defaad2
786ddbb74b0b6bd9270622dbe0258d6caee407c1
9c297ccfd178eec7e472fb64a6b2e34d4c7a6dec32870f49982353e590196ba0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C297CCFD178EEC7E472FB64A6B2E34D4C7A6DEC32870F49982353E590196BA0"
Last-Modified: Mon, 14 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3395
Expires: Mon, 14 Nov 2022 19:47:25 GMT
Date: Mon, 14 Nov 2022 18:50:50 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 832aecaba9f06ee2d39d4d4bea65f13c
7195d6ffadfdbc6fc8e92c63ae28d4a3038a72dc
a437509314a97065de6c7b9e5e2b4b61f0234b45f5f5bf2649cbdf499577bfd3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6491
Cache-Control: max-age=149318
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 18:50:50 GMT
Etag: "637218f5-1d7"
Expires: Wed, 16 Nov 2022 12:19:28 GMT
Last-Modified: Mon, 14 Nov 2022 10:31:17 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4736bac84ca28f2b1e961159fb4ea098
1319612979f53896fcfeacd4215c2715d4951e4c
5e81213e111ddf68c7f884f72b4e06fc4dc95eb902c3cf0762236b2418840dba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 14 Nov 2022 18:44:16 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 394
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8c15cef160d1514fc977ed4c4e97086c
ffe4ce3199658a1fc7a45d1607df40ef3911621d
db1a82d8a2bacc0257b87efec0c365c1b769700fa27ce928321e082505f1d72a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DB1A82D8A2BACC0257B87EFEC0C365C1B769700FA27CE928321E082505F1D72A"
Last-Modified: Sun, 13 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6095
Expires: Mon, 14 Nov 2022 20:32:25 GMT
Date: Mon, 14 Nov 2022 18:50:50 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 1ApGvt/kBtewFG//aTxGvh/Vf5fAg8+Ohvi0tLo4NDLb6hXH91SG9fHpevtNgKi8Lr/c9xQUyOA=
x-amz-request-id: H1W70HQYX8RX2DXF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 14 Nov 2022 17:51:12 GMT
age: 3578
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 14 Nov 2022 18:50:50 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cc027f023e9bd0ef42721b58b974aed0
ee03b1e9d9932e0da7e061b36ef429a73d4dca6c
bc1a00ce8679ade0b6ab8690c4bf66a8a27f342fb52920550749a8a21a9fcaa1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BC1A00CE8679ADE0B6AB8690C4BF66A8A27F342FB52920550749A8A21A9FCAA1"
Last-Modified: Mon, 14 Nov 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 15 Nov 2022 00:50:51 GMT
Date: Mon, 14 Nov 2022 18:50:51 GMT
Connection: keep-alive
bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111
301 Moved Permanently 371 B URL HTTP/1.1 bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111
IP
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 171773c89dc10afd610de7efc58bb351
551467f1789ea54c9003acf4089e64fdcb3a48cb
13b20295d9f347f10456ede3098dfa97b9ceb0439cf8217f8b70cef18568ad1a
GET /aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111 HTTP/1.1
Host: bodytouch.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Date: Mon, 14 Nov 2022 18:50:51 GMT
Server: Apache/2.4.41 (Ubuntu)
Location: https://bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/
Content-Length: 371
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Cache-Control, Pragma, Last-Modified, ETag, Alert, Backoff, Content-Type, Retry-After, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 14 Nov 2022 18:44:48 GMT
cache-control: public,max-age=3600
age: 363
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/
200 OK 16 kB URL HTTP/1.1 bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/
IP
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 8cae891d00a76ddadaf94fa16fb52697
142a8be13c2960fefc4efbd2abbe118b416b9a8f
b59a7e08db937a51a40c2844923f2d6942188ccce9f837ccff6c44bda384f586
GET /aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/ HTTP/1.1
Host: bodytouch.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 18:50:51 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 14 Nov 2022 18:48:50 GMT
ETag: "15795-5ed72b0b10880-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 16271
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html
ocsp.digicert.com/
200 OK 471 B IP
Hash 3200044057cb585f1a435c0efece61c8
8305d5b5891288aa9996b4b4ca6fce2265413194
df45704534a24928e7659a6d8cd1b5ac9ffa9b224b02b34a2d6aed5ef69fd586
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4982
Cache-Control: max-age=142752
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 18:50:51 GMT
Etag: "63720535-1d7"
Expires: Wed, 16 Nov 2022 10:30:03 GMT
Last-Modified: Mon, 14 Nov 2022 09:07:01 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 279 B IP
Hash 34f976ad436e17a2aa284b0a9fb9f6fa
ef6eef563d855b72ea08c1046974f5cc7894461a
d69ba01e7d7a7f201542e43a9fe53b0661c65f2b8d489aa4672aa567fecf6db2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3465
Cache-Control: max-age=133695
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 18:50:51 GMT
Etag: "6371e7c1-117"
Expires: Wed, 16 Nov 2022 07:59:06 GMT
Last-Modified: Mon, 14 Nov 2022 07:01:21 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash 34f976ad436e17a2aa284b0a9fb9f6fa
ef6eef563d855b72ea08c1046974f5cc7894461a
d69ba01e7d7a7f201542e43a9fe53b0661c65f2b8d489aa4672aa567fecf6db2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5185
Cache-Control: max-age=135415
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 18:50:51 GMT
Etag: "6371e7c1-117"
Expires: Wed, 16 Nov 2022 08:27:46 GMT
