r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c7a8ba48383a0e56baca8c8c41b81a04
b04c1f1e730a71f17ff639c9db697c532d4e5421
7860552382285e6eddddc5226c6f6400caa3f6fc3cb4b8a2d550c6fc653f78bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7860552382285E6EDDDDC5226C6F6400CAA3F6FC3CB4B8A2D550C6FC653F78BB"
Last-Modified: Sun, 06 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11254
Expires: Tue, 08 Nov 2022 23:01:26 GMT
Date: Tue, 08 Nov 2022 19:53:52 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7908acd0c083145e2b454aaeb063c236
0696647bb0a4118327f637a50ebcc21bac39d592
ffc30b68df0b33d67f31e37bbf5ae5cf4c23e1c8b8197bf76a95ee06bec4cd36
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5014
Cache-Control: max-age=144053
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 19:53:52 GMT
Etag: "636a2fef-1d7"
Expires: Thu, 10 Nov 2022 11:54:45 GMT
Last-Modified: Tue, 08 Nov 2022 10:31:11 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
www-soundtaxi.com/drmbuster.exe
144.172.88.163301 Moved Permanently 0 B URL HTTP/1.1 www-soundtaxi.com/drmbuster.exe
IP 144.172.88.163:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /drmbuster.exe HTTP/1.1
Host: www-soundtaxi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Content-Length: 0
Server: nginx
Location: http://www.www-soundtaxi.com/drmbuster.exe
Content-Type: text/html
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9a21dcd6794c5ba4178522096f695511
d731cf49db5e048d0d820d5cee03417cdd8c1c7b
c4981ce849fcfce045d1c9eeb2978767d87fcbf6087626f3d6541ec8b1938a37
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C4981CE849FCFCE045D1C9EEB2978767D87FCBF6087626F3D6541EC8B1938A37"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18008
Expires: Wed, 09 Nov 2022 00:54:00 GMT
Date: Tue, 08 Nov 2022 19:53:52 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: eoVYQmtD7CnYJCSnKUZofw9fBpdP7c22ZroVaPGt96QgCB/1Gm8NeZTBJTFz88xpEmIAl8ZP+H8=
x-amz-request-id: N1567HZPYBY2JXPZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 08 Nov 2022 19:48:38 GMT
age: 314
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 08 Nov 2022 19:53:52 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.www-soundtaxi.com/drmbuster.exe
144.172.88.163200 OK 799 B URL HTTP/1.1 www.www-soundtaxi.com/drmbuster.exe
IP 144.172.88.163:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Hash f52b483e0ab7cab4bb3f001ea41dacb4
b1f8ce24d23090bc148965ca0e5ea5eb85ae1f50
94127062ba43a3135dbf8c45ac8fbf0e12267580e53b47e6ab21f361f7b473d1
GET /drmbuster.exe HTTP/1.1
Host: www.www-soundtaxi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 19:53:44 GMT
Content-Length: 799
Content-Type: text/html
Server: nginx
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2a47d129a3af5f02c654faf925c60273
9ad27ed9f4500c939260a677c12e702599b00fa9
0e031af077bf7009ffefada782407a247bbd31bddc96994c68de7bfe902bf992
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5252
Cache-Control: max-age=139226
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 19:53:52 GMT
Etag: "636a1c26-1d7"
Expires: Thu, 10 Nov 2022 10:34:18 GMT
Last-Modified: Tue, 08 Nov 2022 09:06:46 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.89.181.160101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.181.160:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: MWN7BHMYTL4m2/NqQ7HG4g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: mpfv9Jn0akyl2aihkuZvSp9byeo=
www.www-soundtaxi.com/common.js
144.172.88.163200 OK 4.0 kB URL HTTP/1.1 www.www-soundtaxi.com/common.js
IP 144.172.88.163:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (466), with CRLF line terminators
Hash cf71c39ce2ac643f86289d26b2cf5554
eb23cb7e30df2fdeec0256e2a2fa1ed24366231f
4c7bf0ab99ed8e1fc2a0af9501ce6307c7dbda5da9eabb07e0538139fec86d7b
GET /common.js HTTP/1.1
Host: www.www-soundtaxi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.www-soundtaxi.com/drmbuster.exe
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 19:53:44 GMT
Content-Length: 3981
Content-Type: application/x-javascript
Server: nginx
www.www-soundtaxi.com/tj.js
144.172.88.163200 OK 19 kB URL HTTP/1.1 www.www-soundtaxi.com/tj.js
IP 144.172.88.163:0
File type ASCII text, with very long lines (17702), with CRLF line terminators
Hash 868dd8ea0ccc4394d4c174bb9f92bdd7
f05b9ce89538f761f079490d66a342735e7e53e8
a76f911997ffa936f7e92701a61e5f5aff0fd978d24021c4f9b4a302a9609909
GET /tj.js HTTP/1.1
Host: www.www-soundtaxi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.www-soundtaxi.com/drmbuster.exe
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 19:53:44 GMT
Content-Length: 18894
Content-Type: application/x-javascript
Server: nginx
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ca8e0bc2ff8c892480f0ac14f4650974
8c71e9029bb837951b063cc21f4e0581b72b3823
c99772958a2d8bccce85f35f228ea96116f9f2ac4b925820a192d74179a1a22a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C99772958A2D8BCCCE85F35F228EA96116F9F2AC4B925820A192D74179A1A22A"
Last-Modified: Tue, 08 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17703
Expires: Wed, 09 Nov 2022 00:48:56 GMT
Date: Tue, 08 Nov 2022 19:53:53 GMT
Connection: keep-alive
www.www-soundtaxi.com/favicon.ico
144.172.88.163200 OK 799 B URL HTTP/1.1 www.www-soundtaxi.com/favicon.ico
IP 144.172.88.163:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Hash f52b483e0ab7cab4bb3f001ea41dacb4
b1f8ce24d23090bc148965ca0e5ea5eb85ae1f50
94127062ba43a3135dbf8c45ac8fbf0e12267580e53b47e6ab21f361f7b473d1
GET /favicon.ico HTTP/1.1
Host: www.www-soundtaxi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.www-soundtaxi.com/drmbuster.exe
Cookie: __tins__21272593=%7B%22sid%22%3A%201667937230389%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201667939030389%7D; __51cke__=; __51laig__=1
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 19:53:45 GMT
Content-Length: 799
Content-Type: text/html
Server: nginx
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18150
Expires: Wed, 09 Nov 2022 00:56:24 GMT
Date: Tue, 08 Nov 2022 19:53:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18150
Expires: Wed, 09 Nov 2022 00:56:24 GMT
Date: Tue, 08 Nov 2022 19:53:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18150
Expires: Wed, 09 Nov 2022 00:56:24 GMT
Date: Tue, 08 Nov 2022 19:53:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18150
Expires: Wed, 09 Nov 2022 00:56:24 GMT
Date: Tue, 08 Nov 2022 19:53:54 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd21b731d-5fcc-42b8-ba5c-4292558c1d65.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd21b731d-5fcc-42b8-ba5c-4292558c1d65.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 37802736d42529da1237e5d89e253928
