r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 93f633ce30c038eb581544323c5a971e
2f60526cb750c6babccc207f75fb5a8ae6f7598b
0ff6df80a892199848fb943af78541b66efc09a7ab70d4b169906fdbac1eabf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FF6DF80A892199848FB943AF78541B66EFC09A7AB70D4B169906FDBAC1EABF8"
Last-Modified: Mon, 27 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17128
Expires: Tue, 28 Mar 2023 03:14:52 GMT
Date: Mon, 27 Mar 2023 22:29:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 911d74784325663a0d95b463b0e9ae9b
21e999229be584d8e42696bce71236ad5bcb9a25
f48cbe4d605e660a45267400e0add4f7bc7cd523c450376ecd8e3a7f094abf56
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F48CBE4D605E660A45267400E0ADD4F7BC7CD523C450376ECD8E3A7F094ABF56"
Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12152
Expires: Tue, 28 Mar 2023 01:51:56 GMT
Date: Mon, 27 Mar 2023 22:29:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5ad3eec59bebbf969f175627757507c1
b176af3a70db378c9e1f219bab24d9d446070d6f
704fa284035b4c9aa487331b516f5f11c324e204756ae2503bad2606ed34f25e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "704FA284035B4C9AA487331B516F5F11C324E204756AE2503BAD2606ED34F25E"
Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6746
Expires: Tue, 28 Mar 2023 00:21:50 GMT
Date: Mon, 27 Mar 2023 22:29:24 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4ad6984a756720fbfff47b37a75513a2
355e35258114452af8b9638985ed9d8ef3bf0aca
43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 27 Mar 2023 22:27:59 GMT
content-type: application/json
age: 85
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: QlArr5PUhzxmDpt9T0rWRNPZNAQvLn/IMByT8CK/9hqs/ysJo8SUbVNeeJT6uQid6KJcy6KmCl4=
x-amz-request-id: 97AFGQH6962GH04S
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 27 Mar 2023 22:01:48 GMT
age: 1656
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 22:29:24 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Content-Type, Cache-Control, Pragma, Alert, Last-Modified, Retry-After, Backoff, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 27 Mar 2023 22:17:24 GMT
age: 720
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.kuvjaboost.ml/
139.144.121.219301 Moved Permanently 229 B IP 139.144.121.219:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 1230a03c1254792fe357f76bf8e7224d
6a68c67e6a14d75e8f9c0a58fb5bacf8592c5277
fa3418142e78d7322516945be002a329bc1fe9635d15d687815939679a194a38
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET / HTTP/1.1
Host: www.kuvjaboost.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 27 Mar 2023 22:29:24 GMT
Server: Apache
Location: http://kuvjaboost.ml/
Content-Length: 229
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 76a0aba3ddb470751c690f5a725159f2
8cb789e8e0dfa336270700ef1e607173f2aee6cd
e76de476654125a06994065d66e30c6fb6c354d0f67fd4e31a3f78679e2bfdcb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E76DE476654125A06994065D66E30C6FB6C354D0F67FD4E31A3F78679E2BFDCB"
Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2897
Expires: Mon, 27 Mar 2023 23:17:41 GMT
Date: Mon, 27 Mar 2023 22:29:24 GMT
Connection: keep-alive
push.services.mozilla.com/
54.184.253.181101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.184.253.181:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: AnP3kssaHn2hBnBV2P3OQA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: gi3z9R1Dhaoiw7RtyOTMYUx69NY=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d2d4415f4eeb34e663d209eeddd8d25d
5d239718d7235d1f62e10d7d381c5a063e94c73a
cc35be0a21b7442cc2628ea8cd42023f81eb2deea66e5149a22776228b105213
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 22:29:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
demo.smartpanelsmm.com/assets/images/logo-white.png
104.21.71.24200 OK 9.5 kB URL HTTP/2 demo.smartpanelsmm.com/assets/images/logo-white.png
IP 104.21.71.24:0
