Overview

URL135.148.164.91/forums/profile/ambroseorsini90/
IP 135.148.164.91 (United States)
ASN#16276 OVH SAS
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-30 00:15:24 UTC
StatusLoading report..
IDS alerts0
Blocklist alert40
urlquery alerts No alerts detected
Tags None

Domain Summary (28)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
s10.histats.com (1) 15211 2012-05-21 17:14:14 UTC 2020-03-16 19:44:20 UTC 46.105.201.240
dollwives.com (2) 0 2019-01-28 15:03:59 UTC 2022-11-29 08:56:32 UTC 104.26.14.4 Unknown ranking
s4.histats.com (1) 12782 2012-05-21 17:14:14 UTC 2022-11-29 17:43:49 UTC 149.56.240.27
135.148.164.91 (41) 0 2022-10-11 04:53:41 UTC 2022-11-27 00:14:46 UTC 135.148.164.91 Unknown ranking
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
static.getbutton.io (2) 31869 2019-10-01 09:11:58 UTC 2022-11-29 23:05:21 UTC 95.216.228.15
fonts.gstatic.com (4) 0 2014-09-09 00:40:21 UTC 2022-11-29 23:47:40 UTC 216.58.207.227 Domain (gstatic.com) ranked at: 540
assets.pinterest.com (2) 2560 2014-11-19 16:42:27 UTC 2020-05-14 16:33:09 UTC 2.18.172.195
1.bp.blogspot.com (3) 8403 2013-05-06 20:18:52 UTC 2020-05-14 01:22:22 UTC 142.250.74.161
r3.o.lencr.org (8) 344 No data No data 23.36.77.32
www.googletagmanager.com (1) 75 2013-05-22 02:07:37 UTC 2022-11-29 23:42:23 UTC 142.250.74.168
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 54.203.75.56
ocsp.digicert.com (5) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-29 17:10:57 UTC 34.117.237.239
log.pinterest.com (1) 3464 2015-02-16 23:42:31 UTC 2020-04-15 21:05:05 UTC 151.101.0.84
bebasads.com (3) 0 2019-08-08 05:50:30 UTC 2022-11-23 12:49:40 UTC 172.67.180.1 Unknown ranking
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-29 17:14:13 UTC 34.102.187.140
i.imgur.com (2) 5110 2012-05-21 08:09:36 UTC 2018-08-28 18:45:07 UTC 151.101.244.193
e1.o.lencr.org (2) 6159 No data No data 23.36.77.32
platform.twitter.com (3) 597 2012-05-21 03:34:05 UTC 2020-05-03 05:23:23 UTC 192.229.233.25
www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-11-29 19:27:24 UTC 216.239.32.178
syndication.twitter.com (1) 833 2013-09-20 01:46:47 UTC 2022-11-29 17:12:20 UTC 104.244.42.136
platform.linkedin.com (1) 3785 2014-10-23 11:50:28 UTC 2020-05-03 05:23:29 UTC 95.101.11.57
apis.google.com (1) 105 2013-05-30 23:17:44 UTC 2020-05-14 13:59:47 UTC 172.217.21.174
fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-11-29 19:24:13 UTC 142.250.74.106
ocsp.pki.goog (8) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.131
connect.facebook.net (3) 139 2012-05-22 02:51:28 UTC 2020-02-17 13:26:09 UTC 31.13.72.12
img-getpocket.cdn.mozilla.net (5) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
 No alerts detected

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-11-30 2 135.148.164.91 Sinkholed
2022-11-30 2 135.148.164.91 Sinkholed
2022-11-30 2 135.148.164.91 Sinkholed
2022-11-30 2 135.148.164.91 Sinkholed
2022-11-30 2 135.148.164.91 Sinkholed
2022-11-30 2 135.148.164.91 Sinkholed
2022-11-30 2 135.148.164.91 Sinkholed
2022-11-30 2 135.148.164.91 Sinkholed
2022-11-30 2 135.148.164.91 Sinkholed
2022-11-30 2 135.148.164.91 Sinkholed
2022-11-30 2 135.148.164.91 Sinkholed
2022-11-30 2 135.148.164.91 Sinkholed
2022-11-30 2 135.148.164.91 Sinkholed
2022-11-30 2 135.148.164.91 Sinkholed
2022-11-30 2 135.148.164.91 Sinkholed
2022-11-30 2 135.148.164.91 Sinkholed
2022-11-30 2 135.148.164.91 Sinkholed
2022-11-30 2 135.148.164.91 Sinkholed
2022-11-30 2 135.148.164.91 Sinkholed
2022-11-30 2 135.148.164.91 Sinkholed
2022-11-30 2 135.148.164.91 Sinkholed
2022-11-30 2 135.148.164.91 Sinkholed
2022-11-30 2 135.148.164.91 Sinkholed
2022-11-30 2 135.148.164.91 Sinkholed
2022-11-30 2 135.148.164.91 Sinkholed
2022-11-30 2 135.148.164.91 Sinkholed
2022-11-30 2 135.148.164.91 Sinkholed
2022-11-30 2 135.148.164.91 Sinkholed
2022-11-30 2 135.148.164.91 Sinkholed
2022-11-30 2 135.148.164.91 Sinkholed
2022-11-30 2 135.148.164.91 Sinkholed
2022-11-30 2 135.148.164.91 Sinkholed
2022-11-30 2 135.148.164.91 Sinkholed
2022-11-30 2 135.148.164.91 Sinkholed
2022-11-30 2 135.148.164.91 Sinkholed
2022-11-30 2 135.148.164.91 Sinkholed
2022-11-30 2 135.148.164.91 Sinkholed
2022-11-30 2 135.148.164.91 Sinkholed
2022-11-30 2 135.148.164.91 Sinkholed
2022-11-30 2 135.148.164.91 Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 135.148.164.91
Date UQ / IDS / BL URL IP
2022-11-30 00:15:24 +0000 0 - 0 - 40 135.148.164.91/forums/profile/ambroseorsini90/ 135.148.164.91


Last 5 reports on ASN: OVH SAS
Date UQ / IDS / BL URL IP
2023-02-08 10:44:57 +0000 28 - 0 - 14 commune-zahretmedien.tn/-/d8d5b845c07181994ba (...) 213.186.33.186
2023-02-08 10:44:56 +0000 28 - 0 - 14 commune-zahretmedien.tn/-/c2499c73543bc320fcd (...) 213.186.33.186
2023-02-08 10:44:51 +0000 0 - 1 - 0 87-98-189-190.xyz/Getintopc.com/Adobe_Photosh (...) 87.98.189.190
2023-02-08 10:44:44 +0000 28 - 1 - 15 commune-zahretmedien.tn/-/883d1c0b942b33c2a50 (...) 213.186.33.186
2023-02-08 10:44:44 +0000 28 - 0 - 14 commune-zahretmedien.tn/-/e45e14d28bd8df40613 (...) 213.186.33.186


Last 1 reports on domain: 135.148.164.91
Date UQ / IDS / BL URL IP
2022-11-30 00:15:24 +0000 0 - 0 - 40 135.148.164.91/forums/profile/ambroseorsini90/ 135.148.164.91


No other reports with similar screenshot

JavaScript

Executed Scripts (43)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (107)


Request Response
                                        
                                            GET /forums/profile/ambroseorsini90/ HTTP/1.1 
Host: 135.148.164.91
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         135.148.164.91
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Connection: Keep-Alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Link: <http://135.148.164.91/wp-json/>; rel="https://api.w.org/", <http://135.148.164.91/?p=14>; rel=shortlink
Etag: "3886882-1669608177;gz"
X-LiteSpeed-Cache: hit
Transfer-Encoding: chunked
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Wed, 30 Nov 2022 00:15:12 GMT
Server: LiteSpeed
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=3600; includeSubDomains; preload


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1902), with CRLF, LF line terminators
Size:   18330
Md5:    2d28e2dc12cd2c2a9186d7b53b3824f1
Sha1:   4a6184d30c1b8cb8060c2bc1ef5516c6502c0c29
Sha256: 6a293d6a79db8fb1999347ae5f242191db19cf85c1e686fee6d85d4528115d77

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5067
Expires: Wed, 30 Nov 2022 01:39:39 GMT
Date: Wed, 30 Nov 2022 00:15:12 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Accept-Ranges: bytes
Age: 5959
Cache-Control: public, max-age=1209600
Date: Wed, 30 Nov 2022 00:15:12 GMT
Etag: "63866b9a-37"
Last-Modified: Tue, 29 Nov 2022 20:29:14 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 55


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   55
Md5:    9f073354411bbaf7a319b1519f10b4b7
Sha1:   571498f38548829bf186f49f5be9d5fa6e689a68
Sha256: 4a7aaaa1c093dee8a191d4469c9f701c5e62e88896bc778a13cc4ffedf9be89a
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 23:17:56 GMT
cache-control: public,max-age=3600
age: 3436
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2274
Expires: Wed, 30 Nov 2022 00:53:07 GMT
Date: Wed, 30 Nov 2022 00:15:13 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: ClKehbY2aKbVPqbC84M2T+VUWbz8RgOOsvKmpiAvA9CPXpKeKXlwqksOIHJopJSBynG3QYqQ6lE=
x-amz-request-id: KH5XGEEHBPVCSEYV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 23:45:00 GMT
age: 1813
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 30 Nov 2022 00:15:13 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /css?family=Open+Sans%3A400%2C600%2C700%2C400italic%2C300%7CRoboto%3A400%2C500%2C700%2C300%2C400italic&ver=5.3.14 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://135.148.164.91/

search
                                         142.250.74.106
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Wed, 30 Nov 2022 00:15:13 GMT
Date: Wed, 30 Nov 2022 00:15:13 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text
Size:   1192
Md5:    6b0d888d2fcb963ce861ca030a38df39
Sha1:   b4e9197d7a612a360f184b832f62acd23e28efdb
Sha256: 77e265162c32f59d6b25ece7ec80c842672c2289c3dd421ac9c9e69c3aab4707
                                        