6f246d25b36dc880489f3af2ae8767a0f5f2542b
b21622ee7e858a4508096480ec3ffba824e96d469b0fcfa0f6daaabad296fd40
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd21b731d-5fcc-42b8-ba5c-4292558c1d65.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12165
x-amzn-requestid: 7baae03c-2e22-477c-9c14-d21a26469b47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQAvEFHdIAMF_XQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697b2d-2edb1d9722872b1166a5b085;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:39:57 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 1QlljbC_YBobvvYSxTH2jH4a4kZAK8Am-k6CNxJrLIm1TY1gbfP1gg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 21:42:40 GMT
age: 79874
etag: "6f246d25b36dc880489f3af2ae8767a0f5f2542b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04c2a414-09eb-4daf-8bae-fe6a84f6406e.png
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04c2a414-09eb-4daf-8bae-fe6a84f6406e.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b64fcd58491917edfc8ffb57c1382cd0
edf97aab58dacd11fa52924b1382c2bf1ede5e55
a2c60a2f7780085b4643ab7f521fb6c858ca72c3170e6f3acd2250b9c3b14cc5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04c2a414-09eb-4daf-8bae-fe6a84f6406e.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12662
x-amzn-requestid: edaa58fb-c3eb-4af0-ad32-be8c7cf14421
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQAKLHSBoAMFsxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697a40-4c35cd455ff7a829756eeb56;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7FjjrCP8dJDZrk38J0SqWxN2Ya4O3-hcO_uW5ULwOQTREh4-MU_szA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 21:40:01 GMT
age: 80033
etag: "edf97aab58dacd11fa52924b1382c2bf1ede5e55"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc57b3745-ae4a-4265-b3dd-286aed8be329.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc57b3745-ae4a-4265-b3dd-286aed8be329.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d22d633d497f2e25eab580a648c05434
8e549621e4182a257895a03db93e786bd86072a5
2263e6c2417c5a40885359d93939febbb9e94cef1c598b7ef95069d50275bf28
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc57b3745-ae4a-4265-b3dd-286aed8be329.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5978
x-amzn-requestid: e4cff3d7-86a7-44a8-8858-7c893c19e76c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQAVFHdWIAMFQZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697a86-60d1a8250e0017a3574a6642;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:37:10 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qSguV2gfEtxsoWSMifxQEbIAAqhUDgVom0IWauJEIrFoMA5f17J-GA==
via: 1.1 599f04a365a179d553682d476509c388.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 21:42:26 GMT
age: 79888
etag: "8e549621e4182a257895a03db93e786bd86072a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8786d2a2-d21a-4bb6-916d-7fce27ea08f2.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8786d2a2-d21a-4bb6-916d-7fce27ea08f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 39446652ee66d20bd73df20f1a29589c
349ea78f3ad0f2f7376ba22e417226b2e06806d7
655a00944a319ba167e99b43055044cb18bc48d53605ff0d1b6c8b1ba8ee8237
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8786d2a2-d21a-4bb6-916d-7fce27ea08f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4737
x-amzn-requestid: ad230e08-9f4e-46cf-9a86-f8e013a1c498
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQBFkEhLIAMFq_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697bbd-7e8b686a23a84c5d473c9ef5;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:42:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FoOPmZEjC6nhw801dgqENVL-9-aC0pyFAF-fMS57XzQyfxck2GGUvA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 21:49:14 GMT
age: 79480
etag: "349ea78f3ad0f2f7376ba22e417226b2e06806d7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3564993-11e9-4914-840f-9a1b924c950a.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3564993-11e9-4914-840f-9a1b924c950a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7884b85a4b30e918a0b44f73a301a78b
f7ae1b83a0199b76dd0d31a21db4072b867e4f37
9576f9ad95c958887de953dee72b267cd0ed7293ed62fb540df76a2d49fac035
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3564993-11e9-4914-840f-9a1b924c950a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4527
x-amzn-requestid: c3be9447-c43a-48d6-9aef-c0999742886c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQA1GFN5IAMFaRw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697b53-3bb315de52dcf6114da9ad05;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:40:35 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: _nFA59k8ERwiA6Ct_pZJs0WkFuagosyyiOkeQc1PuWMcno-Lpz4UfA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 21:42:39 GMT
etag: "f7ae1b83a0199b76dd0d31a21db4072b867e4f37"
content-type: image/jpeg
age: 79875
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 43480a38-fd89-4c47-b8c4-e6ba90b1321c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aMF6oEz_oAMF8Hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e5043-6617fd2e59cab00135301cdd;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 07:05:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: C7GYpM3mXSf0hVyGO9Zzlxa3IHXHdyPlXsvr3i0GoQnaPZF6lO-OwA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 06:28:01 GMT
age: 48353
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 719010f8ec37e2c29f809986147c5bb9
6c97864455c08c318e0c04785a6978a013bad2d5
4b2bd1041130ca20883273c442515fe3ae7ed33f2c2fffe08c9e730f226c0227
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B2BD1041130CA20883273C442515FE3AE7ED33F2C2FFFE08C9E730F226C0227"
Last-Modified: Tue, 08 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21531
Expires: Wed, 09 Nov 2022 01:52:46 GMT
Date: Tue, 08 Nov 2022 19:53:55 GMT
Connection: keep-alive
gg5.ui9hhx8n.world/js/jquery.js
202.79.173.114200 OK 1.9 kB URL HTTP/2 gg5.ui9hhx8n.world/js/jquery.js
IP 202.79.173.114:0
ASN #64050 BGPNET Global ASN
Hash c5f9e36b0102432a2148c2d33963d9a3
b3eb4c635a9eddeb5c99a913d94b8a6433373943
712d9e4ff7c443070b96b9d6a9faee2bed23c3efaac6bee0ef540a75a35144b4
GET /js/jquery.js HTTP/1.1
Host: gg5.ui9hhx8n.world
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gg5.ui9hhx8n.world/1667937440.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 08 Nov 2022 19:53:55 GMT
content-type: application/javascript
last-modified: Tue, 28 Dec 2021 07:35:02 GMT
vary: Accept-Encoding
etag: W/"61cabe26-109b"
expires: Wed, 09 Nov 2022 04:06:04 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
via: f09-13u
cdn-cache: HIT
X-Firefox-Spdy: h2
gg5.ui9hhx8n.world/js/jquery.min.js