Last-Modified: Mon, 14 Nov 2022 07:01:21 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash 34f976ad436e17a2aa284b0a9fb9f6fa
ef6eef563d855b72ea08c1046974f5cc7894461a
d69ba01e7d7a7f201542e43a9fe53b0661c65f2b8d489aa4672aa567fecf6db2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3343
Cache-Control: max-age=133573
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 18:50:51 GMT
Etag: "6371e7c1-117"
Expires: Wed, 16 Nov 2022 07:57:04 GMT
Last-Modified: Mon, 14 Nov 2022 07:01:21 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 1af800aa2b326e8af0f2640db68a7a0d
4c617814f5c705737bf4bf111c53bf40bb932af5
594f573b6e73b1d385ae75a518c18a0bb833ac4a3f894fcea377096c756f8cc1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 18:50:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnjs.cloudflare.com/ajax/libs/froala-editor/2.8.5/css/froala_style.min.css
200 OK 1.4 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/froala-editor/2.8.5/css/froala_style.min.css
IP
File type ASCII text, with very long lines (7048)
Hash aa3b4ed7478b3a40f2409188a0c9fdab
1b4efc2536689dde7205f6eb81766b6ad54ada8f
80db261e2480e9541813923e022ea7d0dceece776b3aa606216545a1ba272d26
GET /ajax/libs/froala-editor/2.8.5/css/froala_style.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodytouch.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 14 Nov 2022 18:50:51 GMT
content-type: text/css; charset=utf-8
content-length: 1380
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e6a-1c28"
last-modified: Mon, 04 May 2020 16:10:18 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 13738715
expires: Sat, 04 Nov 2023 18:50:51 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dYpXWS19%2Bpo7WX9iNDKVnptXDRqx2cBiSuu2HpcgJvbui%2BfWcChTNWjFWkN9Bc%2B%2BDXCRY47ZrgnvqC4Xl0Na9TH8l76Y9rZ8SsclrPlYoZ5xfJKatyU1IE24AEJmdPZtN7%2Fwgl5Z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76a1ef69090b0b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-242572046-1
200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-242572046-1
IP
File type ASCII text, with very long lines (1921)
Hash 3f8cc1f6e4664ebec6f7ebe571af6ade
92cf5dcf929489d3ad2e2eb25f1958fae76ecc57
c4b6c51ab7897937db7dbadc91b07b9149f83305a942050763dd4445a8d800cd
GET /gtag/js?id=UA-242572046-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodytouch.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 14 Nov 2022 18:50:51 GMT
expires: Mon, 14 Nov 2022 18:50:51 GMT
cache-control: private, max-age=900
last-modified: Mon, 14 Nov 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43684
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 34f976ad436e17a2aa284b0a9fb9f6fa
ef6eef563d855b72ea08c1046974f5cc7894461a
d69ba01e7d7a7f201542e43a9fe53b0661c65f2b8d489aa4672aa567fecf6db2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3465
Cache-Control: max-age=133695
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 18:50:51 GMT
Etag: "6371e7c1-117"
Expires: Wed, 16 Nov 2022 07:59:06 GMT
Last-Modified: Mon, 14 Nov 2022 07:01:21 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/jquery.min.js
200 OK 30 kB URL HTTP/1.1 bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/jquery.min.js
IP
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (32180)
Hash 19bb042b362be9d52a6a4afc1c79f0e1
2c27f676226825381f7a830e65b4d17c02c0c949
bca4f1d8bfca3a6b297d78b33fa24bf8fe780e8aa6ecaff9d116c3f6abeb2ed8
GET /aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/jquery.min.js HTTP/1.1
Host: bodytouch.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 18:50:51 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 14 Nov 2022 18:48:50 GMT
ETag: "14983-5ed72b0b10880-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 29547
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 1af800aa2b326e8af0f2640db68a7a0d
4c617814f5c705737bf4bf111c53bf40bb932af5
594f573b6e73b1d385ae75a518c18a0bb833ac4a3f894fcea377096c756f8cc1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 18:50:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/5f205bb74a5eb_v.css
200 OK 3.7 kB URL HTTP/1.1 bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/5f205bb74a5eb_v.css
IP
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with CRLF line terminators
Hash 65a3b5c94ca89204aaa8cc25bdcfcf6c
d450667e42e5b8d1ed389289cc31ee25d01469d1
8660ae0132925827c39deab774ddf74c25b78e5389e131c7a08a9f4367858dea
GET /aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/5f205bb74a5eb_v.css HTTP/1.1
Host: bodytouch.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 18:50:51 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 14 Nov 2022 18:48:52 GMT
ETag: "61e3-5ed72b0cf8d00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3708
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/5f205bb63ccd2_v.css
200 OK 0 B URL HTTP/1.1 bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/5f205bb63ccd2_v.css
IP
ASN #14061 DIGITALOCEAN-ASN
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery Scam - Fake AntiVirus
urlquery Scam - Fake AntiVirus
GET /aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/5f205bb63ccd2_v.css HTTP/1.1
Host: bodytouch.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 18:50:51 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 14 Nov 2022 18:48:52 GMT
ETag: "0-5ed72b0cf8d00"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash b2d6aeeb303eaefc4cc6900e30da3b1b