                                            GET /wp-includes/css/dist/block-library/style.min.css?ver=5.3.14 HTTP/1.1 
Host: 135.148.164.91
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://135.148.164.91/forums/profile/ambroseorsini90/

search
                                         135.148.164.91
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 07 Dec 2022 00:15:13 GMT
Last-Modified: Thu, 11 Jun 2020 02:13:18 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 6110
Date: Wed, 30 Nov 2022 00:15:13 GMT
Server: LiteSpeed
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=3600; includeSubDomains; preload


--- Additional Info ---
Magic:  ASCII text, with very long lines (41045), with no line terminators
Size:   6110
Md5:    0a24f7bf5e8bc73f41e9152725540e47
Sha1:   46142b80a5418a00dc6dd176482e20a7bea8bbce
Sha256: 9ff65eb9bc9744e07ea326b155d9028cd71aca218339587c3f53471decd1b915

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/css/dist/block-library/theme.min.css?ver=5.3.14 HTTP/1.1 
Host: 135.148.164.91
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://135.148.164.91/forums/profile/ambroseorsini90/

search
                                         135.148.164.91
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 07 Dec 2022 00:15:13 GMT
Last-Modified: Sun, 17 Nov 2019 08:34:48 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 636
Date: Wed, 30 Nov 2022 00:15:13 GMT
Server: LiteSpeed
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=3600; includeSubDomains; preload


--- Additional Info ---
Magic:  ASCII text, with very long lines (1939), with no line terminators
Size:   636
Md5:    98ef0c7bf429cb0c6b048ccb664b669c
Sha1:   ab40327d9dce58736812ebeb16779245742277fc
Sha256: 27d1b00fb6ac355b8ea39d4ee475fe7b5bbf57c61ce83891e21fc59dfdaf2238

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /hyWIOj5.gif HTTP/1.1 
Host: i.imgur.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://135.148.164.91/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.244.193
HTTP/2 200 OK
content-type: image/gif
                                        
last-modified: Thu, 07 Jul 2022 05:16:46 GMT
etag: "b417c8aecce435bcc3167f54fc700660"
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Wed, 30 Nov 2022 00:15:13 GMT
age: 4264707
x-served-by: cache-iad-kjyo7100173-IAD, cache-hel1410031-HEL
x-cache: HIT, HIT
x-cache-hits: 11655, 1
x-timer: S1669767313.302962,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 88055
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 160 x 600\012- data
Size:   88055
Md5:    b417c8aecce435bcc3167f54fc700660
Sha1:   c35a726d93703ccded8feb302a02316e9bb327c8
Sha256: afcd276716cef4d2c76507225f109d8a6a1b040255e2e88773158874d5f661d4
                                        
                                            GET /LAKDhsm.gif HTTP/1.1 
Host: i.imgur.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://135.148.164.91/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.244.193
HTTP/2 200 OK
content-type: image/gif
                                        
last-modified: Thu, 07 Jul 2022 05:19:28 GMT
etag: "f09d66fc9019a3081f42bd798c3e4b40"
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Wed, 30 Nov 2022 00:15:13 GMT
age: 1871872
x-served-by: cache-iad-kcgs7200081-IAD, cache-hel1410031-HEL
x-cache: HIT, HIT
x-cache-hits: 2276, 1
x-timer: S1669767313.303744,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 128817
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 160 x 600\012- data
Size:   128817
Md5:    f09d66fc9019a3081f42bd798c3e4b40
Sha1:   ebfaae392436c2734a1def35a6403603355784a9
Sha256: 14d1012efa7a3f282cd8ede33ed4692bb181a0df12156f4ebf52817797c48980
                                        
                                            GET /wp-content/plugins/kentooz-socializer/public/css/kentooz-socializer-public.css?ver=1.0.0 HTTP/1.1 
Host: 135.148.164.91
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://135.148.164.91/forums/profile/ambroseorsini90/

search
                                         135.148.164.91
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 07 Dec 2022 00:15:13 GMT
Last-Modified: Mon, 20 Aug 2018 13:10:36 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 2131
Date: Wed, 30 Nov 2022 00:15:13 GMT
Server: LiteSpeed
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=3600; includeSubDomains; preload


--- Additional Info ---
Magic:  troff or preprocessor input, ASCII text, with very long lines (509)
Size:   2131
Md5:    98ad754e9a7bc73d13164ae8f651120d
Sha1:   9bc4dda349b71d13b6d2136b0e4f833a8e273dc4
Sha256: edf5694cc096d7d40a316fa7128093cfbc7534a2a6a7f0efd45db318303bdac4

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/wpforo/wpf-assets/css/font-awesome/css/fontawesome-all.min.css?ver=5.11.2 HTTP/1.1 
Host: 135.148.164.91
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://135.148.164.91/forums/profile/ambroseorsini90/

search
                                         135.148.164.91
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 07 Dec 2022 00:15:13 GMT
Last-Modified: Thu, 02 Apr 2020 07:05:25 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 12312
Date: Wed, 30 Nov 2022 00:15:13 GMT
Server: LiteSpeed
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=3600; includeSubDomains; preload


--- Additional Info ---
Magic:  ASCII text, with very long lines (56656), with CRLF line terminators
Size:   12312
Md5:    07592853955330753cb2e322f345c117
Sha1:   bee3ab084f5fca13932de3a175fad37610751680
Sha256: 4245c5cfadd30f6857e973732ec5954f30351746b60fc284621adf39210bae68

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/vmag/css/lightslider.css?ver=1.1.5 HTTP/1.1 
Host: 135.148.164.91
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://135.148.164.91/forums/profile/ambroseorsini90/

search
                                         135.148.164.91
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 07 Dec 2022 00:15:13 GMT
Last-Modified: Thu, 08 Aug 2019 12:49:57 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 1622
Date: Wed, 30 Nov 2022 00:15:13 GMT
Server: LiteSpeed
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=3600; includeSubDomains; preload


--- Additional Info ---
Magic:  ASCII text
Size:   1622
Md5:    dab11bb98fd78526c95bab62c270c8ae
Sha1:   8e6d91a96a5fade743fd9d8a226edd670196bb1d
Sha256: fa2844f4871e607d5cb9a924130966022866ec61c6a630e7ec4b6e9e61f88067

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/vmag/css/font-awesome.css?ver=4.5.0 HTTP/1.1 
Host: 135.148.164.91
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://135.148.164.91/forums/profile/ambroseorsini90/

search
                                         135.148.164.91
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 07 Dec 2022 00:15:13 GMT
Last-Modified: Thu, 08 Aug 2019 12:49:57 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 6542
Date: Wed, 30 Nov 2022 00:15:13 GMT
Server: LiteSpeed
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=3600; includeSubDomains; preload


--- Additional Info ---
Magic:  troff or preprocessor input, ASCII text, with very long lines (372)
Size:   6542
Md5:    94e5370f153bd4130353f9adef15e932
Sha1:   31a86021d4cd3e23a19873feba22f0eb5ed654c4
Sha256: aabd80c95eac0a89fd8d0a3dca99f8d9663eb0d2556cd265927deb6403cca3ed

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/vmag/css/animate.css?ver=3.5.1 HTTP/1.1 
Host: 135.148.164.91
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://135.148.164.91/forums/profile/ambroseorsini90/

search
                                         135.148.164.91
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 07 Dec 2022 00:15:13 GMT
Last-Modified: Thu, 08 Aug 2019 12:49:57 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 4450
Date: Wed, 30 Nov 2022 00:15:13 GMT
Server: LiteSpeed
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=3600; includeSubDomains; preload


--- Additional Info ---
Magic:  ASCII text
Size:   4450
Md5:    e4bbb48493557af3b1d2026bb279601e
Sha1:   c0db0c9ddab40a9bc9ed76df68ad609679f20603
Sha256: a4dc8b587d532128df39aa24cc26d0038dd856794fdf6d360536b4c0c1a35d13

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/vmag/css/responsive.css?ver=1.1.6 HTTP/1.1 
Host: 135.148.164.91
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://135.148.164.91/forums/profile/ambroseorsini90/

search
                                         135.148.164.91
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 07 Dec 2022 00:15:13 GMT
Last-Modified: Thu, 08 Aug 2019 12:49:57 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 2438
Date: Wed, 30 Nov 2022 00:15:13 GMT
Server: LiteSpeed
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=3600; includeSubDomains; preload


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   2438
Md5:    07a961d84ccb66cc891dc1654cfdca63
Sha1:   d72f0b0a20b414215870b19869111e6ede3814a7
Sha256: 855134c0cb87b35e58d25d1fe24456cf0a09ce528667dd2c0e0c93a025c09596

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/vmag/style.css?ver=1.1.6 HTTP/1.1 
Host: 135.148.164.91
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://135.148.164.91/forums/profile/ambroseorsini90/

search
                                         135.148.164.91
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 07 Dec 2022 00:15:13 GMT
Last-Modified: Thu, 08 Aug 2019 12:53:57 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 15204
Date: Wed, 30 Nov 2022 00:15:13 GMT
Server: LiteSpeed
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=3600; includeSubDomains; preload


--- Additional Info ---
Magic:  ASCII text, with very long lines (854)
Size:   15204
Md5:    44bf3cd5aa16e03f891e115fa879ab84
Sha1:   def7c6d203b7d9bf80b647168da247280fee0d0d
Sha256: 52271f8fea69c8ab25e4df2c12c25b981d9b8005b92dac7e1549986bafa7cf21

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/wpforo/wpf-themes/classic/colors.css?ver=1.7.2.8507b4375ab084621fa727c5167c591b HTTP/1.1 
Host: 135.148.164.91
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://135.148.164.91/forums/profile/ambroseorsini90/

search
                                         135.148.164.91
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 07 Dec 2022 00:15:13 GMT
Last-Modified: Thu, 02 Apr 2020 07:05:41 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 7092
Date: Wed, 30 Nov 2022 00:15:13 GMT
Server: LiteSpeed
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=3600; includeSubDomains; preload