202.79.173.114200 OK 36 kB URL HTTP/2 gg5.ui9hhx8n.world/js/jquery.min.js
IP 202.79.173.114:0
ASN #64050 BGPNET Global ASN
Hash 5eab393eecee92dae74a23a9b9ca2eef
01530f33ffd028b77562e1a33685708fb8b40339
e91e183764ef5798dbc27acd455ef8181b72cb7b9117b44789fc2f83827c4caa
GET /js/jquery.min.js HTTP/1.1
Host: gg5.ui9hhx8n.world
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gg5.ui9hhx8n.world/1667937440.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 08 Nov 2022 19:53:55 GMT
content-type: application/javascript
last-modified: Wed, 20 Oct 2021 13:00:00 GMT
vary: Accept-Encoding
etag: W/"617012d0-15d84"
expires: Wed, 09 Nov 2022 04:37:59 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
via: f09-13u
cdn-cache: HIT
X-Firefox-Spdy: h2
uu.dumtblqa.life/static/js/index.b726006f.js
202.79.173.114200 OK 35 kB URL HTTP/2 uu.dumtblqa.life/static/js/index.b726006f.js
IP 202.79.173.114:0
ASN #64050 BGPNET Global ASN
Hash f1addbb02357748ae6077af10aa80956
76f7cbca8d74d041e8c1a41f5d3c6a1b9cab9c94
37e517046b56295b7eac1876ff1f7d85b9c3a55068e0c5d157eeb682e63b022c
Analyzer Verdict Alert quad9 Sinkholed
GET /static/js/index.b726006f.js HTTP/1.1
Host: uu.dumtblqa.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uu.dumtblqa.life/?tt=1667937442
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 08 Nov 2022 19:53:57 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 02:45:28 GMT
vary: Accept-Encoding
etag: W/"63632b48-1bb61"
expires: Wed, 09 Nov 2022 04:34:15 GMT
cache-control: max-age=43200
content-encoding: gzip
via: f09-13u
cdn-cache: HIT
X-Firefox-Spdy: h2
uu.dumtblqa.life/static/js/pages-detail-art~pages-detail-vod~pages-index-index~pages-play-play~pages-search-search~pages-type-a~3bdb0e93.8f674fad.js
202.79.173.114200 OK 19 kB URL HTTP/2 uu.dumtblqa.life/static/js/pages-detail-art~pages-detail-vod~pages-index-index~pages-play-play~pages-search-search~pages-type-a~3bdb0e93.8f674fad.js
IP 202.79.173.114:0
ASN #64050 BGPNET Global ASN
Hash 033bf589b796d71e11e63ecf499476b2
095354dbedf8d7cb68160d62a557a98c3a58adb3
4d10c7b075a580035892af78367007f6066fdf4d96d29d7879b7b0860182f91a
Analyzer Verdict Alert quad9 Sinkholed
GET /static/js/pages-detail-art~pages-detail-vod~pages-index-index~pages-play-play~pages-search-search~pages-type-a~3bdb0e93.8f674fad.js HTTP/1.1
Host: uu.dumtblqa.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uu.dumtblqa.life/?tt=1667937442
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 08 Nov 2022 19:53:58 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 02:45:28 GMT
vary: Accept-Encoding
etag: W/"63632b48-d9e2"
expires: Wed, 09 Nov 2022 04:34:27 GMT
cache-control: max-age=43200
content-encoding: gzip
via: f09-13u
cdn-cache: HIT
X-Firefox-Spdy: h2
uu.dumtblqa.life/static/loading.svg
202.79.173.114200 OK 1.8 kB URL HTTP/2 uu.dumtblqa.life/static/loading.svg
IP 202.79.173.114:0
ASN #64050 BGPNET Global ASN
File type exported SGML document, ASCII text
Hash 91762b2af9bdefdd58f5a5b6e7387361
0a511968514d38a4702c5585ead7c01d4f20def0
d887368f18aa4483d5a267a86d1ff5d26a09048bb1c93c0ac9d374e438014342
Analyzer Verdict Alert quad9 Sinkholed
GET /static/loading.svg HTTP/1.1
Host: uu.dumtblqa.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uu.dumtblqa.life/?tt=1667937442
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 08 Nov 2022 19:53:59 GMT
content-type: image/svg+xml
content-length: 1784
last-modified: Thu, 03 Nov 2022 02:45:28 GMT
etag: "63632b48-6f8"
via: f09-13u
cdn-cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 82cc5d00dfb78ac41f3bc8e42b2d9226
3f34d76c05af49908f959d305d762151d176cbc1
15f1e309932ce12f90e2f9b9827731fda1da8455b3c534bca366d8a2229a5837
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 19:53:59 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 12 Nov 2022 18:34:50 GMT
ETag: "3f34d76c05af49908f959d305d762151d176cbc1"
Last-Modified: Tue, 08 Nov 2022 18:34:51 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1444
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7670dba28c36b4ee-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b4c45a4f70996e129769843b3c94d9ce
519aad1da402e7b2fc78e6d1d7cf74bf3cbc4cf7
d006bcd0214deae28db97b6ce621f799d66f9f9fbdcf2f932161fdfd33a9865d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D006BCD0214DEAE28DB97B6CE621F799D66F9F9FBDCF2F932161FDFD33A9865D"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15985
Expires: Wed, 09 Nov 2022 00:20:24 GMT
Date: Tue, 08 Nov 2022 19:53:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0623dcad2a8dc780121da6fb610098f8
5d59171030652cb819536f5b72cc169a94fc8bc8
ce646eab05168a6f9fd97f1ad7b26a7ce45cfb1681a39cadb1ebd43e886d6b96
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CE646EAB05168A6F9FD97F1AD7B26A7CE45CFB1681A39CADB1EBD43E886D6B96"
Last-Modified: Sun, 06 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9414
Expires: Tue, 08 Nov 2022 22:30:53 GMT
Date: Tue, 08 Nov 2022 19:53:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0623dcad2a8dc780121da6fb610098f8
5d59171030652cb819536f5b72cc169a94fc8bc8
ce646eab05168a6f9fd97f1ad7b26a7ce45cfb1681a39cadb1ebd43e886d6b96
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CE646EAB05168A6F9FD97F1AD7B26A7CE45CFB1681A39CADB1EBD43E886D6B96"
Last-Modified: Sun, 06 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16222
Expires: Wed, 09 Nov 2022 00:24:21 GMT
Date: Tue, 08 Nov 2022 19:53:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 96c4aefb52c46589346139c3f9fa0d74
6a1417a7254398ff9daa20a2483e709529e6acd4
b929885605b9355a050b35958ebf4f11a851f7d8c597af03073a7a5f6d745594
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B929885605B9355A050B35958EBF4F11A851F7D8C597AF03073A7A5F6D745594"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5163
Expires: Tue, 08 Nov 2022 21:20:02 GMT
Date: Tue, 08 Nov 2022 19:53:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a8a0d35517c31678b6ef8fe963d6541d
7c571d0303552355f5e9515ce68bebb75c2b80bf
b8964520e63884f96ffc398aaa06199716720aa4bb4ee00e186dcb21b89a3247
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B8964520E63884F96FFC398AAA06199716720AA4BB4EE00E186DCB21B89A3247"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16264
Expires: Wed, 09 Nov 2022 00:25:03 GMT
Date: Tue, 08 Nov 2022 19:53:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7cf1eba73ec7d06166bebae9956f6179
cb4ab330221542775c556db79925f9f0ca386f6f
b66a7b4e16dee55e86bcdc4c9e1976866d8295647ce4a6803a7ef1490506d93f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B66A7B4E16DEE55E86BCDC4C9E1976866D8295647CE4A6803A7EF1490506D93F"
Last-Modified: Mon, 07 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16633