4c3c027013211aa1b987006d0eb6c72f18c6a657
f542eab7c032d6c5f59710ee8993a01537e0fa2bf3882a6a699de85bba020999
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 18:50:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/5f205bc497791_v.css
200 OK 67 B URL HTTP/1.1 bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/5f205bc497791_v.css
IP
ASN #14061 DIGITALOCEAN-ASN
Hash 63b00463b943556bac81bdcfc377dfc3
7f51e39070eb10fa13181a72f39275cf3f549f9b
155b548ccf8efe104619bd351c8ee01421b5e70c40e2b4ad3e5b43fb913f9ead
Analyzer Verdict Alert urlquery Scam - Fake AntiVirus
urlquery Scam - Fake AntiVirus
GET /aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/5f205bc497791_v.css HTTP/1.1
Host: bodytouch.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 18:50:51 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 14 Nov 2022 18:48:52 GMT
ETag: "4b-5ed72b0cf8d00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 67
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: bi47dZ83zgyz9vVroQRCKQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: /mIT+j/ScPGDS8IuLYPXiNA9xMw=
bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/5f205bbb6fc7d_v.gif
200 OK 102 B URL HTTP/1.1 bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/5f205bbb6fc7d_v.gif
IP
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 24 x 9\012- data
Hash ef14d57c065fdbd3c66d017a729ca91f
2e7b72d674361a9c2b41767ccfbed2486e6695dd
6fcbfcda8a36536a0f9b0bc8c4a6ca451d9bafd4a879d56697e48e209691ba36
Analyzer Verdict Alert urlquery Scam - Fake AntiVirus
urlquery Scam - Fake AntiVirus
GET /aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/5f205bbb6fc7d_v.gif HTTP/1.1
Host: bodytouch.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 18:50:51 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 14 Nov 2022 18:48:52 GMT
ETag: "66-5ed72b0cf8d00"
Accept-Ranges: bytes
Content-Length: 102
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/gif
bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/microsoft.png
200 OK 1.0 kB URL HTTP/1.1 bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/microsoft.png
IP
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 47 x 46, 8-bit/color RGBA, non-interlaced\012- data
Hash bf2b460590fbb9d8e9611a6e9006b816
561e1dab259d61e798b3ce380527b71b61074ff3
ee4bc5fe81fa7c1e8497d79c9c8a96485df217092d334e9b48fa8840fed11d03
Analyzer Verdict Alert urlquery Scam - Fake AntiVirus
urlquery Scam - Fake AntiVirus
GET /aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/microsoft.png HTTP/1.1
Host: bodytouch.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 18:50:51 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 14 Nov 2022 18:48:50 GMT
ETag: "415-5ed72b0b10880"
Accept-Ranges: bytes
Content-Length: 1045
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/5f205bc1a74d5_v.gif
200 OK 69 B URL HTTP/1.1 bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/5f205bc1a74d5_v.gif
IP
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 16 x 16\012- data
Hash 3ae573d079dcd1d2da4086f2c0c72c45
e7c9dabec81379373476ed23168dcecb9b8c56aa
9cce08ab28e94790cf78c87e37f8690acbc6c535e4b43ae7b38506b94538e107
Analyzer Verdict Alert urlquery Scam - Fake AntiVirus
urlquery Scam - Fake AntiVirus
GET /aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/5f205bc1a74d5_v.gif HTTP/1.1
Host: bodytouch.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 18:50:51 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 14 Nov 2022 18:48:52 GMT
ETag: "45-5ed72b0cf8d00"
Accept-Ranges: bytes
Content-Length: 69
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/gif
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash b2d6aeeb303eaefc4cc6900e30da3b1b
4c3c027013211aa1b987006d0eb6c72f18c6a657
f542eab7c032d6c5f59710ee8993a01537e0fa2bf3882a6a699de85bba020999
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 18:50:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/5f205bbe46967_v.png
200 OK 293 B URL HTTP/1.1 bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/5f205bbe46967_v.png
IP
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced\012- data
Hash 9eb68d2ce05c151bda542a7a6356e22c
baeeefe4a7ac657c10a5f081841015de1bcf90dd
2d2b7040bc32b397c3c60d800de9aa7d86404f1874862eba61bdaa21f1523eb7
Analyzer Verdict Alert urlquery Scam - Fake AntiVirus
urlquery Scam - Fake AntiVirus
GET /aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/5f205bbe46967_v.png HTTP/1.1
Host: bodytouch.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 18:50:51 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 14 Nov 2022 18:48:52 GMT
ETag: "125-5ed72b0cf8d00"
Accept-Ranges: bytes
Content-Length: 293
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/5f205bba58587_v.png
200 OK 128 B URL HTTP/1.1 bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/5f205bba58587_v.png
IP
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced\012- data
Hash 0bb86caf792dd7d24731c18cd37bb68e
dda1e433a0eaf785b2aa2c6214d5e48cb82a3a25
2ac27821ba64d645f36e2ad197492d30c11b10a032cc474554679555f4604622
Analyzer Verdict Alert urlquery Scam - Fake AntiVirus
urlquery Scam - Fake AntiVirus
GET /aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/5f205bba58587_v.png HTTP/1.1
Host: bodytouch.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 18:50:51 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 14 Nov 2022 18:48:52 GMT