--- Additional Info ---
Magic:  ASCII text, with very long lines (487), with CRLF line terminators
Size:   7092
Md5:    168079a28b5651c1327a6e8ca001759c
Sha1:   e4f61c6d2c04dc9177056f4c45586b42d0168a37
Sha256: 5ea3fbc8123f5821ba0c362573d0e630df1089de9a7fadf4e3ceaea43aa12f67

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1 
Host: 135.148.164.91
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://135.148.164.91/forums/profile/ambroseorsini90/

search
                                         135.148.164.91
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 07 Dec 2022 00:15:13 GMT
Last-Modified: Fri, 20 May 2016 06:11:28 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 4034
Date: Wed, 30 Nov 2022 00:15:13 GMT
Server: LiteSpeed
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=3600; includeSubDomains; preload


--- Additional Info ---
Magic:  ASCII text, with very long lines (9959)
Size:   4034
Md5:    2f89b08855471c7476435ce0bec33ba7
Sha1:   970533f152623df03b5fc6fb793b21889e4e0349
Sha256: d200586b6dd1ff779b6c30947361ff736e076d8c7d502505ab3174ca33455ea0

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/kentooz-socializer/public/js/kentooz-socializer-default-public.js?ver=1.0.0 HTTP/1.1 
Host: 135.148.164.91
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://135.148.164.91/forums/profile/ambroseorsini90/

search
                                         135.148.164.91
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 07 Dec 2022 00:15:13 GMT
Last-Modified: Mon, 20 Aug 2018 13:10:36 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 569
Date: Wed, 30 Nov 2022 00:15:13 GMT
Server: LiteSpeed
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=3600; includeSubDomains; preload


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   569
Md5:    b29c48c3ed2cb5b68fb76a83ef822741
Sha1:   c508514c0ee94b3bc7915d2eea4f9ad6d866cd22
Sha256: 255b205795dae7c6cbbbb28d38ae064d137371e1dbbbc524749379bf7636a55c

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/kentooz-socializer/public/js/kentooz-socializer-public.js?ver=1.0.0 HTTP/1.1 
Host: 135.148.164.91
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://135.148.164.91/forums/profile/ambroseorsini90/

search
                                         135.148.164.91
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 07 Dec 2022 00:15:13 GMT
Last-Modified: Mon, 20 Aug 2018 13:10:36 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 2234
Date: Wed, 30 Nov 2022 00:15:13 GMT
Server: LiteSpeed
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=3600; includeSubDomains; preload


--- Additional Info ---
Magic:  ASCII text, with very long lines (320)
Size:   2234
Md5:    d463c6fbb4b424b921dfa647661b5231
Sha1:   3d9ae807f42b1ff2b74ad9149c615680b312031b
Sha256: 105e9be82c50a8c41d6d77c7429f022cdf2dd84e69fb15dfa014897c0963a9f5

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/kentooz-socializer/public/js/custom-js-public.js?ver=1.0.0 HTTP/1.1 
Host: 135.148.164.91
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://135.148.164.91/forums/profile/ambroseorsini90/

search
                                         135.148.164.91
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 07 Dec 2022 00:15:13 GMT
Last-Modified: Mon, 20 Aug 2018 13:10:36 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 666
Date: Wed, 30 Nov 2022 00:15:13 GMT
Server: LiteSpeed
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=3600; includeSubDomains; preload


--- Additional Info ---
Magic:  ASCII text
Size:   666
Md5:    8ce720c16e63c59f4c708b1686523845
Sha1:   d9f7063525debb47139fe1dd954e38c98ffcca96
Sha256: cebb4ed05244736f4061a73d5c55da2336cbac1974d4b33a29c851606085714f

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/wp-postviews/postviews-cache.js?ver=1.68 HTTP/1.1 
Host: 135.148.164.91
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://135.148.164.91/forums/profile/ambroseorsini90/

search
                                         135.148.164.91
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 07 Dec 2022 00:15:13 GMT
Last-Modified: Fri, 23 Aug 2019 06:15:34 GMT
Accept-Ranges: bytes
Content-Length: 133
Date: Wed, 30 Nov 2022 00:15:13 GMT
Server: LiteSpeed
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=3600; includeSubDomains; preload


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   133
Md5:    1daca5a382c540c8639d836bad2ad992
Sha1:   ef989e3f0dbb08744ce38d88e3451b33888c9500
Sha256: aa8ab2153beec5132d9268e321035fbee7f935ddcf90294ceb3424f7fe3e5405

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP/1.1 
Host: 135.148.164.91
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://135.148.164.91/forums/profile/ambroseorsini90/

search
                                         135.148.164.91
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 07 Dec 2022 00:15:13 GMT
Last-Modified: Thu, 08 Aug 2019 12:42:43 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 33836
Date: Wed, 30 Nov 2022 00:15:13 GMT
Server: LiteSpeed
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=3600; includeSubDomains; preload


--- Additional Info ---
Magic:  ASCII text, with very long lines (31997)
Size:   33836
Md5:    167b4b3aef1415384a1d72a851584464
Sha1:   7edb972190b2048300fb5eb1668e54ec049b91a2
Sha256: 2d29b6f8700dbeda5b83991887d89ef850f3d570946b8eef360a86b9adcb0fb3

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/wpforo/wpf-assets/js/frontend.js?ver=1.7.2 HTTP/1.1 
Host: 135.148.164.91
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://135.148.164.91/forums/profile/ambroseorsini90/

search
                                         135.148.164.91
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 07 Dec 2022 00:15:13 GMT
Last-Modified: Thu, 02 Apr 2020 07:05:25 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 8607
Date: Wed, 30 Nov 2022 00:15:13 GMT
Server: LiteSpeed
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=3600; includeSubDomains; preload


--- Additional Info ---
Magic:  C source, ASCII text, with CRLF line terminators
Size:   8607
Md5:    ad1e7003e6a44b59e41f16bb870e2283
Sha1:   291af6197f2d7cab55cdcfa691931c39dd9d89b9
Sha256: b984cba2bb87897f58a5d3a49293f93a3dea58060b22aedba355781de37ad39a

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/js/jquery/suggest.min.js?ver=1.1-20110113 HTTP/1.1 
Host: 135.148.164.91
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://135.148.164.91/forums/profile/ambroseorsini90/

search
                                         135.148.164.91
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 07 Dec 2022 00:15:13 GMT
Last-Modified: Wed, 13 Jan 2016 17:22:27 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 1341
Date: Wed, 30 Nov 2022 00:15:13 GMT
Server: LiteSpeed
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=3600; includeSubDomains; preload


--- Additional Info ---
Magic:  ASCII text, with very long lines (2992)
Size:   1341
Md5:    9ff7aecd800165a7350305ca1b4710a1
Sha1:   9bbc8df75e87b63dab0d2af1c846907292d6a83d
Sha256: e5ac3dfc6b1c9f4c63a6b8843fe433c5fea4dd1149c1fde96525168cdbb55957

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 00:15:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/plugins/wpforo/wpf-assets/js/ajax.js?ver=1.7.2 HTTP/1.1 
Host: 135.148.164.91
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://135.148.164.91/forums/profile/ambroseorsini90/

search
                                         135.148.164.91
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 07 Dec 2022 00:15:13 GMT
Last-Modified: Thu, 02 Apr 2020 07:05:25 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 7152
Date: Wed, 30 Nov 2022 00:15:13 GMT
Server: LiteSpeed
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=3600; includeSubDomains; preload


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   7152
Md5:    6cb1ea99163c4a748d17c1859d9fa400
Sha1:   18de95f238059b60e488b7efa17998c345c339b8
Sha256: e4fed450fcc6adb6570d88e9f041128a4fc182d7803ff4a15a997cdfbdf8eb2d

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /gtm.js?id=GTM-KVKFR6R HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://135.148.164.91/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 00:15:13 GMT
expires: Wed, 30 Nov 2022 00:15:13 GMT
cache-control: private, max-age=900
last-modified: Wed, 30 Nov 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 37732
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1921)
Size:   37732
Md5:    2752bec3f3c1115d197cffb94e71eab2
Sha1:   7e8a0f9c8daa39a9e1fbbb05617cf578e0c2d676
Sha256: a6e3d8a245f9202387c26586ba7a28a48e28fc5534224ee0ae0a7bd6ac03f5a1
                                        
                                            GET /wp-content/themes/vmag/js/wow.js?ver=1.1.2 HTTP/1.1 
Host: 135.148.164.91
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://135.148.164.91/forums/profile/ambroseorsini90/

search
                                         135.148.164.91
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 07 Dec 2022 00:15:13 GMT
Last-Modified: Thu, 08 Aug 2019 12:49:57 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 3534
Date: Wed, 30 Nov 2022 00:15:13 GMT
Server: LiteSpeed
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=3600; includeSubDomains; preload


--- Additional Info ---
Magic:  ASCII text
Size:   3534
Md5:    7eefbc21fa285458d23cead878d5bbcd
Sha1:   a25ce4ad8d3d09709f5f383bbf12a7808ed795bd
Sha256: cd49f916767b952475d40023fa6bde488aa93ece6493110d0abe9258cd99407d

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/js/wp-embed.min.js?ver=5.3.14 HTTP/1.1 
Host: 135.148.164.91
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://135.148.164.91/forums/profile/ambroseorsini90/

search
                                         135.148.164.91
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 07 Dec 2022 00:15:13 GMT
Last-Modified: Wed, 28 Jul 2021 13:19:14 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 743
Date: Wed, 30 Nov 2022 00:15:13 GMT
Server: LiteSpeed
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=3600; includeSubDomains; preload