Expires: Wed, 09 Nov 2022 00:31:12 GMT
Date: Tue, 08 Nov 2022 19:53:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e1cf9e7a154c80c259c05fcbd4da8ecf
56f719e6044ac4c74d056ec2e94578e51bba8e8c
7dfcd7686f998f56d05ff7e087a005d6a7d30fcb2629e4c5c310ba65d4704ed3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7DFCD7686F998F56D05FF7E087A005D6A7D30FCB2629E4C5C310BA65D4704ED3"
Last-Modified: Sun, 06 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17606
Expires: Wed, 09 Nov 2022 00:47:25 GMT
Date: Tue, 08 Nov 2022 19:53:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ab1b80384be58c379ebc706972c8c6d9
8d565e8fa2e42c526557ea88c8cfcc20b1908a49
d01c9ea6388628f30f7f38137495ec8fc14dd6264a10071e16da4ce90b924b50
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D01C9EA6388628F30F7F38137495EC8FC14DD6264A10071E16DA4CE90B924B50"
Last-Modified: Mon, 07 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14052
Expires: Tue, 08 Nov 2022 23:48:11 GMT
Date: Tue, 08 Nov 2022 19:53:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5738c2ebd6e3206046e7b5eb73f2de8b
0a75082622baaef7f8fc83b37c7438c000d2ec78
26bd35d60787e0c95db7b49b0df7769c724e7999be9d09fb68097aed5e8ca379
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26BD35D60787E0C95DB7B49B0DF7769C724E7999BE9D09FB68097AED5E8CA379"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16547
Expires: Wed, 09 Nov 2022 00:29:46 GMT
Date: Tue, 08 Nov 2022 19:53:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5738c2ebd6e3206046e7b5eb73f2de8b
0a75082622baaef7f8fc83b37c7438c000d2ec78
26bd35d60787e0c95db7b49b0df7769c724e7999be9d09fb68097aed5e8ca379
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26BD35D60787E0C95DB7B49B0DF7769C724E7999BE9D09FB68097AED5E8CA379"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16547
Expires: Wed, 09 Nov 2022 00:29:46 GMT
Date: Tue, 08 Nov 2022 19:53:59 GMT
Connection: keep-alive
gg5.ui9hhx8n.world/1667937440.html
202.79.173.114200 OK 667 B URL HTTP/2 gg5.ui9hhx8n.world/1667937440.html
IP 202.79.173.114:0
ASN #64050 BGPNET Global ASN
Hash 7bf397de6cfa4cf7d1897662cfdd4525
9a79ca88f7f328e8915983e2864f62c2e8b9ef5d
62b4d786041ea5fa7b6d4877682db577b033477cc7f9d6702f1bf71c3bc6a7ae
GET /1667937440.html HTTP/1.1
Host: gg5.ui9hhx8n.world
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.www-soundtaxi.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Tue, 08 Nov 2022 19:53:55 GMT
content-type: text/html
last-modified: Sat, 18 Dec 2021 07:18:36 GMT
vary: Accept-Encoding
etag: W/"61bd8b4c-427"
strict-transport-security: max-age=31536000
content-encoding: gzip
via: f09-13u
cdn-cache: MISS
X-Firefox-Spdy: h2
kveww.com/99462c01e85acc1311bebac224df6cce.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kveww.com/99462c01e85acc1311bebac224df6cce.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /99462c01e85acc1311bebac224df6cce.gif HTTP/1.1
Host: kveww.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uu.dumtblqa.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 08 Nov 2022 19:53:59 GMT
content-type: text/html
content-length: 162
location: https://kvkjjj.top/99462c01e85acc1311bebac224df6cce.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvevv.com/47fc3dfa6dab926d04bc8c0e76b89995.gif
104.143.94.110301 Moved Permanently 162 B URL HTTP/2 kvevv.com/47fc3dfa6dab926d04bc8c0e76b89995.gif
IP 104.143.94.110:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /47fc3dfa6dab926d04bc8c0e76b89995.gif HTTP/1.1
Host: kvevv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uu.dumtblqa.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 08 Nov 2022 19:53:59 GMT
content-type: text/html
content-length: 162
location: https://kvhyyy.top/47fc3dfa6dab926d04bc8c0e76b89995.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvevv.com/4bf88adf466b90cef3686374a27fc0e2.gif
104.143.94.110301 Moved Permanently 162 B URL HTTP/2 kvevv.com/4bf88adf466b90cef3686374a27fc0e2.gif
IP 104.143.94.110:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /4bf88adf466b90cef3686374a27fc0e2.gif HTTP/1.1
Host: kvevv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uu.dumtblqa.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 08 Nov 2022 19:53:59 GMT
content-type: text/html
content-length: 162
location: https://kvhyyy.top/4bf88adf466b90cef3686374a27fc0e2.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kzeaa.com/e74b75b58cdf79b04bfb0592f5a858dc.gif
67.198.205.125301 Moved Permanently 162 B URL HTTP/2 kzeaa.com/e74b75b58cdf79b04bfb0592f5a858dc.gif
IP 67.198.205.125:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /e74b75b58cdf79b04bfb0592f5a858dc.gif HTTP/1.1
Host: kzeaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uu.dumtblqa.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 08 Nov 2022 19:53:59 GMT
content-type: text/html
content-length: 162
location: https://kvheee.top/e74b75b58cdf79b04bfb0592f5a858dc.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvexx.com/0385a02384cf8bb1f4b429d18548cbd7.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kvexx.com/0385a02384cf8bb1f4b429d18548cbd7.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /0385a02384cf8bb1f4b429d18548cbd7.gif HTTP/1.1
Host: kvexx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uu.dumtblqa.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 08 Nov 2022 19:53:59 GMT
content-type: text/html
content-length: 162
location: https://kvhuuu.top/0385a02384cf8bb1f4b429d18548cbd7.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
104.143.94.110301 Moved Permanently 162 B URL HTTP/2 kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP 104.143.94.110:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: kvezz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uu.dumtblqa.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 08 Nov 2022 19:53:59 GMT
content-type: text/html
content-length: 162
location: https://acoossn.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kzeii.com/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
64.32.13.142301 Moved Permanently 162 B URL HTTP/2 kzeii.com/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
IP 64.32.13.142:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /8d62ac139591ff0c5f17d4c5f1ff3cf6.gif HTTP/1.1
Host: kzeii.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uu.dumtblqa.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 08 Nov 2022 19:53:59 GMT
content-type: text/html
content-length: 162
location: https://kvhfff.top/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvemm.com/712c8059cb44f5944e47108c6b8dd5bd.gif
104.143.94.110301 Moved Permanently 162 B URL HTTP/2 kvemm.com/712c8059cb44f5944e47108c6b8dd5bd.gif