File type PNG image data, 400 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash afee1b4948cd3b045ee51481ff7217a8
ed8c4be7a0b6d1e16fd14e4f4f7deaf657a1c050
21c161fa52e0eaef09859e3b2509cac92fcf2f97f7bb59ecb9d20554794c0cfb
GET /assets/images/logo-white.png HTTP/1.1
Host: demo.smartpanelsmm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kuvjaboost.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 27 Mar 2023 22:29:25 GMT
content-type: image/png
content-length: 9470
last-modified: Tue, 06 Aug 2019 16:03:51 GMT
etag: "24fe-58f74f875c7c0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2343
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kr3AAIIRqi2ZQdP1WYKpNxc8BYoDDnuXpIhD6ak5wRQ%2F62Ir2s%2F79UFSmPsftoMX%2FbijWwAKraX4UTgXuAWgELc9SCiXooYHld65Acf0pzTSGUQd69lwjgV2gng7sJ%2FrUrfPJO1fFtYZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7aeb12714ab1b524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:400,400i,700&display=swap&subset=latin-ext
142.250.74.74200 OK 1.2 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,400i,700&display=swap&subset=latin-ext
IP 142.250.74.74:0
Hash 5cdb257848c18dda84f2aa2f45c82374
cb9cc4c0dd17550c0750cde38740148d463d6522
1f3c5756d55fd129d594f230f873de8d64c6b073aab9d2a873f1aa8762a30b5d
GET /css?family=Open+Sans:400,400i,700&display=swap&subset=latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kuvjaboost.ml/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 27 Mar 2023 22:29:25 GMT
date: Mon, 27 Mar 2023 22:29:25 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
kuvjaboost.ml/
139.144.121.219200 OK 46 kB IP 139.144.121.219:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (540), with CRLF line terminators
Hash 0e176d74da00263a9bc952018ba76d90
f8ee349e974bace60a9d94cfe601a9dc0c335efa
a46e66a8f5df4291c52471ec308325f09e086a52cb4e6c37f4e36364721bc374
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET / HTTP/1.1
Host: kuvjaboost.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 22:29:24 GMT
Server: Apache
Expires: Sat, 01 Jan 2000 00:00:01 GMT
Cache-Control: post-check=0, pre-check=0, max-age=0
Pragma: no-cache
Set-Cookie: token=bf022bf12d93ee82a23eb2e08a6462dc; expires=Tue, 28-Mar-2023 00:29:24 GMT; Max-Age=7200; path=/
general_sessions=225b892ef7b0fca9fed2d81ee8c4cd015d976432; expires=Tue, 28-Mar-2023 22:29:24 GMT; Max-Age=86400; path=/; HttpOnly
Last-Modified: Mon, 27 Mar 2023 22:29:24 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ba50d379b2776214995c207b42c083a4
0f1b48c6d01ace326c49acf5bcac222f772e9f6a
6692886530b311f94ac3855df31c774feed6d5135dad4ac24921b6030fcbb8d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 22:29:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js
142.250.74.164200 OK 556 B URL HTTP/2 www.google.com/recaptcha/api.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (850), with no line terminators
Hash 96cdecb9778a09f65c6d23dff412fb67
c0364916c9d6a7eef2d01e5c9378e7d8acdb1faa
1a5b861d652f80c7ab9e4abb56eab3de9ccb5a019c2111888594aee405f1e45c
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kuvjaboost.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Mon, 27 Mar 2023 22:29:25 GMT
date: Mon, 27 Mar 2023 22:29:25 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 556
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
kuvjaboost.ml/themes/monoka/assets/css/swiper.css
139.144.121.219200 OK 23 kB URL HTTP/1.1 kuvjaboost.ml/themes/monoka/assets/css/swiper.css
IP 139.144.121.219:0
File type ASCII text, with very long lines (1468), with CRLF line terminators
Hash 158fe8ee4c54d955b9d94465e02e3f5e
556328f5df644743b18c0ce7ddf2ba6a1c52be91
d72edbe73263c19f648b42a61ed45cb085b3f6f22d2249151699d42641d092af
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /themes/monoka/assets/css/swiper.css HTTP/1.1
Host: kuvjaboost.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kuvjaboost.ml/
Cookie: token=bf022bf12d93ee82a23eb2e08a6462dc; general_sessions=225b892ef7b0fca9fed2d81ee8c4cd015d976432