--- Additional Info ---
Magic:  ASCII text, with very long lines (1391), with no line terminators
Size:   743
Md5:    b146105040f6faa62806b35ad455d121
Sha1:   14aa49ed4f29b666221a8de3fd17f04455f12b15
Sha256: 05f4d51649be6878352af6843f9a5ffc14bb96ca7a02db21a35a14f6a150b004

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/vmag/js/vmag-custom.js?ver=1.1.6 HTTP/1.1 
Host: 135.148.164.91
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://135.148.164.91/forums/profile/ambroseorsini90/

search
                                         135.148.164.91
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 07 Dec 2022 00:15:13 GMT
Last-Modified: Thu, 08 Aug 2019 12:49:57 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 1147
Date: Wed, 30 Nov 2022 00:15:13 GMT
Server: LiteSpeed
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=3600; includeSubDomains; preload


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   1147
Md5:    f5f606900911f400fef23d6ddf1afb74
Sha1:   1ec811d8fa137872bf951809a2d3a89222315e0f
Sha256: ce660dd6c2ffc4aa58ff9b8d3d4abb61c189a0fb989e7e27208d2861aeefd99f

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/wpforo/wpf-themes/classic/widgets.css?ver=1.7.2 HTTP/1.1 
Host: 135.148.164.91
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://135.148.164.91/forums/profile/ambroseorsini90/

search
                                         135.148.164.91
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 07 Dec 2022 00:15:13 GMT
Last-Modified: Thu, 02 Apr 2020 07:05:25 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 2422
Date: Wed, 30 Nov 2022 00:15:13 GMT
Server: LiteSpeed
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=3600; includeSubDomains; preload


--- Additional Info ---
Magic:  ASCII text, with very long lines (355), with CRLF line terminators
Size:   2422
Md5:    87ea096060abc3ab4632a49200e02a12
Sha1:   0350f2510a93be0ca7dd31b7ac33e642b04ad893
Sha256: a81fc973ede05189cca5a11b173f46e80c63ad3d978f781b83e88aa45ddee8e2

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js?ver=5.3.14 HTTP/1.1 
Host: 135.148.164.91
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://135.148.164.91/forums/profile/ambroseorsini90/

search
                                         135.148.164.91
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 07 Dec 2022 00:15:13 GMT
Last-Modified: Wed, 28 Jul 2021 13:19:14 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 4628
Date: Wed, 30 Nov 2022 00:15:13 GMT
Server: LiteSpeed
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=3600; includeSubDomains; preload


--- Additional Info ---
Magic:  ASCII text, with very long lines (10927)
Size:   4628
Md5:    c3b954c5d098c3f9a4d5eb0719139be7
Sha1:   f21136b3532a7387f4b62076e53dc035ee349eb7
Sha256: b1c83515b9a309e472cc69238d63a062edb64ffffdbe8d395fb371ae6be067ed

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 00:15:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/plugins/wpforo/wpf-themes/classic/style.css?ver=1.7.2 HTTP/1.1 
Host: 135.148.164.91
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://135.148.164.91/forums/profile/ambroseorsini90/

search
                                         135.148.164.91
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 07 Dec 2022 00:15:13 GMT
Last-Modified: Thu, 02 Apr 2020 07:05:25 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 28355
Date: Wed, 30 Nov 2022 00:15:13 GMT
Server: LiteSpeed
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=3600; includeSubDomains; preload


--- Additional Info ---
Magic:  ASCII text, with very long lines (1597), with CRLF line terminators
Size:   28355
Md5:    07ea8d8f34c0c72aed945b1b16525289
Sha1:   bf225ba297233f3a84abf1a1f2c71e8c0e5c0c28
Sha256: 400fbf7a176d26691522c63a9315097090cc95ac0775f89ed8749bcbf31e0f03

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 00:11:13 GMT
cache-control: public,max-age=3600
age: 240
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "6918D97D23CD4A088DB73525562B385019B6036C014EA751A8499CCCA9B1C67A"
Last-Modified: Mon, 28 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18499
Expires: Wed, 30 Nov 2022 05:23:32 GMT
Date: Wed, 30 Nov 2022 00:15:13 GMT
Connection: keep-alive

                                        
                                            GET /wp-content/uploads/2019/10/gisella-anastasia_20170922_191217-320x224.jpg HTTP/1.1 
Host: 135.148.164.91
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://135.148.164.91/forums/profile/ambroseorsini90/

search
                                         135.148.164.91
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 07 Dec 2022 00:15:13 GMT
Last-Modified: Tue, 22 Oct 2019 16:32:55 GMT
Accept-Ranges: bytes
Content-Length: 13933
Date: Wed, 30 Nov 2022 00:15:13 GMT
Server: LiteSpeed
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=3600; includeSubDomains; preload


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 320x224, components 3\012- data
Size:   13933
Md5:    5a47621e65043d2296567ab8b755cbb6
Sha1:   50529af3a5bd5c2ff2ad02c2821b53630903b52b
Sha256: 7b9ed01ceaad41ea592ae107124e49d9a1dc992739be35b7b6ded30d61d48045

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2018/12/dflmfsfsd-320x224.jpg HTTP/1.1 
Host: 135.148.164.91
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://135.148.164.91/forums/profile/ambroseorsini90/

search
                                         135.148.164.91
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 07 Dec 2022 00:15:13 GMT
Last-Modified: Sat, 22 Dec 2018 15:48:41 GMT
Accept-Ranges: bytes
Content-Length: 9011
Date: Wed, 30 Nov 2022 00:15:13 GMT
Server: LiteSpeed
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=3600; includeSubDomains; preload


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 320x224, components 3\012- data
Size:   9011
Md5:    94e59e4ae52032b8db72303cae9283c0
Sha1:   44361e59e34d1e4da3f767e3f3b23cdc462e22f5
Sha256: 831951fd130c174f0c86c7d209a8995f0b4d5d9e3fc2ea09bb3874df26890fe4

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2018/03/NB-1-300x77.png HTTP/1.1 
Host: 135.148.164.91
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://135.148.164.91/forums/profile/ambroseorsini90/

search
                                         135.148.164.91
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 07 Dec 2022 00:15:13 GMT
Last-Modified: Thu, 08 Mar 2018 10:33:36 GMT
Accept-Ranges: bytes
Content-Length: 20252
Date: Wed, 30 Nov 2022 00:15:13 GMT
Server: LiteSpeed
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=3600; includeSubDomains; preload


--- Additional Info ---
Magic:  PNG image data, 300 x 77, 8-bit/color RGBA, non-interlaced\012- data
Size:   20252
Md5:    57deba14ab43708237e5d023e2afd1c0
Sha1:   5b60afaad18f42f6fbe5872724d83fd2f71c9602
Sha256: b322d1235a782411200db78d2b22ab65eecf4ab72b8b33111e955a1e10baf89c

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2018/12/llmfdfsdfs-320x224.jpg HTTP/1.1 
Host: 135.148.164.91
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://135.148.164.91/forums/profile/ambroseorsini90/

search
                                         135.148.164.91
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 07 Dec 2022 00:15:13 GMT
Last-Modified: Sat, 22 Dec 2018 15:36:40 GMT
Accept-Ranges: bytes
Content-Length: 10978
Date: Wed, 30 Nov 2022 00:15:13 GMT
Server: LiteSpeed
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=3600; includeSubDomains; preload


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 320x224, components 3\012- data
Size:   10978
Md5:    0c9d93dbb0bdb413e527bd59bb9cd6d3
Sha1:   b9f2e79c59f6b4669e4fa2d89173ab429ba72c40
Sha256: 176d516031748f593349d9a7a8d2ae91576d788bc50f8b728e3e0c6f2c43f51f

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/wpforo/wpf-assets/images/wpforo-info.png HTTP/1.1 
Host: 135.148.164.91
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://135.148.164.91/forums/profile/ambroseorsini90/

search
                                         135.148.164.91
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 07 Dec 2022 00:15:13 GMT
Last-Modified: Thu, 02 Apr 2020 07:05:25 GMT
Accept-Ranges: bytes
Content-Length: 555
Date: Wed, 30 Nov 2022 00:15:13 GMT
Server: LiteSpeed
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=3600; includeSubDomains; preload


--- Additional Info ---
Magic:  PNG image data, 28 x 28, 8-bit colormap, non-interlaced\012- data
Size:   555
Md5:    2d1cfa2cea7f08ee1ed313f905d73ba0
Sha1:   d1caf04e616da41f1fd073e7588c66da05072bf3
Sha256: 3e0e5a4a83b46efd66ddba24629b5df4dd4488557e9cb822c9e91d100185aafd

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2018/03/cropped-NB.png HTTP/1.1 
Host: 135.148.164.91
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://135.148.164.91/forums/profile/ambroseorsini90/

search
                                         135.148.164.91
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 07 Dec 2022 00:15:13 GMT
Last-Modified: Thu, 08 Mar 2018 10:32:53 GMT
Accept-Ranges: bytes
Content-Length: 26289
Date: Wed, 30 Nov 2022 00:15:13 GMT
Server: LiteSpeed
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=3600; includeSubDomains; preload


--- Additional Info ---
Magic:  PNG image data, 348 x 90, 8-bit/color RGBA, non-interlaced\012- data
Size:   26289
Md5:    7c032aabc56beaa04bcb0a11afac64c4
Sha1:   dc175d1f5fe3d73d4e6cf6db9691e7fa0233acee
Sha256: 03c47db47edba3a276dd44b62bd93f41d00c002221e8facecc09970c5089163b

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Accept-Ranges: bytes
Age: 5905
Cache-Control: public, max-age=1209600
Date: Wed, 30 Nov 2022 00:15:14 GMT
Etag: "63866b9a-37"
Last-Modified: Tue, 29 Nov 2022 20:29:14 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 55


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   55
Md5:    9f073354411bbaf7a319b1519f10b4b7
Sha1:   571498f38548829bf186f49f5be9d5fa6e689a68
Sha256: 4a7aaaa1c093dee8a191d4469c9f701c5e62e88896bc778a13cc4ffedf9be89a
                                        