IP 104.143.94.110:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /712c8059cb44f5944e47108c6b8dd5bd.gif HTTP/1.1
Host: kvemm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uu.dumtblqa.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 08 Nov 2022 19:53:59 GMT
content-type: text/html
content-length: 162
location: https://kvtddd.top/712c8059cb44f5944e47108c6b8dd5bd.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvemm.com/ca302b14c051bf41d75347daaf6e7ab3.gif
104.143.94.110301 Moved Permanently 162 B URL HTTP/2 kvemm.com/ca302b14c051bf41d75347daaf6e7ab3.gif
IP 104.143.94.110:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /ca302b14c051bf41d75347daaf6e7ab3.gif HTTP/1.1
Host: kvemm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uu.dumtblqa.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 08 Nov 2022 19:53:59 GMT
content-type: text/html
content-length: 162
location: https://kvtddd.top/ca302b14c051bf41d75347daaf6e7ab3.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 90d730483b4f7ab9cc1623eea321d503
f5f7238ce09d5dceb089127fdf30e89c1a377841
8edb5a8f4f051efaa1aa4453183a052b30922a5e449ac8dbc679e63f11d3f715
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EDB5A8F4F051EFAA1AA4453183A052B30922A5E449AC8DBC679E63F11D3F715"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16593
Expires: Wed, 09 Nov 2022 00:30:32 GMT
Date: Tue, 08 Nov 2022 19:53:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d2c7f04332b5cf25ea137cd6ff3b2864
da5af01ceb4469f34453e738e07a76cd41b7881d
791c173d24602eb2ecbe1e2e576699f0ca7423032e9138ac97fe794cfcea61d6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "791C173D24602EB2ECBE1E2E576699F0CA7423032E9138AC97FE794CFCEA61D6"
Last-Modified: Mon, 07 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19136
Expires: Wed, 09 Nov 2022 01:12:55 GMT
Date: Tue, 08 Nov 2022 19:53:59 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 71d82e0869121e2e3cd8d4e888e6bb3c
40e8663bb49c3d3c1bc6fae6728da4d08410e2b3
6c526b7c6195da3a18a62f1d546f1562d60746bdc835aa33c23e47b8307ee37d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "6C526B7C6195DA3A18A62F1D546F1562D60746BDC835AA33C23E47B8307EE37D"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=678
Expires: Tue, 08 Nov 2022 20:05:18 GMT
Date: Tue, 08 Nov 2022 19:54:00 GMT
Connection: keep-alive
acoossn.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
172.67.213.234200 OK 400 kB URL HTTP/2 acoossn.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP 172.67.213.234:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 400 kB (400264 bytes)
Hash b722c3905b96f11823e04826aafdd50e
68b63b572a042d40ab210aa313b7ebbc372be5a1
630c6a955789d5bb6311db75ce52e57ff4c12074ef5a5a080cf5459f907e9dc1
GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: acoossn.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uu.dumtblqa.life/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 08 Nov 2022 19:54:00 GMT
content-type: image/gif
content-length: 400264
last-modified: Mon, 02 May 2022 19:22:39 GMT
etag: "62702f7f-61b88"
expires: Tue, 29 Nov 2022 09:18:05 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 815755
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SvRIiTANSej0oyJSr2NaEQIQ%2B26BlQAAKSH51I4S0E9D1ragBGoaZgTzvwVBYiqiFHBpIgIhYijM8VqXRj5VdOqh%2FGifd1W6wzmXPtHwAunnJd%2BOcKAHK4mqJG1czQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7670dba61f84b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kzerr.com/6fb5deabda1e984b6bd49b2baa8dfa10.gif
45.154.215.92301 Moved Permanently 162 B URL HTTP/2 kzerr.com/6fb5deabda1e984b6bd49b2baa8dfa10.gif
IP 45.154.215.92:0
ASN #201106 Spartan Host Ltd
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /6fb5deabda1e984b6bd49b2baa8dfa10.gif HTTP/1.1
Host: kzerr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uu.dumtblqa.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 08 Nov 2022 19:53:59 GMT
content-type: text/html
content-length: 162
location: https://kvkccc.top/6fb5deabda1e984b6bd49b2baa8dfa10.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvhfff.top/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
172.67.136.55200 OK 566 kB URL HTTP/2 kvhfff.top/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
IP 172.67.136.55:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 566 kB (565615 bytes)
Hash 6a2c609ad0c46bb1b8d9cd39eacde625
45de0f50f86b45dd6fd4a1c764d47e2640126bf3
8eb8f61188f2555f5f7f0a934ebbae9e9ab703a3dc0b23191bdc7c147eb12140
GET /8d62ac139591ff0c5f17d4c5f1ff3cf6.gif HTTP/1.1
Host: kvhfff.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uu.dumtblqa.life/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 08 Nov 2022 19:54:00 GMT
content-type: image/gif
content-length: 565615
last-modified: Mon, 10 Oct 2022 13:11:33 GMT
etag: "63441a05-8a16f"
expires: Wed, 09 Nov 2022 15:02:10 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2523110
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZxqdHw9130zwEWmAJHOUTWN5TTuECHG2I73I03Ug24dyMMNAmP1L%2FVQR79jYea26r1bMEmelUDh31%2FFU3B8aLT5rjXO%2B37V%2B7MOt6Eb%2BO%2BwG0O2p5Z%2B97zDiuCf%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7670dba62cc2b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvhaaa.top/8fdce7479dd03f1ee73805e8d2e9bab8.gif
104.21.94.20200 OK 864 kB URL HTTP/2 kvhaaa.top/8fdce7479dd03f1ee73805e8d2e9bab8.gif
IP 104.21.94.20:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 864 kB (864004 bytes)
Hash d2c820747a9b9b8c3abaab0775436ab7
99651afd10bd3874fb84d7973845482cd2c81f23
8aa3c7b05ba9bb5176a7155ead2a0ea562b07fb0dd7b27a9cf91c38e95ed43ed
GET /8fdce7479dd03f1ee73805e8d2e9bab8.gif HTTP/1.1
Host: kvhaaa.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uu.dumtblqa.life/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 08 Nov 2022 19:54:00 GMT
content-type: image/gif
content-length: 864004
last-modified: Sun, 04 Sep 2022 09:11:53 GMT
etag: "63146bd9-d2f04"
expires: Thu, 08 Dec 2022 00:53:51 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 68409
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UUnuniUCeNbByK8OrE3UVU0duXVTXfWy41w1qrrCu9RPZx2jSdfuOF0CF94%2FnaianiVMq1u6HZqfdqE%2FNQF%2FiGWOM3%2FYpcvDlg2AF9D0rsQu%2Fy7%2BXKXhcG9pdDQb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7670dba629cb0b55-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 308ee397a0741d0ea71c579c6c35eaa3
3cd0b81dd63da35808dfac9803a025f17b976eff
b2dc951027c96ab061fd2be551f8f1fbe1efb9de3c6a84f07f74bfe32dc03089
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "B2DC951027C96AB061FD2BE551F8F1FBE1EFB9DE3C6A84F07F74BFE32DC03089"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1354