ETag: "80-5ed72b0cf8d00"
Accept-Ranges: bytes
Content-Length: 128
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/5f205bbf6a050_v.gif
200 OK 1.2 kB URL HTTP/1.1 bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/5f205bbf6a050_v.gif
IP
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 29 x 29\012- data
Hash 6d0c71ad95c413318e0946960a597318
297fa9d7797afcb90cb49adb045b673672b360ec
f2b1758e4d68018096355641f5e7163b0df07efc85e9c3513e51949a75c0446d
Analyzer Verdict Alert urlquery Scam - Fake AntiVirus
urlquery Scam - Fake AntiVirus
GET /aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/5f205bbf6a050_v.gif HTTP/1.1
Host: bodytouch.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 18:50:51 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 14 Nov 2022 18:48:52 GMT
ETag: "4dd-5ed72b0cf8d00"
Accept-Ranges: bytes
Content-Length: 1245
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/gif
bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/5f205bbae3ed9_v.png
200 OK 349 B URL HTTP/1.1 bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/5f205bbae3ed9_v.png
IP
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 13 x 13, 8-bit/color RGB, non-interlaced\012- data
Hash 7454c652e0733d92de6c920c2d646ae0
34a5bd8c7401f95e346895b0e5ccffbf0e9ad638
44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7
Analyzer Verdict Alert urlquery Scam - Fake AntiVirus
urlquery Scam - Fake AntiVirus
GET /aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/5f205bbae3ed9_v.png HTTP/1.1
Host: bodytouch.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 18:50:52 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 14 Nov 2022 18:48:52 GMT
ETag: "15d-5ed72b0cf8d00"
Accept-Ranges: bytes
Content-Length: 349
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 35ad471bf7f157abedbe322e59bb00ae
6f8c57f1c20377b6a1f74fd06849705a6370e291
b51251f347677a52f08a4a7c0d9ff0effed121992b6dc7fa709e33c400042e63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 18:50:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/5f205bb9bf55a_v.gif
200 OK 1.8 kB URL HTTP/1.1 bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/5f205bb9bf55a_v.gif
IP
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 120 x 97\012- data
Hash 8806694db55d271b6c836433d103afcd
a532ae846499ffa93bd6ed8baafcbdabb2cc8da1
989f955c24583be00defab08c4cf80b17fe4c12756686359367144f0506eb8b8
Analyzer Verdict Alert urlquery Scam - Fake AntiVirus
urlquery Scam - Fake AntiVirus
GET /aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/5f205bb9bf55a_v.gif HTTP/1.1
Host: bodytouch.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 18:50:52 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 14 Nov 2022 18:48:52 GMT
ETag: "6f0-5ed72b0cf8d00"
Accept-Ranges: bytes
Content-Length: 1776
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/gif
bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/5f205bbbf25aa_v.gif
200 OK 1.5 kB URL HTTP/1.1 bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/5f205bbbf25aa_v.gif
IP
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 80 x 65\012- data
Hash 0d3c4efabb6072ec3312574009be3ef8
02d319a4e46538bcadcc5122883e1a0c3e94c123
45a676a0eb476e7706e0187d975b612f51f3bb4c26596f991d55f5e68fbef3e3
Analyzer Verdict Alert urlquery Scam - Fake AntiVirus
urlquery Scam - Fake AntiVirus
GET /aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/5f205bbbf25aa_v.gif HTTP/1.1
Host: bodytouch.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 18:50:52 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 14 Nov 2022 18:48:52 GMT
ETag: "5e2-5ed72b0cf8d00"
Accept-Ranges: bytes
Content-Length: 1506
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/gif
bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/microsoft.jpg
200 OK 2.0 kB URL HTTP/1.1 bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/microsoft.jpg
IP
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 47x46, components 3\012- data
Hash 513307d24832cc64115e69c57dd4f69a
ba2e4718f5dec696d5e1e9ab95361f5dfb337f23
f70249b342aecd9e3d2367aea39df606e92562f9d7945ad8849b36cd3e3a85a1
Analyzer Verdict Alert urlquery Scam - Fake AntiVirus
urlquery Scam - Fake AntiVirus
GET /aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/microsoft.jpg HTTP/1.1
Host: bodytouch.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 18:50:52 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 14 Nov 2022 18:48:50 GMT
ETag: "7d4-5ed72b0b10880"
Accept-Ranges: bytes
Content-Length: 2004
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 35ad471bf7f157abedbe322e59bb00ae
6f8c57f1c20377b6a1f74fd06849705a6370e291
b51251f347677a52f08a4a7c0d9ff0effed121992b6dc7fa709e33c400042e63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 18:50:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 35ad471bf7f157abedbe322e59bb00ae
6f8c57f1c20377b6a1f74fd06849705a6370e291
b51251f347677a52f08a4a7c0d9ff0effed121992b6dc7fa709e33c400042e63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 18:50:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/5f205bbdae210_v.png
200 OK 364 B URL HTTP/1.1 bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/5f205bbdae210_v.png
IP
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced\012- data
Hash e144c3378090087c8ce129a30cb6cb4e