                                            GET /widget-send-button/js/init.js HTTP/1.1 
Host: static.getbutton.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://135.148.164.91/

search
                                         95.216.228.15
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Server: nginx/1.16.0
Date: Wed, 30 Nov 2022 00:15:14 GMT
Content-Length: 145
Connection: keep-alive
Location: https://static.getbutton.io/widget/bundle.js


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   145
Md5:    7938fc116951d02bc261f707297cf915
Sha1:   c7f2a9311468d25830f39a6e280e22cc871149ca
Sha256: a7a0cbe25a887e612a079e22a6b8bee676d68530d19ddf883a19088768f6f464
                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://135.148.164.91
Connection: keep-alive
Referer: http://fonts.googleapis.com/

search
                                         216.58.207.227
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15744
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 23 Nov 2022 21:13:25 GMT
Expires: Thu, 23 Nov 2023 21:13:25 GMT
Cache-Control: public, max-age=31536000
Age: 529309
Last-Modified: Wed, 11 May 2022 19:24:48 GMT


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://135.148.164.91
Connection: keep-alive
Referer: http://fonts.googleapis.com/

search
                                         216.58.207.227
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15920
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 23 Nov 2022 21:14:50 GMT
Expires: Thu, 23 Nov 2023 21:14:50 GMT
Cache-Control: public, max-age=31536000
Age: 529224
Last-Modified: Wed, 11 May 2022 19:24:45 GMT


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size:   15920
Md5:    3a44e06eb954b96aa043227f3534189d
Sha1:   23cef6993ddb2b2979e8e7647fc3763694e2ba7d
Sha256: b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
                                        
                                            GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://135.148.164.91
Connection: keep-alive
Referer: http://fonts.googleapis.com/

search
                                         216.58.207.227
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 44856
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 28 Nov 2022 19:26:02 GMT
Expires: Tue, 28 Nov 2023 19:26:02 GMT
Cache-Control: public, max-age=31536000
Age: 103752
Last-Modified: Mon, 15 Aug 2022 18:20:18 GMT


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size:   44856
Md5:    565ce506190ad3af920b40baf1794cec
Sha1:   ad3cba5d06100e09449a864d3b5e58403b478b3d
Sha256: 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "27C30431AEBF14A9DC134881CC55ABBBA3E4AB1FF6D7C1D2E9DDF8D3E2DC592D"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18798
Expires: Wed, 30 Nov 2022 05:28:32 GMT
Date: Wed, 30 Nov 2022 00:15:14 GMT
Connection: keep-alive

                                        
                                            GET /s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://135.148.164.91
Connection: keep-alive
Referer: http://fonts.googleapis.com/

search
                                         216.58.207.227
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 17820
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 02:44:16 GMT
Expires: Wed, 29 Nov 2023 02:44:16 GMT
Cache-Control: public, max-age=31536000
Age: 77458
Last-Modified: Mon, 15 Aug 2022 18:13:12 GMT


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 17820, version 1.0\012- data
Size:   17820
Md5:    3d5107abaf7bf4df5478bd04625c0929
Sha1:   b04d394caabf6ea3e500b74781dc2bfd54f3c18d
Sha256: 9ad0a22b0c58240a7a92b4c01aa31f39a5918dea6a8fdfa77e63042abc4fca31
                                        
                                            GET /wp-content/uploads/2019/03/Ilustrasi-film-superhero-di-tahun-2019-@CBR-320x224.jpg HTTP/1.1 
Host: 135.148.164.91
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://135.148.164.91/forums/profile/ambroseorsini90/

search
                                         135.148.164.91
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 07 Dec 2022 00:15:13 GMT
Last-Modified: Fri, 15 Mar 2019 09:07:13 GMT
Accept-Ranges: bytes
Content-Length: 22878
Date: Wed, 30 Nov 2022 00:15:13 GMT
Server: LiteSpeed
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=3600; includeSubDomains; preload


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 320x224, components 3\012- data
Size:   22878
Md5:    b365a1742ae30a16de0126d7b04850f5
Sha1:   1a755577bbf7d42e8736b7912ddf85d23203ed31
Sha256: b103dec45c1c519b815dd935fc274e09ebbccc71c61231f08376149d7ed28922
                                        
                                            GET /wp-content/uploads/2018/12/dsfnldmfsd-320x224.jpg HTTP/1.1 
Host: 135.148.164.91
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://135.148.164.91/forums/profile/ambroseorsini90/

search
                                         135.148.164.91
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 07 Dec 2022 00:15:14 GMT
Last-Modified: Sat, 22 Dec 2018 15:55:47 GMT
Accept-Ranges: bytes
Content-Length: 11129
Date: Wed, 30 Nov 2022 00:15:14 GMT
Server: LiteSpeed
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=3600; includeSubDomains; preload


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 320x224, components 3\012- data
Size:   11129
Md5:    5dc15ac296b6a2d6591725defeb71aab
Sha1:   b9c9eac217c9d4ae337903476ab2ca4eec85dedc
Sha256: 459dbe971b3a380c1afc3fc935316ec47ffb3eea2b33859e90ea4187176e2098

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/wpforo/wpf-assets/css/font-awesome/webfonts/fa-regular-400.woff2 HTTP/1.1 
Host: 135.148.164.91
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://135.148.164.91/wp-content/plugins/wpforo/wpf-assets/css/font-awesome/css/fontawesome-all.min.css?ver=5.11.2

search
                                         135.148.164.91
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 07 Dec 2022 00:15:14 GMT
Last-Modified: Thu, 02 Apr 2020 07:05:25 GMT
Accept-Ranges: bytes
Content-Length: 13584
Date: Wed, 30 Nov 2022 00:15:14 GMT
Server: LiteSpeed
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=3600; includeSubDomains; preload


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 13584, version 330.32636\012- data
Size:   13584
Md5:    f5f2566b93e89391da4db79462b8078b
Sha1:   be142af0f56062f6e864de121b98054c7b5954fd
Sha256: 0fc0a22e5e67c95d02c389a1454acc67df53e2f6a46af739f3eac7e352644751

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-admin/admin-ajax.php?postviews_id=14&action=postviews&_=1669767312904 HTTP/1.1 
Host: 135.148.164.91
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://135.148.164.91/forums/profile/ambroseorsini90/

search
                                         135.148.164.91
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Connection: Keep-Alive
X-Robots-Tag: noindex
X-Content-Type-Options: nosniff
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Frame-Options: SAMEORIGIN,SAMEORIGIN
Referrer-Policy: strict-origin-when-cross-origin
X-LiteSpeed-Cache-Control: no-cache
Content-Length: 27
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Wed, 30 Nov 2022 00:15:14 GMT
Server: LiteSpeed
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=3600; includeSubDomains; preload


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   27
Md5:    ea12047baf17e994b1d0ce6c26f72218
Sha1:   24e18bf0e4496a2acb197e14a26f2d4cc2b86d48
Sha256: 38ae87c81e3221c482dd1a725ff9a460609df3e27a3242ecd1bcf9995ef8bc0f

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "CD400E3788096655A47A0805FB0550E7DA38BF3730483BAC6E125F306F3B5969"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8904
Expires: Wed, 30 Nov 2022 02:43:38 GMT
Date: Wed, 30 Nov 2022 00:15:14 GMT
Connection: keep-alive

                                        
                                            GET /wp-content/plugins/wpforo/wpf-assets/css/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1 
Host: 135.148.164.91
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://135.148.164.91/wp-content/plugins/wpforo/wpf-assets/css/font-awesome/css/fontawesome-all.min.css?ver=5.11.2

search
                                         135.148.164.91
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 07 Dec 2022 00:15:14 GMT
Last-Modified: Thu, 02 Apr 2020 07:05:25 GMT
Accept-Ranges: bytes
Content-Length: 75728
Date: Wed, 30 Nov 2022 00:15:14 GMT
Server: LiteSpeed
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=3600; includeSubDomains; preload


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 75728, version 330.32636\012- data
Size:   75728
Md5:    44d537ab79f921fde5a28b2c1636f397
Sha1:   b2879f9e1d0985a96842bf7f55a2b2cc4c636d04
Sha256: 3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/vmag/fonts/fontawesome-webfont.woff2?v=4.5.0 HTTP/1.1 
Host: 135.148.164.91
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://135.148.164.91/wp-content/themes/vmag/css/font-awesome.css?ver=4.5.0

search
                                         135.148.164.91
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 07 Dec 2022 00:15:14 GMT
Last-Modified: Thu, 08 Aug 2019 12:49:57 GMT
Accept-Ranges: bytes
Content-Length: 66624
Date: Wed, 30 Nov 2022 00:15:14 GMT
Server: LiteSpeed
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=3600; includeSubDomains; preload


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 66624, version 4.262\012- data
Size:   66624
Md5:    db812d8a70a4e88e888744c1c9a27e89
Sha1:   638c652d623280a58144f93e7b552c66d1667a11
Sha256: ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /widget/bundle.js HTTP/1.1 
Host: static.getbutton.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://135.148.164.91/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.216.228.15
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.16.0
Date: Wed, 30 Nov 2022 00:15:14 GMT
Last-Modified: Wed, 16 Nov 2022 07:07:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63748c32-4a576"
Expires: Wed, 30 Nov 2022 03:15:14 GMT
Cache-Control: max-age=10800
Access-Control-Allow-Origin: *
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65475)
Size:   94215
Md5:    d8cd247eabac0219996f3e07e4a9a211
Sha1:   bf8835bf60ec200dbdb7498c9c0e68d42f1c6030
Sha256: 7ba300201e1d30489a65dda4a1c35e25d6281b47d064d37a843892e138849b3e
                                        