Expires: Tue, 08 Nov 2022 20:16:34 GMT
Date: Tue, 08 Nov 2022 19:54:00 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 71c6ac8540b99f5890659957f2388bc0
239c4708a899bf446cc79a1adb202be8b252f242
4643e993f6bf94047c9b0008b9ac2f9466e82f4ec723b7bfe15658468a62e5b1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "4643E993F6BF94047C9B0008B9AC2F9466E82F4EC723B7BFE15658468A62E5B1"
Last-Modified: Sun, 06 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21521
Expires: Wed, 09 Nov 2022 01:52:41 GMT
Date: Tue, 08 Nov 2022 19:54:00 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 71d82e0869121e2e3cd8d4e888e6bb3c
40e8663bb49c3d3c1bc6fae6728da4d08410e2b3
6c526b7c6195da3a18a62f1d546f1562d60746bdc835aa33c23e47b8307ee37d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "6C526B7C6195DA3A18A62F1D546F1562D60746BDC835AA33C23E47B8307EE37D"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=678
Expires: Tue, 08 Nov 2022 20:05:18 GMT
Date: Tue, 08 Nov 2022 19:54:00 GMT
Connection: keep-alive
kvkjjj.top/99462c01e85acc1311bebac224df6cce.gif
172.67.178.145200 OK 845 kB URL HTTP/2 kvkjjj.top/99462c01e85acc1311bebac224df6cce.gif
IP 172.67.178.145:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 845 kB (845326 bytes)
Hash c3e13dfb200737af2e68b42c07f28465
4d8262aecd8d789494afca5d63b5dd50600870dc
3e962d14b678808967d50df163581b65c6052144cb6239d72da58cceb7bf04ac
GET /99462c01e85acc1311bebac224df6cce.gif HTTP/1.1
Host: kvkjjj.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uu.dumtblqa.life/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 08 Nov 2022 19:54:00 GMT
content-type: image/gif
content-length: 845326
last-modified: Mon, 15 Aug 2022 06:10:27 GMT
etag: "62f9e353-ce60e"
expires: Mon, 28 Nov 2022 11:54:49 GMT
cache-control: max-age=16070400
cf-cache-status: HIT
age: 892751
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fwnhkEwRArDffkzHWZ6MwZLL4hhoZZiAAwHaC3zSaWl%2FuFoMcO2stGVlBDJYgchlrFw%2BQ0n%2F57wZd%2B35dWuY0HwwiVrujxyua6WWV2R77rl1fNJ2gPiJpVhk%2B7j9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7670dba74adf1c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b3416bb1cbb79476bc477612040726ad
9c681cc944523f71fcc714461e3a903134bb5a44
41bc766bb4ab439becc8e3050d2cc30ef430cd35741b89f175852f7fd58d6809
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "41BC766BB4AB439BECC8E3050D2CC30EF430CD35741B89F175852F7FD58D6809"
Last-Modified: Sun, 06 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16259
Expires: Wed, 09 Nov 2022 00:24:59 GMT
Date: Tue, 08 Nov 2022 19:54:00 GMT
Connection: keep-alive
kvkccc.top/6fb5deabda1e984b6bd49b2baa8dfa10.gif
104.21.28.152200 OK 919 kB URL HTTP/2 kvkccc.top/6fb5deabda1e984b6bd49b2baa8dfa10.gif
IP 104.21.28.152:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 919 kB (918679 bytes)
Hash 956582dd3aa22ca9b19bdd1d5e091e24
c2d80e05f59981f6ed58a8231f502bd990894d6b
88e686882e64a0e199c79bd83b7102885b67242b5d0b49a1f37674c0bb3ddd8e
GET /6fb5deabda1e984b6bd49b2baa8dfa10.gif HTTP/1.1
Host: kvkccc.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uu.dumtblqa.life/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 08 Nov 2022 19:54:00 GMT
content-type: image/gif
content-length: 918679
last-modified: Sat, 02 Jul 2022 13:09:08 GMT
etag: "62c04374-e0497"
expires: Tue, 29 Nov 2022 15:27:11 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 793609
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c37pCc2g3o9cjwxkGyRW6WxCl13MHcrM9jxevTmlXuYVOsuAxFdsOCB9%2FBWz8ubrbeWnllqaTQ3iMj99U6niagtbWSdbI7SJoIiK1UWtBGz%2BhVJK4IMW6wYW0h44"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7670dba7d9f0b4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvheee.top/e74b75b58cdf79b04bfb0592f5a858dc.gif
104.21.234.199200 OK 185 kB URL HTTP/2 kvheee.top/e74b75b58cdf79b04bfb0592f5a858dc.gif
IP 104.21.234.199:0
File type GIF image data, version 89a, 960 x 240\012- data
Size 185 kB (184926 bytes)
Hash 214553bbbe765499c15ec4271f4bbd23
8fa439d96daee17a9c0b86546dba5cb8fa25b076
34924659831f47a88bb09ee743e6e993c7b98c6038e0d6f9ba93123ba0a92a50
GET /e74b75b58cdf79b04bfb0592f5a858dc.gif HTTP/1.1
Host: kvheee.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uu.dumtblqa.life/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 08 Nov 2022 19:54:00 GMT
content-type: image/gif
content-length: 184926
last-modified: Wed, 25 May 2022 14:01:09 GMT
etag: "628e36a5-2d25e"
expires: Fri, 02 Dec 2022 16:16:46 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 531434
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e224y%2FO7qG9jYZNErnxbquRZ%2F6W9HJAFkzOevMYVGZrYQwquIGWmrxtj140GCnZp2E%2FC9nFqemJzhFkrrQUPXCqOtZdW%2B0WoJHGY49%2FTUhInfo2Am70J1k2sseJo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7670dba769e2b7e8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3954ff839632665ff02ae653e50ef936
8db59ffab70ca3eafa65637ef50041d20bd554b7
3468c68c057896f852cdeb906020ae66681c2095f444991a6066a3def80d1fef
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "3468C68C057896F852CDEB906020AE66681C2095F444991A6066A3DEF80D1FEF"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21589
Expires: Wed, 09 Nov 2022 01:53:49 GMT
Date: Tue, 08 Nov 2022 19:54:00 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 71c6ac8540b99f5890659957f2388bc0
239c4708a899bf446cc79a1adb202be8b252f242
4643e993f6bf94047c9b0008b9ac2f9466e82f4ec723b7bfe15658468a62e5b1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "4643E993F6BF94047C9B0008B9AC2F9466E82F4EC723B7BFE15658468A62E5B1"
Last-Modified: Sun, 06 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21521
Expires: Wed, 09 Nov 2022 01:52:41 GMT
Date: Tue, 08 Nov 2022 19:54:00 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b3416bb1cbb79476bc477612040726ad
9c681cc944523f71fcc714461e3a903134bb5a44
41bc766bb4ab439becc8e3050d2cc30ef430cd35741b89f175852f7fd58d6809
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "41BC766BB4AB439BECC8E3050D2CC30EF430CD35741B89F175852F7FD58D6809"
Last-Modified: Sun, 06 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16259
Expires: Wed, 09 Nov 2022 00:24:59 GMT
Date: Tue, 08 Nov 2022 19:54:00 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 6164f67411fa2b5837355afd30a66adc
39c9f913d2bb8184f5f36b48d7944bb2da96346c
4c515c75fccbc822d6d1982d1a36bcf61b77c0025db6d051fe792836d345206b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=87189
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 19:54:00 GMT
Etag: "6369656d-118"
Expires: Wed, 09 Nov 2022 20:07:09 GMT
Last-Modified: Mon, 07 Nov 2022 20:07:09 GMT
Server: nginx
Content-Length: 280
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 308ee397a0741d0ea71c579c6c35eaa3