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 22:29:25 GMT
Server: Apache
Last-Modified: Wed, 21 Jul 2021 03:43:54 GMT
Accept-Ranges: bytes
Content-Length: 22874
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
kuvjaboost.ml/themes/monoka/assets/css/monoka.css
139.144.121.219200 OK 32 kB URL HTTP/1.1 kuvjaboost.ml/themes/monoka/assets/css/monoka.css
IP 139.144.121.219:0
File type ASCII text, with CRLF line terminators
Hash 7bea27ac75a707d1796e7611d7b49834
b7aed0295570e3267c7919105ee520c33d191a56
e998efd69c023df9f01cba93e8b4d5460482ff89a52b5291bfda606b961cc130
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /themes/monoka/assets/css/monoka.css HTTP/1.1
Host: kuvjaboost.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kuvjaboost.ml/
Cookie: token=bf022bf12d93ee82a23eb2e08a6462dc; general_sessions=225b892ef7b0fca9fed2d81ee8c4cd015d976432
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 22:29:25 GMT
Server: Apache
Last-Modified: Wed, 21 Jul 2021 03:43:54 GMT
Accept-Ranges: bytes
Content-Length: 31551
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash eb2978f78249fa2030ff84708ab627b5
0003a93bc57234fba10c90bd0bd80c00d5a90884
b76d3066ba863b1aaf4f5f4fced0a48768bc34de818dc3494e89c045f41f5acf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 22:29:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kuvjaboost.ml/themes/monoka/assets/css/fontawesome-all.css
139.144.121.219200 OK 74 kB URL HTTP/1.1 kuvjaboost.ml/themes/monoka/assets/css/fontawesome-all.css
IP 139.144.121.219:0
File type ASCII text, with CRLF line terminators
Hash cfc6395fbf2fdd3f3f9b9288a82b0534
bbb1ec29a8a25febedf37a0c41d93f0b3f3c7132
fb2b8d6dcdb3b7378ce1f048404bdbc528635e46902aa1f05c60410fb7a5bdbd
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /themes/monoka/assets/css/fontawesome-all.css HTTP/1.1
Host: kuvjaboost.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kuvjaboost.ml/
Cookie: token=bf022bf12d93ee82a23eb2e08a6462dc; general_sessions=225b892ef7b0fca9fed2d81ee8c4cd015d976432
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 22:29:25 GMT
Server: Apache
Last-Modified: Wed, 21 Jul 2021 03:43:54 GMT
Accept-Ranges: bytes
Content-Length: 74513
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
kuvjaboost.ml/assets/plugins/aos/dist/aos.css
139.144.121.219200 OK 26 kB URL HTTP/1.1 kuvjaboost.ml/assets/plugins/aos/dist/aos.css
IP 139.144.121.219:0
File type ASCII text, with very long lines (26053), with no line terminators
Hash 847da8fca8060ca1a70f976aab1210b9
0557d37454b67f42f2cb101e57e5070fb1193570
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /assets/plugins/aos/dist/aos.css HTTP/1.1
Host: kuvjaboost.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kuvjaboost.ml/
Cookie: token=bf022bf12d93ee82a23eb2e08a6462dc; general_sessions=225b892ef7b0fca9fed2d81ee8c4cd015d976432
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 22:29:25 GMT
Server: Apache
Last-Modified: Sat, 07 Jul 2018 23:40:38 GMT
Accept-Ranges: bytes
Content-Length: 26053
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
kuvjaboost.ml/assets/js/vendors/jquery-3.2.1.min.js
139.144.121.219200 OK 87 kB URL HTTP/1.1 kuvjaboost.ml/assets/js/vendors/jquery-3.2.1.min.js
IP 139.144.121.219:0
File type ASCII text, with very long lines (32058), with CRLF line terminators
Hash 473957cfb255a781b42cb2af51d54a3b
67bdacbd077ee59f411109fd119ee9f58db15a5f
75b707d8761e2bfbd25fbd661f290a4f7fd11c48e1bf53a36dc6bd8a0034fa35
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /assets/js/vendors/jquery-3.2.1.min.js HTTP/1.1
Host: kuvjaboost.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kuvjaboost.ml/
Cookie: token=bf022bf12d93ee82a23eb2e08a6462dc; general_sessions=225b892ef7b0fca9fed2d81ee8c4cd015d976432
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 22:29:25 GMT
Server: Apache
Last-Modified: Wed, 21 Jul 2021 03:43:54 GMT
Accept-Ranges: bytes
Content-Length: 86663
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18378