                                            GET /wp-content/plugins/wpforo/wpf-assets/css/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1 
Host: 135.148.164.91
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://135.148.164.91/wp-content/plugins/wpforo/wpf-assets/css/font-awesome/css/fontawesome-all.min.css?ver=5.11.2

search
                                         135.148.164.91
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 07 Dec 2022 00:15:14 GMT
Last-Modified: Thu, 02 Apr 2020 07:05:25 GMT
Accept-Ranges: bytes
Content-Length: 75336
Date: Wed, 30 Nov 2022 00:15:14 GMT
Server: LiteSpeed
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=3600; includeSubDomains; preload


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 75336, version 330.32636\012- data
Size:   75336
Md5:    cccc9d29470e879e40eb70249d9a2705
Sha1:   5fe986cda635681b4b6bbd6111df2f26d7fca286
Sha256: d3caf12591d194712facd10bca14f0a924edb59c24447a3fd994a48286db8843

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: elLgT9Y8IrVCXMArbxf3/Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         54.203.75.56
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: fryRx4AJfiOggFoVGlcKYRmb8bs=

                                        
                                            GET /ads/alds.php?kat=3bokep&referer=http%3A%2F%2F135.148.164.91%2Fforums%2Fprofile%2Fambroseorsini90%2F HTTP/1.1 
Host: bebasads.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://135.148.164.91
Connection: keep-alive
Referer: http://135.148.164.91/

search
                                         172.67.180.1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 30 Nov 2022 00:15:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.8
Vary: Accept-Encoding
X-Turbo-Charged-By: LiteSpeed
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R1n%2BPTim5Kum1i9ULIg1C0cI9d9YSv7KeM5mScSCU68wpSBsd0TT8WINKCH9gNHFti9S17o290V24wO06l2qGq%2BXhOWPi76fRgTqAACs4CibFBLB1fi612Xu0Wbgs0Q%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 771f6331080ab4f4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   219
Md5:    9e5e16b141795d3ca87f06a6cb12c457
Sha1:   7c9361af166730d4ba0b157826bf0594148ca527
Sha256: fed2682aae273fe7812cb311690f7b3f99dab1400fa199861037e111e4b75507
                                        
                                            GET /ads/alds.php?kat=3bokep&referer=http%3A%2F%2F135.148.164.91%2Fforums%2Fprofile%2Fambroseorsini90%2F HTTP/1.1 
Host: bebasads.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://135.148.164.91
Connection: keep-alive
Referer: http://135.148.164.91/

search
                                         172.67.180.1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 30 Nov 2022 00:15:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.8
Vary: Accept-Encoding
X-Turbo-Charged-By: LiteSpeed
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5SNmGuGZO7h1jmBEB2sX44JdEMxREr1MxRoWD0LFeY6u0bUFGaYS0Wj6Sad4dezuzZoHwLkmwxEiHOh41NS3uEzwgvNmo%2F1mVyEAVqtVlRILvS4NRlnQ99i8f%2F0599I%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 771f63310c91b517-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   208
Md5:    54665a49909cdd052e4383c098551e18
Sha1:   612ab653d52e1a4663b79c7e4baa629f003b00c3
Sha256: dda8092efa6b4594a3104bae9f8195605c14dbcac53ac7412bebf82a787e70e3
                                        
                                            GET /ads/alds.php?kat=3bokep&referer=http%3A%2F%2F135.148.164.91%2Fforums%2Fprofile%2Fambroseorsini90%2F HTTP/1.1 
Host: bebasads.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://135.148.164.91
Connection: keep-alive
Referer: http://135.148.164.91/

search
                                         172.67.180.1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 30 Nov 2022 00:15:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.8
Vary: Accept-Encoding
X-Turbo-Charged-By: LiteSpeed
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7qrOFonEesopG3GF3XByeEwgqXkBcZ6URtpUcGI2mocAUDeN1m7lZJ%2Bj6nRUByM5hdOE2X%2FpqIFsOxGAh8YVwLZ3GN5MFQbMsMF6yYw5cxdumVHBdBWsQSOgIJ3KQbk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 771f633108bdb506-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   218
Md5:    0029af11e066a3fa82b694e0c2b4ce1f
Sha1:   5107fcc4c1bdbd429213f742c483f9a0ef1c6a72
Sha256: 6b10025720fc66a0194651472c3eaa1d0d9876f45c536185743abe269f315c89
                                        
                                            GET /wp-content/uploads/2019/10/Erina-1.jpg?lm=1669608177 HTTP/1.1 
Host: dollwives.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://135.148.164.91/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.26.14.4
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Wed, 30 Nov 2022 00:15:14 GMT
content-length: 47957
last-modified: Wed, 11 Dec 2019 17:46:56 GMT
etag: "5df12b90-bb55"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2Bq9s7aa2wi2tQxpuMBaltwxGSZ684XPuU7ahiVGdUnenzM3DLOXByULpcOdUdCgVDCJqN8cM5PA7j8Q6Z82hk02zIfH2eITt9DOUQxgbtQT0F4ddKQxZ797AZlfzV4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771f63303b59b524-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 595x893, components 3\012- data
Size:   47957
Md5:    227446887386f3a2d3e2b8ef43a180b2
Sha1:   c0258fec8ce9b7e72e363a816001a75907cdadee
Sha256: 808336c19d8c7aa8f7e8fe12d65eccdd5178d1c285014d3682df2eb6daa91661
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 00:15:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/uploads/2019/10/Hina-1.jpg HTTP/1.1 
Host: dollwives.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://135.148.164.91/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.26.14.4
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Wed, 30 Nov 2022 00:15:14 GMT
content-length: 53341
last-modified: Wed, 11 Dec 2019 17:46:57 GMT
etag: "5df12b91-d05d"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZFo51Oq3yGPSHTo8A3x7HZuxFwxYK9aybzCx4XKmW%2Fsqgk4efOaSowYh2JMXEQokBpsbx9Idpn0Ad9KpKGmtwwpG7v9hTqDpM2Iq6KX%2Fs7qR%2BIM6xlsZYOf%2FsRxF35g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771f6330dbc1b524-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 595x893, components 3\012- data
Size:   53341
Md5:    fb2b05277180ed16d9f63956dbc6cd27
Sha1:   a68c6f912d49e0347ca511ead766f77e5d05c80b
Sha256: 3657db539c5f923291396b93fad564b044708df6ef4ff1ae44c28cadee5d1129
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 00:15:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 00:15:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /-223ZjUVnLaU/YQha6GMfgRI/AAAAAAAAMIY/2-c76nqdE4obwl-9qkWLlEK_dQqS6JaPgCLcBGAsYHQ/s300/JAVCROT.jpg HTTP/1.1 
Host: 1.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://135.148.164.91/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.161
HTTP/2 200 OK
content-type: image/jpeg
                                        
access-control-expose-headers: Content-Length
content-disposition: inline;filename="JAVCROT.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 36734
x-xss-protection: 0
date: Tue, 29 Nov 2022 20:22:46 GMT
expires: Wed, 23 Nov 2022 16:17:02 GMT
cache-control: public, max-age=86400, no-transform
age: 13948
etag: "v308d"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 300x250, components 3\012- data
Size:   36734
Md5:    2cbc00ad642eddb1afbaa73ae3c9d4df
Sha1:   6a346801ed200d1f47d0c9ceb05c17b909909101
Sha256: d871949331dc7ea075da50a69dea6cf3b6ecf15adee8b1d0e4e38bd5003f351d
                                        
                                            GET /-SHU8F_YJHB4/YQha6jYySVI/AAAAAAAAMIc/8ANJjmOyWKEpdzWceA-IjLdBMm5BzVVLACLcBGAsYHQ/s300/MEMEKRAPET.jpg HTTP/1.1 
Host: 1.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://135.148.164.91/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.161
HTTP/2 200 OK
content-type: image/jpeg
                                        
access-control-expose-headers: Content-Length
content-disposition: inline;filename="MEMEKRAPET.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 33806
x-xss-protection: 0
date: Tue, 29 Nov 2022 23:53:52 GMT
expires: Wed, 30 Nov 2022 23:53:52 GMT
cache-control: public, max-age=86400, no-transform
etag: "v308e"
age: 1282
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 300x250, components 3\012- data
Size:   33806
Md5:    96ebba6c4facece9c5ce7e16a4f421b0
Sha1:   7cc97123b11e4d15712998f78f00f939aebdc503
Sha256: 658b9b3586626c869f21113c1ee2d07084de03e823804f874dff8715f7c2e4b5
                                        
                                            GET /-1pJaqUq8cLI/YQha62W3DrI/AAAAAAAAMIk/M3vcWH86hn4dmYuHJF0tt4mbWctqNG3QACLcBGAsYHQ/s300/VIDEOBOKEPEROPA.jpg HTTP/1.1 
Host: 1.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://135.148.164.91/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.161
HTTP/2 200 OK
content-type: image/jpeg
                                        
access-control-expose-headers: Content-Length
content-disposition: inline;filename="VIDEOBOKEPEROPA.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 38529
x-xss-protection: 0
date: Wed, 30 Nov 2022 00:15:14 GMT
expires: Sat, 26 Nov 2022 19:21:23 GMT
cache-control: public, max-age=86400, no-transform
etag: "v308d"
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 300x250, components 3\012- data
Size:   38529
Md5:    83c1fc4ecfb1ae09b629a4cbbd6878e6
Sha1:   a93349d700fbbce36416aa0245a30f3c307dffb8
Sha256: a7073fbb7802a83d2e8bd2ab1710c0cf209d33b7600a4379baee6155fce195d8
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 00:15:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /en_US/sdk.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://135.148.164.91/

search
                                         31.13.72.12
HTTP/1.1 200 OK
Content-Type: application/x-javascript; charset=utf-8
                                        