3cd0b81dd63da35808dfac9803a025f17b976eff
b2dc951027c96ab061fd2be551f8f1fbe1efb9de3c6a84f07f74bfe32dc03089
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "B2DC951027C96AB061FD2BE551F8F1FBE1EFB9DE3C6A84F07F74BFE32DC03089"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1354
Expires: Tue, 08 Nov 2022 20:16:34 GMT
Date: Tue, 08 Nov 2022 19:54:00 GMT
Connection: keep-alive
uu.dumtblqa.life/static/js/chunk-vendors.cbebd8a9.js
202.79.173.114200 OK 273 kB URL HTTP/2 uu.dumtblqa.life/static/js/chunk-vendors.cbebd8a9.js
IP 202.79.173.114:0
ASN #64050 BGPNET Global ASN
File type Unicode text, UTF-8 text, with very long lines (65103), with no line terminators
Size 273 kB (272555 bytes)
Hash 154b6e42a46ba0f88cade9c8d9f35be2
6b413b60486f7c2be362c642b49b85e3eeb11fe4
983f22969a0a331315433dd1a59a40b04fce83e575781855debb0536725b1763
Analyzer Verdict Alert quad9 Sinkholed
GET /static/js/chunk-vendors.cbebd8a9.js HTTP/1.1
Host: uu.dumtblqa.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uu.dumtblqa.life/?tt=1667937442
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 08 Nov 2022 19:53:57 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 02:45:28 GMT
vary: Accept-Encoding
etag: W/"63632b48-b4f96"
expires: Wed, 09 Nov 2022 04:34:31 GMT
cache-control: max-age=43200
content-encoding: gzip
via: f09-13u
cdn-cache: HIT
X-Firefox-Spdy: h2
kvtddd.top/ca302b14c051bf41d75347daaf6e7ab3.gif
104.21.235.62200 OK 199 kB URL HTTP/2 kvtddd.top/ca302b14c051bf41d75347daaf6e7ab3.gif
IP 104.21.235.62:0
File type GIF image data, version 89a, 960 x 240\012- data
Size 199 kB (198998 bytes)
Hash 9055b16bfddceb4d71a64601d99cc1fe
08f43efa14ead275ed58613dfe4715982679fe30
9f39213220495f96b8fbef7974ce8cef0eeaffeb6416328de8f7469254aab886
GET /ca302b14c051bf41d75347daaf6e7ab3.gif HTTP/1.1
Host: kvtddd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uu.dumtblqa.life/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 08 Nov 2022 19:54:00 GMT
content-type: image/gif
content-length: 198998
last-modified: Sat, 16 Apr 2022 08:19:50 GMT
etag: "625a7c26-30956"
expires: Thu, 08 Dec 2022 19:54:00 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=czlFKJBUZ3DapzJn0T0rbg3I3aZ2MRswFleV1pHiWquRNj9z3nqaP6QY6ZeJN66mwb1fdQL4HohJHlhO9psD0%2BILlJFjf7NuGEDjTSpeBNUQUxlYOPqNsTXVAxeK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7670dba88ed10a2c-ARN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
taiwtp1.com/xin/200200.gif
220.128.218.220200 OK 66 kB URL HTTP/2 taiwtp1.com/xin/200200.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 200 x 200\012- data
Hash f0ba60ad272f48fb7a6c94d0fff78f8c
5aa704f7f21da3ebcda26cc67adfb21a218e7c97
22ca789fd1bcfce63c63a1b380a9666fbb44d3c6003c110d1956995a27a3d108
GET /xin/200200.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uu.dumtblqa.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 08 Nov 2022 19:51:46 GMT
content-type: image/gif
content-length: 65592
last-modified: Thu, 20 Oct 2022 07:11:02 GMT
etag: "6350f486-10038"
expires: Thu, 08 Dec 2022 19:51:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
kvtddd.top/712c8059cb44f5944e47108c6b8dd5bd.gif
104.21.235.62200 OK 1.1 MB URL HTTP/2 kvtddd.top/712c8059cb44f5944e47108c6b8dd5bd.gif
IP 104.21.235.62:0
File type GIF image data, version 89a, 960 x 240\012- data
Size 1.1 MB (1121344 bytes)
Hash 1fa329c2303bf5a0d2ffd8d484269fbc
c4a5918bcb480a578cee1cceb5aec7da15530fbc
bcb751146958967d4032f10a6f91bfc63759b7cbeee76e5428d3604cf1e4923e
GET /712c8059cb44f5944e47108c6b8dd5bd.gif HTTP/1.1
Host: kvtddd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uu.dumtblqa.life/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 08 Nov 2022 19:54:00 GMT
content-type: image/gif
content-length: 1121344
last-modified: Sun, 26 Jun 2022 12:14:24 GMT
etag: "62b84da0-111c40"
expires: Thu, 08 Dec 2022 19:54:00 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Px%2Bd2roE8ZCNUEqfP%2FpJ7BhMkOpzOo8gSqxUJ%2BirOsnf7PDTS7%2FpNU1WtiYpf6QIWBiXTDXTsIlbhRBz7%2Fm8IP%2BgKxfStRZmtZ1i65OMigskqj2feg8AEv1cfPz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7670dba89eea0a2c-ARN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3954ff839632665ff02ae653e50ef936
8db59ffab70ca3eafa65637ef50041d20bd554b7
3468c68c057896f852cdeb906020ae66681c2095f444991a6066a3def80d1fef
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "3468C68C057896F852CDEB906020AE66681C2095F444991A6066A3DEF80D1FEF"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21589
Expires: Wed, 09 Nov 2022 01:53:49 GMT
Date: Tue, 08 Nov 2022 19:54:00 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 6164f67411fa2b5837355afd30a66adc
39c9f913d2bb8184f5f36b48d7944bb2da96346c
4c515c75fccbc822d6d1982d1a36bcf61b77c0025db6d051fe792836d345206b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=87189
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 19:54:01 GMT
Etag: "6369656d-118"
Expires: Wed, 09 Nov 2022 20:07:10 GMT
Last-Modified: Mon, 07 Nov 2022 20:07:09 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 280
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=824&et=0&ja=0&ln=en-us&lo=0&rnd=1691033656&si=7e5e3dfa6de61bfd4b1abb18528745ab&su=https%3A%2F%2Fgg5.ui9hhx8n.world%2F&v=1.2.97&lv=1&sn=5953&r=0&ww=1140&ct=!!&u=https%3A%2F%2Fuu.dumtblqa.life%2F%3Ftt%3D1667937442%23%2F&tt=dxj
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=824&et=0&ja=0&ln=en-us&lo=0&rnd=1691033656&si=7e5e3dfa6de61bfd4b1abb18528745ab&su=https%3A%2F%2Fgg5.ui9hhx8n.world%2F&v=1.2.97&lv=1&sn=5953&r=0&ww=1140&ct=!!&u=https%3A%2F%2Fuu.dumtblqa.life%2F%3Ftt%3D1667937442%23%2F&tt=dxj
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=824&et=0&ja=0&ln=en-us&lo=0&rnd=1691033656&si=7e5e3dfa6de61bfd4b1abb18528745ab&su=https%3A%2F%2Fgg5.ui9hhx8n.world%2F&v=1.2.97&lv=1&sn=5953&r=0&ww=1140&ct=!!&u=https%3A%2F%2Fuu.dumtblqa.life%2F%3Ftt%3D1667937442%23%2F&tt=dxj HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uu.dumtblqa.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 08 Nov 2022 19:54:00 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=0632BBDB639779C8; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
kvhuuu.top/0385a02384cf8bb1f4b429d18548cbd7.gif
104.21.234.152200 OK 211 kB URL HTTP/2 kvhuuu.top/0385a02384cf8bb1f4b429d18548cbd7.gif
IP 104.21.234.152:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 211 kB (211127 bytes)
Hash 88d9d5281cc8399fc9a5a866857fea84
4abe7059410209993012e28e4716b51bf6cf7575
6e5d5a54f87917acb45b64a2708004f72dcae06a1626336a01c290c0dfba5aa2
GET /0385a02384cf8bb1f4b429d18548cbd7.gif HTTP/1.1
Host: kvhuuu.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uu.dumtblqa.life/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 08 Nov 2022 19:54:00 GMT