Expires: Tue, 28 Mar 2023 03:35:44 GMT
Date: Mon, 27 Mar 2023 22:29:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18378
Expires: Tue, 28 Mar 2023 03:35:44 GMT
Date: Mon, 27 Mar 2023 22:29:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18378
Expires: Tue, 28 Mar 2023 03:35:44 GMT
Date: Mon, 27 Mar 2023 22:29:26 GMT
Connection: keep-alive
kuvjaboost.ml/themes/monoka/assets/css/bootstrap.css
139.144.121.219200 OK 202 kB URL HTTP/1.1 kuvjaboost.ml/themes/monoka/assets/css/bootstrap.css
IP 139.144.121.219:0
File type ASCII text, with very long lines (570), with CRLF line terminators
Size 202 kB (202385 bytes)
Hash c496036354fa5512674ddd744e845edb
d58a818dcf83b8416c93efaf9eb4b29c05af700a
784c7b82fabeb84334a38914062cbff8cc65eab1c7f4d43d5334415877bd9978
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /themes/monoka/assets/css/bootstrap.css HTTP/1.1
Host: kuvjaboost.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kuvjaboost.ml/
Cookie: token=bf022bf12d93ee82a23eb2e08a6462dc; general_sessions=225b892ef7b0fca9fed2d81ee8c4cd015d976432
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 22:29:25 GMT
Server: Apache
Last-Modified: Wed, 21 Jul 2021 03:43:54 GMT
Accept-Ranges: bytes
Content-Length: 202385
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash da174e6ccc9451c5071ba10eeb97f6f6
c38827a9ac1218768839877263e1f2984fbdc454
76da406c8ae8cd6ca8471928f3aec3876aed2c21bc10edc0fbdaef5c100c1030
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9859
x-amzn-requestid: 7571f483-0d57-4f3f-9d86-2f18175cc0b1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CRP5DG2BoAMFrdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641d2d06-400180d700df598366b8b16f;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 04:54:30 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 8LzPrLvhUnXntYPNCg_QN2LFUvQ-4FL4SMyYBxPOwlGd1sgL3j-Znw==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 b4085435efbe95a420f374958bd145be.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 21:50:10 GMT
age: 2356
etag: "c38827a9ac1218768839877263e1f2984fbdc454"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb43b8abf-1aec-420b-bc1c-ccfbe765332e.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb43b8abf-1aec-420b-bc1c-ccfbe765332e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ee9c83faa5fdb77ba988a41207800b0e
4ac4c600767de39c5134cb97f78fcb29a681ee18
9039f7232ada16ae6d8a447225a15ef949c705a6f9e7aa20b367d001cd88c94f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb43b8abf-1aec-420b-bc1c-ccfbe765332e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11894
x-amzn-requestid: 27689ac4-87c8-4c3b-bb2b-5577c82793c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Cdb7_EoHIAMFprQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64220d19-0c2e035d4465b1d458a996c9;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 21:39:37 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: vGkA0y2G3zApNzW9bdZ4TyUWXMGjIXNHHQKrD2T8767oA7qBnqKDqQ==
via: 1.1 ffc1e24c06bfbb135c0a4d240b382048.cloudfront.net (CloudFront), 1.1 49cdeca097624936e070b73619df7da8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 22:01:37 GMT
age: 1669
etag: "4ac4c600767de39c5134cb97f78fcb29a681ee18"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
kuvjaboost.ml/assets/js/core.js
139.144.121.219200 OK 1.5 kB URL HTTP/1.1 kuvjaboost.ml/assets/js/core.js
IP 139.144.121.219:0
File type ASCII text, with CRLF line terminators
Hash 076f801d5c65652c945227cf7621d93b
6d3f5817c18746e1043a8b0273405110759e67ef
1208f01c08a6cce2be3dad04dd182921c8d36b640590ad3f4646f593722fcb2d
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /assets/js/core.js HTTP/1.1
Host: kuvjaboost.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kuvjaboost.ml/
Cookie: token=bf022bf12d93ee82a23eb2e08a6462dc; general_sessions=225b892ef7b0fca9fed2d81ee8c4cd015d976432
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 22:29:26 GMT