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Expose-Headers: X-FB-Content-MD5
x-fb-content-md5: a8e0e9feb1e48000676d25f6af70e016
ETag: "d9ed4c3715e1852bc23110cc167100d2"
timing-allow-origin: *
Access-Control-Allow-Origin: *
cross-origin-resource-policy: cross-origin
Expires: Wed, 30 Nov 2022 00:25:49 GMT
Cache-Control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
X-Content-Type-Options: nosniff
x-fb-rlafr: 0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
Content-MD5: TnHACtfKWXVWS+Mi0IaolA==
X-FB-Debug: SNcLdlLWBcaunPXUqRDv5Qmi3WmHYKEXemqgcwxyPCEvyz+2/hfYB/YwvuIjGIPB7bvk9m8vX7J5jfAcvCJa0w==
Priority: u=3,i
X-FB-TRIP-ID: 1904183273
Date: Wed, 30 Nov 2022 00:15:14 GMT
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 1687


--- Additional Info ---
Magic:  ASCII text, with very long lines (1957)
Size:   1687
Md5:    4e71c00ad7ca5975564be322d086a894
Sha1:   98a8419449589060136853b9154a8608786f75dc
Sha256: 044a1db2171062ea8ccb88e36eaae91c34929536bc5e6160e5ffb4759f7bf5c8
                                        
                                            GET /widgets.js HTTP/1.1 
Host: platform.twitter.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://135.148.164.91/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         192.229.233.25
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Age: 305
Cache-Control: public, max-age=1800
Date: Wed, 30 Nov 2022 00:15:14 GMT
Etag: "6633f9603c759c40d9b200995454f17c+gzip"
Last-Modified: Wed, 02 Nov 2022 19:43:37 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71C)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
x-amzn-internal-status: 304
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 29221


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (33915)
Size:   29221
Md5:    7899fffaf0046efb7f9be2495d9dc928
Sha1:   d4c60d88e8deea577a50f9d20e1b6b3a20cba2cf
Sha256: 07d50450f22df0588cc1b67f5a124cb91d99a032a229586eb7dc490cce9f7f30
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://135.148.164.91/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         216.239.32.178
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 29 Nov 2022 22:41:08 GMT
expires: Wed, 30 Nov 2022 00:41:08 GMT
cache-control: public, max-age=7200
age: 5646
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20039
Md5:    47e6f374ca946fddd5b59871b325736c
Sha1:   baa9282efc8785e84d247c3bff518eaa45f101c4
Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
                                        
                                            GET /js15_as.js HTTP/1.1 
Host: s10.histats.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://135.148.164.91/

search
                                         46.105.201.240
HTTP/1.1 200 OK
content-type: application/javascript; charset=UTF-8
                                        
date: Wed, 30 Nov 2022 00:06:35 GMT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 580976756
etag: W/"-375139978"
content-encoding: gzip
vary: Accept-Encoding
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4547
x-iplb-request-id: 5B5A2A9A:1AA2_2E69C9F0:0050_6386A092_0145:1F1F1
x-iplb-instance: 42474


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (11440), with no line terminators
Size:   4547
Md5:    2b153cb2287eac49566b32fce9c385f8
Sha1:   206074b038daff8bc66d86bca0c5ff35f9f72655
Sha256: 7398435bd3f0dae8206173dd66954ae029dc8787962d5f089bcb548f53409869
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5764
Cache-Control: max-age=125476
Date: Wed, 30 Nov 2022 00:15:14 GMT
Etag: "6385d132-1d7"
Expires: Thu, 01 Dec 2022 11:06:30 GMT
Last-Modified: Tue, 29 Nov 2022 09:30:26 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /wp-content/uploads/2018/03/cropped-NB-ICON-32x32.png HTTP/1.1 
Host: 135.148.164.91
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://135.148.164.91/forums/profile/ambroseorsini90/

search
                                         135.148.164.91
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 07 Dec 2022 00:15:14 GMT
Last-Modified: Thu, 08 Mar 2018 10:36:40 GMT
Accept-Ranges: bytes
Content-Length: 1842
Date: Wed, 30 Nov 2022 00:15:14 GMT
Server: LiteSpeed
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=3600; includeSubDomains; preload


--- Additional Info ---
Magic:  PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size:   1842
Md5:    2089b06fe3794c95314fb62de2b13512
Sha1:   cc9207bf55fc68291a0a09785625b7474cdb3df7
Sha256: 2dd581abcea902dead3fcf9fb434502171211b0bd906d1e73fae643a2d1e75ee

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2018/03/cropped-NB-ICON-192x192.png HTTP/1.1 
Host: 135.148.164.91
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://135.148.164.91/forums/profile/ambroseorsini90/

search
                                         135.148.164.91
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 07 Dec 2022 00:15:14 GMT
Last-Modified: Thu, 08 Mar 2018 10:36:39 GMT
Accept-Ranges: bytes
Content-Length: 28070
Date: Wed, 30 Nov 2022 00:15:14 GMT
Server: LiteSpeed
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=3600; includeSubDomains; preload


--- Additional Info ---
Magic:  PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size:   28070
Md5:    bab17bdb1becf09fe5b86d0ed109ac37
Sha1:   fbefab99e056541156d850f2fa4c46b0e1a88f5b
Sha256: d6ebab0a74a00effbf7d94e642e17d2bed1b80d920bbdc3885486cf8775b95d1

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /en_US/sdk.js?hash=b7397c124ad70e4587f83f47006a6ad7 HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://135.148.164.91
Connection: keep-alive
Referer: http://135.148.164.91/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         31.13.72.12
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: ec8cf32304c7504ecfeeeec42392cf22
etag: "273d85883b2d63fccff7f7c613d25299"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Wed, 29 Nov 2023 22:11:50 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: fdP4P+9NKCF5COsPSvmXzg==
x-fb-debug: HgZeLP9t7MMXDG9HioILZQVuFYjuZ+TWn73UH1wbsfpsJbPbhezkVk1zPO+bvRySiwfGM7OPML5FSRZrcbTlLw==
content-length: 86894
x-fb-trip-id: 2074150462
date: Wed, 30 Nov 2022 00:15:14 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (13192)
Size:   86894
Md5:    7dd3f83fef4d28217908eb0f4af997ce
Sha1:   16727d8b2cd2b4b4b79cf74d115cd0c1f972b8ac
Sha256: 380730be0c72ecb307ef58f709d8c09d6be8227c68a0b028f768e37710eea5eb
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1303
Cache-Control: 'max-age=158059'
Date: Wed, 30 Nov 2022 00:15:14 GMT
Last-Modified: Tue, 29 Nov 2022 23:53:31 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "815B297511094288F745F230C7F3CB097F8F823C9CF67DE63713AECEAF98D356"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10392
Expires: Wed, 30 Nov 2022 03:08:27 GMT
Date: Wed, 30 Nov 2022 00:15:15 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3369
Cache-Control: max-age=107240
Date: Wed, 30 Nov 2022 00:15:15 GMT
Etag: "63859352-139"
Expires: Thu, 01 Dec 2022 06:02:35 GMT
Last-Modified: Tue, 29 Nov 2022 05:06:26 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 313

                                        
                                            GET /settings?session_id=c0cc48158d1abbbdfa96aa8fc92872645e01e2b5 HTTP/1.1 
Host: syndication.twitter.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://platform.twitter.com/
Origin: https://platform.twitter.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

search
                                         104.244.42.136
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Wed, 30 Nov 2022 00:15:14 GMT
perf: 7626143928
vary: Origin
server: tsa_o
cache-control: must-revalidate, max-age=600
last-modified: Wed, 30 Nov 2022 00:15:15 GMT
content-length: 374
content-encoding: gzip
x-transaction-id: d1c96a3a244832a4
strict-transport-security: max-age=631138519
access-control-allow-origin: https://platform.twitter.com
access-control-allow-credentials: true
x-response-time: 108
x-connection-hash: a33645f25a65d6fc84b8c12665c769575a5e52b4cae6133d853f8a2cf41ada28
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (913), with no line terminators
Size:   374
Md5:    925c2a7587f39436ea29513221652474
Sha1:   695b7f2f3d99f407bcdfd0b372db0e28193cc60c
Sha256: 62e36e14e5c219119cb51c3cdf43a2005512a1bd6ebf2d68d0c610a2e6e3ef0f
                                        
                                            GET /stats/0.php?4295219&@f16&@g1&@h1&@i1&@j1669767313900&@k0&@l1&@mTime-tested%20Ways%20To%20Sexdoll%20Sale%20Your%20Customers%20%E2%80%93%20Profile%20%E2%80%93%20Forum%20Ngentot%20Bareng&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-116814046&@b3:1669767314&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2F135.148.164.91%2Fforums%2Fprofile%2Fambroseorsini90%2F&@w HTTP/1.1 
Host: s4.histats.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://135.148.164.91/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         149.56.240.27
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Date: Wed, 30 Nov 2022 00:15:15 GMT
Content-Length: 47
Connection: close


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   47
Md5:    06b05ae9614bafae9b0b09cfbeed559e
Sha1:   9b087683529b7b89a117b2d5cbb35a93e7dcbaca
Sha256: a60692031ce09be66be89784e8b0214c0f8b6f52cd8fd6a36129a635ffe41ad2
                                        
                                            GET /in.js HTTP/1.1 
Host: platform.linkedin.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://135.148.164.91/

search
                                         95.101.11.57
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Server: Play
Expires: Wed, 30 Nov 2022 00:20:46 GMT
Cache-Control: public, max-age=3600
Content-Encoding: gzip
Content-Length: 163354
X-Li-Fabric: prod-ltx1
Report-To: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
NEL: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
X-Li-Pop: prod-ltx1-x
X-LI-Proto: http/1.1
X-LI-UUID: AAXupDzVjzOeJ2Qcazg+TA==
Date: Wed, 30 Nov 2022 00:15:15 GMT
Connection: keep-alive
Vary: Accept-Encoding
X-CDN-CLIENT-IP-VERSION: IPV4
X-CDN: AKAM


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (41594)
Size:   163354
Md5:    264a36ec205459da4b46907ac1df8165
Sha1:   0ac112e6c033fc5cf6112c7ebb092550b17e6538
Sha256: 11b2926550f825100d3e7a37dcdfa15eecb16498d201a4f98147cdbfe6ba2dcb
                                        