content-type: image/gif
content-length: 211127
last-modified: Wed, 20 Apr 2022 12:41:47 GMT
etag: "625fff8b-338b7"
expires: Sat, 12 Nov 2022 10:00:58 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2281982
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3U%2FjzMi%2Fnl4Lxk3h2vdozQEgz890tKtvF2F6%2BByLpu82CwHcGU5laX9hYJX8pBE%2F2TQoLiEuN%2Fosk%2BqJkhxMh5t42JnkhVDvYEOlaWCwBE6g3nXflDx%2BVULqpOpL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7670dbaa2946fa2e-SJC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
link.imgapp.top/images/63368fc78360dffab4893ec1.gif
3.36.126.81302 Found 0 B URL HTTP/2 link.imgapp.top/images/63368fc78360dffab4893ec1.gif
IP 3.36.126.81:0
GET /images/63368fc78360dffab4893ec1.gif HTTP/1.1
Host: link.imgapp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uu.dumtblqa.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://ali2.a.yximgs.com/udata/music/music_5910bef395dd49fab70d3ad8beb862980.jpg
cache-control: max-age=86400
X-Firefox-Spdy: h2
link.imgapp.top/images/62c535de9493f72e6cb8d63f.gif
3.36.126.81302 Found 0 B URL HTTP/2 link.imgapp.top/images/62c535de9493f72e6cb8d63f.gif
IP 3.36.126.81:0
GET /images/62c535de9493f72e6cb8d63f.gif HTTP/1.1
Host: link.imgapp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uu.dumtblqa.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://tx2.a.yximgs.com/udata/music/music_b82869f9e43a465d9923fec52d716d420.jpg
cache-control: max-age=86400
X-Firefox-Spdy: h2
uu.dumtblqa.life/static/js/pages-index-index.c2312e26.js
202.79.173.114200 OK 0 B URL HTTP/2 uu.dumtblqa.life/static/js/pages-index-index.c2312e26.js
IP 202.79.173.114:0
ASN #64050 BGPNET Global ASN
Analyzer Verdict Alert quad9 Sinkholed
GET /static/js/pages-index-index.c2312e26.js HTTP/1.1
Host: uu.dumtblqa.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uu.dumtblqa.life/?tt=1667937442
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 08 Nov 2022 19:53:58 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 02:45:28 GMT
vary: Accept-Encoding
etag: W/"63632b48-13e4"
expires: Wed, 09 Nov 2022 04:34:27 GMT
cache-control: max-age=43200
content-encoding: gzip
via: f09-13u
cdn-cache: HIT
X-Firefox-Spdy: h2
uu.dumtblqa.life/h5/web.php/index/showType
202.79.173.114200 OK 0 B URL HTTP/2 uu.dumtblqa.life/h5/web.php/index/showType
IP 202.79.173.114:0
ASN #64050 BGPNET Global ASN
Analyzer Verdict Alert quad9 Sinkholed
GET /h5/web.php/index/showType HTTP/1.1
Host: uu.dumtblqa.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://uu.dumtblqa.life/?tt=1667937442
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 08 Nov 2022 19:53:58 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, DELETE
access-control-allow-headers: x-requested-with, Referer,content-type,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Accept-Language, Origin, Accept-Encoding
content-encoding: gzip
via: f09-13u
cdn-cache: EXPIRED
X-Firefox-Spdy: h2
uu.dumtblqa.life/h5/web.php/index/type
202.79.173.114200 OK 0 B URL HTTP/2 uu.dumtblqa.life/h5/web.php/index/type
IP 202.79.173.114:0
ASN #64050 BGPNET Global ASN
Analyzer Verdict Alert quad9 Sinkholed
GET /h5/web.php/index/type HTTP/1.1
Host: uu.dumtblqa.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Connection: keep-alive
Referer: https://uu.dumtblqa.life/?tt=1667937442
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 08 Nov 2022 19:53:58 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, DELETE
access-control-allow-headers: x-requested-with, Referer,content-type,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Accept-Language, Origin, Accept-Encoding
content-encoding: gzip
via: f09-13u
cdn-cache: EXPIRED
X-Firefox-Spdy: h2
link.imgapp.top/images/62e372d723e4f48ec9831c4e.png
3.36.126.81302 Found 0 B URL HTTP/2 link.imgapp.top/images/62e372d723e4f48ec9831c4e.png
IP 3.36.126.81:0
GET /images/62e372d723e4f48ec9831c4e.png HTTP/1.1
Host: link.imgapp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uu.dumtblqa.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://tx2.a.yximgs.com/udata/music/music_a89c0a603d0047d39f24ab7a774628f10.jpg
cache-control: max-age=86400
X-Firefox-Spdy: h2
link.imgapp.top/images/62d5242999f6fb3f851b2388.gif
3.36.126.81302 Found 0 B URL HTTP/2 link.imgapp.top/images/62d5242999f6fb3f851b2388.gif
IP 3.36.126.81:0
GET /images/62d5242999f6fb3f851b2388.gif HTTP/1.1
Host: link.imgapp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uu.dumtblqa.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://ali2.a.yximgs.com/udata/music/music_d9d3f753af044a4680d3e538fb8d45190.jpg
cache-control: max-age=86400
X-Firefox-Spdy: h2
nba.tb2w8avl.club/common.php?val=daxiangjiao&t=0.44557503180366664?v=0005058022765239256
156.240.106.189200 OK 0 B URL HTTP/2 nba.tb2w8avl.club/common.php?val=daxiangjiao&t=0.44557503180366664?v=0005058022765239256
IP 156.240.106.189:0
ASN #140227 Hong Kong Communications International Co., Limited
GET /common.php?val=daxiangjiao&t=0.44557503180366664?v=0005058022765239256 HTTP/1.1
Host: nba.tb2w8avl.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.www-soundtaxi.com
Connection: keep-alive
Referer: http://www.www-soundtaxi.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 08 Nov 2022 19:57:20 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: POST,GET,OPTIONS,DELETE
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-Requested-with, Origin
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
link.imgapp.top/images/63368fc78360dffab4893ec2.gif
3.36.126.81302 Found 0 B URL HTTP/2 link.imgapp.top/images/63368fc78360dffab4893ec2.gif
IP 3.36.126.81:0
GET /images/63368fc78360dffab4893ec2.gif HTTP/1.1
Host: link.imgapp.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uu.dumtblqa.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
location: https://ali2.a.yximgs.com/udata/music/music_cea858b6d34f46b0ab703030e4423f110.jpg
cache-control: max-age=86400
X-Firefox-Spdy: h2
uu.dumtblqa.life/static/index.2772579d.css
202.79.173.114200 OK 0 B URL HTTP/2 uu.dumtblqa.life/static/index.2772579d.css
IP 202.79.173.114:0
ASN #64050 BGPNET Global ASN
Analyzer Verdict Alert quad9 Sinkholed
GET /static/index.2772579d.css HTTP/1.1
Host: uu.dumtblqa.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uu.dumtblqa.life/?tt=1667937442
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 08 Nov 2022 19:53:57 GMT
content-type: text/css
last-modified: Thu, 03 Nov 2022 02:45:28 GMT
vary: Accept-Encoding
etag: W/"63632b48-17031"
expires: Wed, 09 Nov 2022 04:34:25 GMT
cache-control: max-age=43200
content-encoding: gzip
via: f09-13u
cdn-cache: HIT
X-Firefox-Spdy: h2