Server: Apache
Last-Modified: Wed, 21 Jul 2021 03:43:54 GMT
Accept-Ranges: bytes
Content-Length: 1517
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53327ce0-8541-4bc8-bd51-59cee099b396.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53327ce0-8541-4bc8-bd51-59cee099b396.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1da68df9d96e2758e37b9f15daab027b
5ff19ed6dc5752aa4b15fb88da972b736fd55783
ad924425946dbdf309c764e7097e676185516301feb7722b30d95ffd50b4353f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53327ce0-8541-4bc8-bd51-59cee099b396.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7426
x-amzn-requestid: 85a30298-4613-4a96-bdba-0899fe9f9475
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CdcsgGZsoAMFQkw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64220e4f-10db431e7632048d7b15e0ec;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 21:44:47 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: VYUarzUegSCD6A4s7tUQ-0O1mjal3BAW7SiiXSpOnFEDd5-HHoA5Cw==
via: 1.1 f193acd25f2604e189bfbfaf539aaa06.cloudfront.net (CloudFront), 1.1 2e20768704c71ff3ce2e677251d27f3c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 21:55:21 GMT
age: 2045
etag: "5ff19ed6dc5752aa4b15fb88da972b736fd55783"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F178b294b-fb7e-4482-a48e-31bbcc320554.png
34.120.237.76200 OK 20 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F178b294b-fb7e-4482-a48e-31bbcc320554.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b3e093e7b5c12cfc2aee601f823ea47e
d76b3958471b2ed70a2b52f078ec638748fdb441
de4fc669195611c4ea6fe7d920482987aef077973b4973c01e2f362aeb18c2ea
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F178b294b-fb7e-4482-a48e-31bbcc320554.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 20349
x-amzn-requestid: 2de7d242-f277-42a6-9dc4-2fc98207a978
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CdbumFzOIAMF3hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64220cc3-5f20ad7b2216219138f7b557;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 21:38:11 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: pnby7LhwZDWxJHtyWBlI7l_AO8l-tjjTVHatiCKG2htZ4RQNQOZkgQ==
via: 1.1 88a7ff956a5b49ec3a35abfc0027af12.cloudfront.net (CloudFront), 1.1 34f8ef0e4c880df0650a814412a26ea6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 21:48:21 GMT
age: 2465
etag: "d76b3958471b2ed70a2b52f078ec638748fdb441"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8fbdd640-8a87-474c-a4d5-f25e31609f46.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8fbdd640-8a87-474c-a4d5-f25e31609f46.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5d389dd69e54e5d7b547a425f9b22ebf
604a65cfc5572c5da9d3fdea795be3942b8d14cb
5beda50c5f20633003e1f939673a6005eca314372e7f8fe0a1d4bb5702ae1712
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8fbdd640-8a87-474c-a4d5-f25e31609f46.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9501
x-amzn-requestid: 4c3f56b8-4d4f-4c4d-bd7c-faa15f6cec41
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CdbskGe9IAMFrkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64220cb6-41acd1d8310ca659548a3039;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 21:37:58 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: _Mg3EgvJrS5IsmBULM6xZJra0-VkJEEtYlO-RfcE-4eHlghhqU8vdg==
via: 1.1 17d76c2aee343249585a570f2d36d2ee.cloudfront.net (CloudFront), 1.1 c9b161639a9353c2354b895548ea9fca.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 22:06:36 GMT
age: 1370
etag: "604a65cfc5572c5da9d3fdea795be3942b8d14cb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b52cdb6-fba9-4cd0-86e0-0d86c6c552fe.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b52cdb6-fba9-4cd0-86e0-0d86c6c552fe.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4dd00d7589433a33096cb824062c9b58
818ffa87758531c2951e5aa7f8a38bb42422027e
a4e60c0761223cabbe504ed42301b31562603b4aa3fd57449b06668cb74f5645