                                            GET /en_US/all.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://135.148.164.91/

search
                                         31.13.72.12
HTTP/1.1 200 OK
Content-Type: application/x-javascript; charset=utf-8
                                        
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Expose-Headers: X-FB-Content-MD5
x-fb-content-md5: 4cbae51522e1b4ece9151ee1c53496e7
ETag: "c8c4c661bea40b3d1ff730dcd5762c20"
timing-allow-origin: *
Access-Control-Allow-Origin: *
cross-origin-resource-policy: cross-origin
Expires: Wed, 30 Nov 2022 00:16:18 GMT
Cache-Control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
X-Content-Type-Options: nosniff
x-fb-rlafr: 0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
Content-MD5: SThMHBot8+h4XzW8GtxfSw==
X-FB-Debug: X1YIQugugmd4eNQ+nu+hF0UjnMESpVp8BhoQiCPOC/pLYh2P1Zs+LiXXkatRAFmcWPzMKHeMCBoB0GZVwh3wKA==
Priority: u=3,i
X-FB-TRIP-ID: 1904183273
Date: Wed, 30 Nov 2022 00:15:15 GMT
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 1686


--- Additional Info ---
Magic:  ASCII text, with very long lines (1957)
Size:   1686
Md5:    49384c1c1a2df3e8785f35bc1adc5f4b
Sha1:   42acd2b6106bc8f0d69cf6261365aac6cda9be60
Sha256: b1a58c36ef4ad5e42b483c0af45bb4aec6b4b818f5b03995cf33e7de37c8e3ae
                                        
                                            GET /widgets.js HTTP/1.1 
Host: platform.twitter.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://135.148.164.91/

search
                                         192.229.233.25
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Age: 1476
Cache-Control: public, max-age=1800
Date: Wed, 30 Nov 2022 00:15:15 GMT
Etag: "6633f9603c759c40d9b200995454f17c+gzip"
Last-Modified: Wed, 02 Nov 2022 19:43:37 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F712)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
x-amzn-internal-status: 304
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 29221


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (33915)
Size:   29221
Md5:    7899fffaf0046efb7f9be2495d9dc928
Sha1:   d4c60d88e8deea577a50f9d20e1b6b3a20cba2cf
Sha256: 07d50450f22df0588cc1b67f5a124cb91d99a032a229586eb7dc490cce9f7f30
                                        
                                            GET /js/pinit.js HTTP/1.1 
Host: assets.pinterest.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://135.148.164.91/

search
                                         2.18.172.195
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
ETag: "82bfd941d2c9b3b9e0650a27c9d11737"
Content-Encoding: gzip
Accept-Ranges: bytes
Content-Length: 290
Cache-Control: max-age=217
Connection: keep-alive
Vary: Accept-Encoding, Origin
X-CDN: akamai
Access-Control-Max-Age: 86400
Access-Control-Expose-Headers: X-CDN
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  ASCII text, with very long lines (361), with no line terminators
Size:   290
Md5:    82bfd941d2c9b3b9e0650a27c9d11737
Sha1:   2eb742a101e79067c9df4d15b518bde85e8eeb2e
Sha256: 3f6e9b85ad3ee165ec6c9587d98d2a43588f7ba0f63d31ad019a0d4cbfd3f3d1
                                        
                                            GET /js/pinit_main.js?0.26762881761296886 HTTP/1.1 
Host: assets.pinterest.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://135.148.164.91/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         2.18.172.195
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
etag: "3725764cf05d1a0938de73d398772331"
content-encoding: br
accept-ranges: bytes
content-length: 18679
cache-control: max-age=254
vary: Accept-Encoding, Origin
x-cdn: akamai
access-control-max-age: 86400
access-control-expose-headers: X-CDN
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (32016)
Size:   18679
Md5:    3725764cf05d1a0938de73d398772331
Sha1:   abdc742d760ca9c8f28c8d44ca9796d9ad6c0bc7
Sha256: f8c41f2f59fc9e9d088bc9002eef583c3cf256b4cd371619b18107b4abd92812
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 00:15:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs HTTP/1.1 
Host: apis.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://135.148.164.91/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.217.21.174
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 51072
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 13:33:12 GMT
expires: Wed, 29 Nov 2023 13:33:12 GMT
cache-control: public, max-age=31536000
age: 38523
last-modified: Tue, 01 Nov 2022 15:24:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (580)
Size:   51072
Md5:    a5aeb8dce52dc81116cc434ff43d3f63
Sha1:   c74721ddc9b87ba5a9deb2a361f44c9293f928b7
Sha256: 333fbf33d55990f58551357644398b7b571c25cd56bc25ad3ea7270571f96118
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7291
Expires: Wed, 30 Nov 2022 02:16:46 GMT
Date: Wed, 30 Nov 2022 00:15:15 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7291
Expires: Wed, 30 Nov 2022 02:16:46 GMT
Date: Wed, 30 Nov 2022 00:15:15 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7291
Expires: Wed, 30 Nov 2022 02:16:46 GMT
Date: Wed, 30 Nov 2022 00:15:15 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7291
Expires: Wed, 30 Nov 2022 02:16:46 GMT
Date: Wed, 30 Nov 2022 00:15:15 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 00:15:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37883a10-064d-451d-9dd4-bca0a5594e96.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11466
x-amzn-requestid: 40ae63d3-397e-4118-90b2-d48b1f4014c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDaHUxIAMFxWA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-2b309a0a5e93f68312a26fa1;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: G2_x26WJ_ISQDsWfV3RzC_jCy5FLNLpblRk_GvuCn4i-ETBAsaKBjQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:52:45 GMT
age: 8550
etag: "49a82390cbf2139bf681d896f9467ab736e0b337"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11466
Md5:    0c14828912decf19c9d95fee93e92f00
Sha1:   49a82390cbf2139bf681d896f9467ab736e0b337
Sha256: bbafc9bd160a30c6a31954bdf66655e1decc59dead3bb94c6fa21cad1cd56fe3
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ym_L3s5E6MLy6BxqNkVxok6L6hA4c-ilSsEqt42j2IbiXYPb4c6-VQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:52:51 GMT
age: 8544
etag: "53650399f9a986ba54addd668b4557109d12003b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9674
Md5:    5508d05a290b663fd89ead9b58f2efd8
Sha1:   53650399f9a986ba54addd668b4557109d12003b
Sha256: 65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f
                                        
                                            GET /widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=http%3A%2F%2F135.148.164.91 HTTP/1.1 
Host: platform.twitter.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://135.148.164.91/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         192.229.233.25
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 2339661
Cache-Control: public, max-age=315360000
Date: Wed, 30 Nov 2022 00:15:14 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:59 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105445


--- Additional Info ---
Magic:  data
Size:   9051
Md5:    05196ec43964cf559caa0c0279148d62
Sha1:   6170d6776615503e3e29f86783febc3e3e78ca66
Sha256: 47f3a5cde661987e3496ce110a0170b10087dd9ba8d4fd691c4830587ba3fa3f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5785
x-amzn-requestid: ee77265b-8e90-4035-8ef1-92a2d26aaefa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDaHdWoAMFqmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-0d10d74030e7aee74804b654;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QhUrNKIJUxXTYFTgfCwizAd9L4PdLMVLbqv1sHmmnrWya0xz1MTSiw==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:08:46 GMT
etag: "f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b"
age: 7589
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5785
Md5:    59baec8db5ced0210ab766ea5636a5fd
Sha1:   f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b
Sha256: 33ff55891f18c22970804f1b8b2ba6821ddfd7426b01486410bd43f2b4295a8d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd170538c-f8cf-4acb-ba33-2ead00b9db73.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10958
x-amzn-requestid: abfea5b0-58f5-49e1-b78e-7cf456d03cb3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgFHF9oIAMF5lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a20-5ab719292d440d083b07a478;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: gCt9oHpZ68tLCYHIYpI1XLtADkScxwf12kDFnU0o5WoQIVSzWlqozw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:16:52 GMT
etag: "57e1d34f146d5ccd9943aa97bcc3158f7103bb07"
age: 7103
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10958
Md5:    777ce44582c70bf01a31da4cab366f36
Sha1:   57e1d34f146d5ccd9943aa97bcc3158f7103bb07
Sha256: fbdc8f65ae74dc13b7aafec464f08fdc9902af519946200ec52432ac3ca55982
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde294fb7-e851-4e57-83be-aa3374862dcb.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7971
x-amzn-requestid: e47d10e4-2b60-4998-b5fa-5b145e60aac2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhgWHgGoAMFcLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867c68-5b9710a07b0a59730e73dce4;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:40:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OURSF_raDXrHV3-3ScaEdorNpW9ZKSIQjv6WUCQYHhruGz372BU_QA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:58:15 GMT
age: 8220
etag: "87447d20e9c0a6a6aeefe6ca107f93cd3598cd0d"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7971
Md5:    9e135c29a8769eb12ef8c26f99097400
Sha1:   87447d20e9c0a6a6aeefe6ca107f93cd3598cd0d
Sha256: ce41ff79c382efc54aa2fd3ab64293d2d2b706a7f21585f4bd8bbcd9a3566126
                                        
                                            GET /?type=pidget&guid=ca3x_Jd7N5gi&tv=2021110201&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=http%3A%2F%2F135.148.164.91%2Fforums%2Fprofile%2Fambroseorsini90%2F&viaSrc=canonical HTTP/1.1 
Host: log.pinterest.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://135.148.164.91/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.0.84
HTTP/2 200 OK
                                        
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-envoy-upstream-service-time: 1
server: envoy
x-pinterest-rid: 1220997077631486
accept-ranges: bytes
date: Wed, 30 Nov 2022 00:15:16 GMT
via: 1.1 varnish
x-served-by: cache-bma1639-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669767317.581248,VS0,VE41
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
content-length: 0
X-Firefox-Spdy: h2