59da5466551de941d0215e45c54aa2ceaf436be1
b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a
Analyzer Verdict Alert urlquery Scam - Fake AntiVirus
urlquery Scam - Fake AntiVirus
GET /aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/5f205bbdae210_v.png HTTP/1.1
Host: bodytouch.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 18:50:52 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 14 Nov 2022 18:48:52 GMT
ETag: "16c-5ed72b0cf8d00"
Accept-Ranges: bytes
Content-Length: 364
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Analyzer Verdict Alert urlquery Scam - Fake AntiVirus
urlquery Scam - Fake AntiVirus
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bodytouch.site
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 21:48:50 GMT
expires: Thu, 09 Nov 2023 21:48:50 GMT
cache-control: public, max-age=31536000
age: 421322
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
200 OK 8.0 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Hash 72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Analyzer Verdict Alert urlquery Scam - Fake AntiVirus
urlquery Scam - Fake AntiVirus
GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bodytouch.site
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Nov 2022 14:43:52 GMT
expires: Wed, 08 Nov 2023 14:43:52 GMT
cache-control: public, max-age=31536000
age: 533220
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Analyzer Verdict Alert urlquery Scam - Fake AntiVirus
urlquery Scam - Fake AntiVirus
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bodytouch.site
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 19:30:59 GMT
expires: Thu, 09 Nov 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 429593
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 35ad471bf7f157abedbe322e59bb00ae
6f8c57f1c20377b6a1f74fd06849705a6370e291
b51251f347677a52f08a4a7c0d9ff0effed121992b6dc7fa709e33c400042e63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 18:50:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/0wa0rni0ng0.mp3
206 Partial Content 8.4 kB URL HTTP/1.1 bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/0wa0rni0ng0.mp3
IP
ASN #14061 DIGITALOCEAN-ASN
File type Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 56 kbps, 44.1 kHz, Monaural\012- data
Hash 8618fbb0911e3b8fc96725dee8bfd81f
1bbcb78922946d0cf18fbf3a9e092e36453eb767
0589be7715d2320e559eae6bd26f3528e97450c70293da2e1e8ce45f77f99ab1
Analyzer Verdict Alert urlquery Scam - Fake AntiVirus
urlquery Scam - Fake AntiVirus
GET /aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/0wa0rni0ng0.mp3 HTTP/1.1
Host: bodytouch.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 206 Partial Content
Date: Mon, 14 Nov 2022 18:50:52 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 14 Nov 2022 18:48:52 GMT
ETag: "20d5-5ed72b0cf8d00"
Accept-Ranges: bytes
Content-Length: 8405
Content-Range: bytes 0-8404/8405
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: audio/mpeg
bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/5f205bbc8a6e3_v.gif
200 OK 1.5 kB URL HTTP/1.1 bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/5f205bbc8a6e3_v.gif
IP
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 65 x 80\012- data
Hash af52e51f42fd0c55bc3cf2c8ece71492
016f83da68ff461a5c6aebcc2a45668317b2f24c
e91f304cf7409723968740e6363dda01b50acb8e94b5ca05b4a4617666ff095c
Analyzer Verdict Alert urlquery Scam - Fake AntiVirus
urlquery Scam - Fake AntiVirus
GET /aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/5f205bbc8a6e3_v.gif HTTP/1.1
Host: bodytouch.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 18:50:52 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 14 Nov 2022 18:48:52 GMT
ETag: "60b-5ed72b0cf8d00"
Accept-Ranges: bytes
Content-Length: 1547
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/gif
bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/5f205bc00090f_v.gif
200 OK 949 B URL HTTP/1.1 bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/5f205bc00090f_v.gif
IP
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 78 x 68\012- data
Hash da9d153375da51a616a7663f1504e3a5
bd81fe60fe017bfe79be8c1afed88b659ff166d9
9bb88049c3d3f3c172d97246fa148bb725e727847c37e28c3be156be240a0c04
Analyzer Verdict Alert urlquery Scam - Fake AntiVirus
urlquery Scam - Fake AntiVirus
GET /aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/5f205bc00090f_v.gif HTTP/1.1
Host: bodytouch.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 18:50:52 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 14 Nov 2022 18:48:52 GMT
ETag: "3b5-5ed72b0cf8d00"
Accept-Ranges: bytes
Content-Length: 949
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/gif
bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/5f205bc2379ac_v.gif
200 OK 377 B URL HTTP/1.1 bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/5f205bc2379ac_v.gif
IP
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 16 x 16\012- data
Hash c10bdec858cb0cf9e6cc5865d5925746
697c095ed5509e5a5af0c5ebf2380662aeffc531
b65b47a79e32335d9ca35ff59c6975d2b5808f84da0db88d11ce777b33e72ad9
Analyzer Verdict Alert urlquery Scam - Fake AntiVirus
urlquery Scam - Fake AntiVirus
GET /aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/5f205bc2379ac_v.gif HTTP/1.1
Host: bodytouch.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 18:50:52 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 14 Nov 2022 18:48:52 GMT
ETag: "179-5ed72b0cf8d00"
Accept-Ranges: bytes
Content-Length: 377
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/gif
bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/5f205bc2c1b4b_v.gif
200 OK 234 B URL HTTP/1.1 bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/5f205bc2c1b4b_v.gif
IP
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 16 x 16\012- data
Hash 9ce99ec458daf212f9812a90f3fadd13
9e3041bc91b79a17b52e0fbb6c2d0e2f905d98a1
b0d335401c9fd5fac9991ec92edaf7865ff3a491ebe390120936c69796c3b753
Analyzer Verdict Alert urlquery Scam - Fake AntiVirus
urlquery Scam - Fake AntiVirus
GET /aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/5f205bc2c1b4b_v.gif HTTP/1.1
Host: bodytouch.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 18:50:52 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 14 Nov 2022 18:48:52 GMT
ETag: "ea-5ed72b0cf8d00"
Accept-Ranges: bytes
Content-Length: 234
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/gif
bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/minus.png
200 OK 945 B URL HTTP/1.1 bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/minus.png
IP
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced\012- data
Hash e6eb3d938f3ebebd85c71307b38a3bf3
387223165f8e86f861a09adb1e3c10a8f2ec7006
2b6c8e23b2a2c49ac71393cb3e1740b7e2fccaa310ee06b68ca27b693d133f8e
Analyzer Verdict Alert urlquery Scam - Fake AntiVirus
urlquery Scam - Fake AntiVirus
GET /aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/minus.png HTTP/1.1
Host: bodytouch.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 18:50:52 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 14 Nov 2022 18:48:50 GMT
ETag: "3b1-5ed72b0b10880"
Accept-Ranges: bytes
Content-Length: 945
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/cut.png
200 OK 1.2 kB URL HTTP/1.1 bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/cut.png
IP
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced\012- data
Hash e526e4ff50594a6c4a5d05c18474d6e7
705609a2bd21c1e3e13666451c75d2c51436c83e
d25cf2403704d5208d662af4ef703d424cedeac253a43a1aec6e60e0db43837f
Analyzer Verdict Alert urlquery Scam - Fake AntiVirus
urlquery Scam - Fake AntiVirus
GET /aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/cut.png HTTP/1.1
Host: bodytouch.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 18:50:52 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 14 Nov 2022 18:48:50 GMT
ETag: "4a8-5ed72b0b10880"
Accept-Ranges: bytes
Content-Length: 1192
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/5f205bbece31e_v.gif
200 OK 1.5 kB URL HTTP/1.1 bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/5f205bbece31e_v.gif
IP
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 30 x 29\012- data
Hash 1834c112f6e54f620d2ef8f8c037d450
b911b12717fc708c9418b4a2a0d72f79c5c53be3
81a5f62c155d307316d16a11e5a907a99fcfa3f70dce41d01d9f65518206734e
Analyzer Verdict Alert urlquery Scam - Fake AntiVirus
urlquery Scam - Fake AntiVirus
GET /aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/5f205bbece31e_v.gif HTTP/1.1
Host: bodytouch.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 18:50:52 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 14 Nov 2022 18:48:52 GMT
ETag: "5e5-5ed72b0cf8d00"
Accept-Ranges: bytes
Content-Length: 1509
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/gif
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodytouch.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Mon, 14 Nov 2022 18:41:09 GMT
expires: Mon, 14 Nov 2022 20:41:09 GMT
cache-control: public, max-age=7200
age: 583
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/background-2.png
200 OK 387 kB URL HTTP/1.1 bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/background-2.png
IP
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 1920 x 1126, 8-bit/color RGBA, non-interlaced\012- data
Size 387 kB (386648 bytes)
Hash db2c775d2583118bf4464dd65a58535b
45413378bf16997decf585915931305788e55328
de9fbe2de348e17bd4948011260ef297c4102b69068692daaba02bf632acd291
Analyzer Verdict Alert urlquery Scam - Fake AntiVirus
urlquery Scam - Fake AntiVirus
GET /aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/background-2.png HTTP/1.1
Host: bodytouch.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 18:50:52 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 14 Nov 2022 18:48:50 GMT
ETag: "5e658-5ed72b0b10880"
Accept-Ranges: bytes
Content-Length: 386648
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
bodytouch.site/favicon.ico
404 Not Found 277 B URL HTTP/1.1 bodytouch.site/favicon.ico
IP
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 85106ef67f5b7491417c9efa64370bbf
0677e8cd5cd56b155c090669e0cd0e123445e195
5cc9451a9563467be95f725d6908912fac444706896778bb3c5ec666bfa6bfc6
GET /favicon.ico HTTP/1.1
Host: bodytouch.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Mon, 14 Nov 2022 18:50:52 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 277
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2524
Expires: Mon, 14 Nov 2022 19:32:57 GMT
Date: Mon, 14 Nov 2022 18:50:53 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2524
Expires: Mon, 14 Nov 2022 19:32:57 GMT
Date: Mon, 14 Nov 2022 18:50:53 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2524
Expires: Mon, 14 Nov 2022 19:32:57 GMT
Date: Mon, 14 Nov 2022 18:50:53 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2524
Expires: Mon, 14 Nov 2022 19:32:57 GMT
Date: Mon, 14 Nov 2022 18:50:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F213417cd-cf64-4d28-ae86-bd6f16cecb3b.jpeg
200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F213417cd-cf64-4d28-ae86-bd6f16cecb3b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6f1e763f44800e4de06d69a3b2af74da
35afe48832221fe42de30260b9bcb15867109031
5f234c025d1f586b4364d2ef8c2818d3d4d441691444bb885e89f4c150b3d2a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F213417cd-cf64-4d28-ae86-bd6f16cecb3b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9322
x-amzn-requestid: 0becd817-a29e-46bf-b9d6-2d18e12f5fe9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjyDvE8DoAMFsiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637163b1-5b4bf1674c4edf80458cf53f;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:37:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 6eUvvtJ48e5eRUJffmsuc9-blgv2dHt-Lsemnf-i8mLQ9CpY0Y94sQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 22:13:29 GMT
age: 74244
etag: "35afe48832221fe42de30260b9bcb15867109031"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F03b751df-18d0-4e56-8d74-5d8e8d02f241.jpeg
200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F03b751df-18d0-4e56-8d74-5d8e8d02f241.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dfc7286992b2cebdf1ebb58f85576e61
a49a1bf9716e32979810931d04d1f84216d096c1
7c5288d4ae39202e00c7fd482faa10b5610d31edf0bba9fc69fa4fc1f422b837
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F03b751df-18d0-4e56-8d74-5d8e8d02f241.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7494
x-amzn-requestid: b07e424a-c11e-442f-8636-e0670cb6f864
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bd8heGBtoAMFYQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636f0e09-7dcda14e5077563d726752ae;Sampled=0
x-amzn-remapped-date: Sat, 12 Nov 2022 03:07:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: VXu3wEUmBJjK6YiXRFYVAuZ3h-ApKkvK1miRBXpo6faKsx8OOXu0JQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 03:14:47 GMT
age: 56166
etag: "a49a1bf9716e32979810931d04d1f84216d096c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa23e03e8-7a4b-473b-801f-39322d374478.jpeg
200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa23e03e8-7a4b-473b-801f-39322d374478.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 31a009393081c25d9afbde558a278ebf
bf8de6c00f579baa320456bd0e79ab80978008bc
90e81f6a10d3dbc56a45e9cfd65dbcd6bddf9e3ab526b4cca270bc2f26404950
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa23e03e8-7a4b-473b-801f-39322d374478.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5149
x-amzn-requestid: f9b58134-4474-4ba5-bc90-368568c30eb4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bNaeqGAZoAMF9Ww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6368712a-4f7bbb4743f15dc2471fba0c;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 02:44:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: R-wKxHkN3mhPg5hGlsMSmENk1tERrZrO83Ohro0OmuKUQ5bC2tgTiw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 08:14:40 GMT
age: 38173
etag: "bf8de6c00f579baa320456bd0e79ab80978008bc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css
200 OK 37 kB URL HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css
IP
File type ASCII text, with very long lines (65326)
Hash 486d39c84e706dd0486ea2ffadc14db9
cdab480e768a7d34ca65ad7c534185e1c9687a28
0ed6dd2f0b32dfbb5bd1e9d2b1598b08d201e5c49cd29eee1f94c9711d07a4c6
GET /bootstrap/4.5.2/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bodytouch.site
Connection: keep-alive
Referer: https://bodytouch.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 14 Nov 2022 18:50:51 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"816af0eddd3b4822c2756227c7e7b7ee"
last-modified: Mon, 25 Jan 2021 22:04:11 GMT
cdn-cachedat: 10/04/2022 16:29:47
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 874
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 4c463a59284701108d4d453f133d16db
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 76a1ef691decb4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68733d52-6c87-4ac4-ba56-bc5f74ff782b.jpeg
200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68733d52-6c87-4ac4-ba56-bc5f74ff782b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ac5583760066002adcbba078f6dd1be4
39ca30395586cf1a0a0fa739f7279af807f548a3
cb5986e3330858716cd290297a81d77e371b838637fc57eece94810211715a7c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68733d52-6c87-4ac4-ba56-bc5f74ff782b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9921
x-amzn-requestid: 933f6aa6-3bec-4f71-aba8-ef9e77942ae9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjycgGB-oAMFsDQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371644f-47d26359464b62b7276316e6;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:40:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 9DG6rCPdRRiHKrAVXztWJwZlUYYCb893lXH8YDzEMGSEUbeaVkABWw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 22:04:26 GMT
age: 74787
etag: "39ca30395586cf1a0a0fa739f7279af807f548a3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5797e726-229b-4f42-9376-00ae67e14407.jpeg
200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5797e726-229b-4f42-9376-00ae67e14407.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a0db3498954921b58948ad8a4e7fd49f
6b618c3ff6e589f9e01650bd0a619acb70d8004e
fa3baa9e32e455ab2eeefab0c76714bf0ff5f67a5ccd7c10b3f5c21d8138c5cf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5797e726-229b-4f42-9376-00ae67e14407.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6535
x-amzn-requestid: 3333aa65-c0c7-4704-9af1-fb0a49f830fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjyDtHbhoAMFSsg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637163b1-51c3e4513240b7e5662b8e6e;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:37:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 6dTOcWIKFuo-Thf3zUH_1WY70yFyQkj3w2xPrb6Ntjf8TUFPVG-_lA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 22:01:14 GMT
age: 74979
etag: "6b618c3ff6e589f9e01650bd0a619acb70d8004e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
200 OK 7.7 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Hash a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Analyzer Verdict Alert urlquery Scam - Fake AntiVirus
urlquery Scam - Fake AntiVirus
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bodytouch.site
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 08:32:10 GMT
expires: Thu, 09 Nov 2023 08:32:10 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
age: 469124
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/img/anim_orange.gif
404 Not Found 277 B URL HTTP/1.1 bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/img/anim_orange.gif
IP
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 85106ef67f5b7491417c9efa64370bbf
0677e8cd5cd56b155c090669e0cd0e123445e195
5cc9451a9563467be95f725d6908912fac444706896778bb3c5ec666bfa6bfc6
GET /aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/img/anim_orange.gif HTTP/1.1
Host: bodytouch.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/
Cookie: _ga=GA1.2.671438903.1668451851; _gid=GA1.2.537412578.1668451851; _gat_gtag_UA_242572046_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Mon, 14 Nov 2022 18:50:54 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 277
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/img/anim_red.gif
404 Not Found 277 B URL HTTP/1.1 bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/img/anim_red.gif
IP
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 85106ef67f5b7491417c9efa64370bbf
0677e8cd5cd56b155c090669e0cd0e123445e195
5cc9451a9563467be95f725d6908912fac444706896778bb3c5ec666bfa6bfc6
GET /aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/img/anim_red.gif HTTP/1.1
Host: bodytouch.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/
Cookie: _ga=GA1.2.671438903.1668451851; _gid=GA1.2.537412578.1668451851; _gat_gtag_UA_242572046_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Mon, 14 Nov 2022 18:50:57 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 277
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
IP
GET /font-awesome/4.5.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodytouch.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 14 Nov 2022 18:50:51 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 565, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 2021-06-08 19:04:20
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: e9a84d03a1f7c6aa17012c712a6e5dd5
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 13896099
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 76a1ef691d56b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js
200 OK 0 B URL HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js
IP
GET /bootstrap/4.5.2/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bodytouch.site
Connection: keep-alive
Referer: https://bodytouch.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 14 Nov 2022 18:50:51 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"02d223393e00c273efdcb1ade8f4f8b1"
last-modified: Mon, 25 Jan 2021 22:04:11 GMT
cdn-cachedat: 11/11/2022 02:42:29
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1048
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 3e81c83683f474bd9db5769d1b6944ec
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 76a1ef691de8b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
IP
GET /css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bodytouch.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 14 Nov 2022 18:50:51 GMT
date: Mon, 14 Nov 2022 18:50:51 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/a0ler0tm0s.mp3
206 Partial Content 0 B URL HTTP/1.1 bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/a0ler0tm0s.mp3
IP
ASN #14061 DIGITALOCEAN-ASN
GET /aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/a0ler0tm0s.mp3 HTTP/1.1
Host: bodytouch.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://bodytouch.site/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa11111111111111111111111/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 206 Partial Content
Date: Mon, 14 Nov 2022 18:50:52 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 14 Nov 2022 18:48:52 GMT
ETag: "31080-5ed72b0cf8d00"
Accept-Ranges: bytes
Content-Length: 200832
Content-Range: bytes 0-200831/200832
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: audio/mpeg
165.22.15.208
104.18.11.207
23.36.76.226
93.184.220.29