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b52cdb6-fba9-4cd0-86e0-0d86c6c552fe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5753
x-amzn-requestid: 50e6db48-a3db-4370-be33-fe0167564b9d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CdbofEWhoAMFQkw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64220c9c-3245359e633022301b959458;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 21:37:32 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: zu3XEBObpyM8hpYDfqk8-CexBVYxyiJofRNJp1jSd4zBJwbGjFtyIQ==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 21:48:31 GMT
age: 2455
etag: "818ffa87758531c2951e5aa7f8a38bb42422027e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
kuvjaboost.ml/assets/js/vendors/jquery.sparkline.min.js
139.144.121.219200 OK 43 kB URL HTTP/1.1 kuvjaboost.ml/assets/js/vendors/jquery.sparkline.min.js
IP 139.144.121.219:0
File type ASCII text, with very long lines (32191), with CRLF line terminators
Hash 2c92aaf0ebc482cfa7a71d13b9a54626
3e30631742a224329f32705618eeface989c371b
f94661588ec3d97d1d008b490bbb41c7df8bc3ddbd5585846fe15060c0fb6d7d
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /assets/js/vendors/jquery.sparkline.min.js HTTP/1.1
Host: kuvjaboost.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kuvjaboost.ml/
Cookie: token=bf022bf12d93ee82a23eb2e08a6462dc; general_sessions=225b892ef7b0fca9fed2d81ee8c4cd015d976432
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 22:29:25 GMT
Server: Apache
Last-Modified: Wed, 21 Jul 2021 03:43:54 GMT
Accept-Ranges: bytes
Content-Length: 43150
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7927fa1bac0e5bcc27ed32b6b5107bd3
68da43f59df9c524940efc35f40e3599b9a1995b
f48f276b9dee3b509dd0554b8e660039fe61020bd793cbf9a0381d3e5f76ae59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 22:29:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7927fa1bac0e5bcc27ed32b6b5107bd3
68da43f59df9c524940efc35f40e3599b9a1995b
f48f276b9dee3b509dd0554b8e660039fe61020bd793cbf9a0381d3e5f76ae59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 22:29:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7927fa1bac0e5bcc27ed32b6b5107bd3
68da43f59df9c524940efc35f40e3599b9a1995b
f48f276b9dee3b509dd0554b8e660039fe61020bd793cbf9a0381d3e5f76ae59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 22:29:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kuvjaboost.ml/themes/monoka/assets/js/monoka.js
139.144.121.219200 OK 2.4 kB URL HTTP/1.1 kuvjaboost.ml/themes/monoka/assets/js/monoka.js
IP 139.144.121.219:0
File type ASCII text, with CRLF line terminators
Hash 19d09732b602a7606e9f7f48b1fa87ac
7d76fb9bf8a26f0dcca508bf854408fe850f0565
ae96a5ca07e862076dc3c3cbf26cc4ed39715729723d825c1e4bf57997d05070
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /themes/monoka/assets/js/monoka.js HTTP/1.1
Host: kuvjaboost.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kuvjaboost.ml/
Cookie: token=bf022bf12d93ee82a23eb2e08a6462dc; general_sessions=225b892ef7b0fca9fed2d81ee8c4cd015d976432
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 22:29:26 GMT
Server: Apache
Last-Modified: Wed, 21 Jul 2021 03:43:54 GMT
Accept-Ranges: bytes
Content-Length: 2385
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://kuvjaboost.ml
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:26:42 GMT
expires: Sat, 23 Mar 2024 10:26:42 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
age: 302564
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
216.58.207.227200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 17820, version 1.0\012- data
Hash 3d5107abaf7bf4df5478bd04625c0929
b04d394caabf6ea3e500b74781dc2bfd54f3c18d
9ad0a22b0c58240a7a92b4c01aa31f39a5918dea6a8fdfa77e63042abc4fca31
GET /s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://kuvjaboost.ml
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17820
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:26:41 GMT
expires: Sat, 23 Mar 2024 10:26:41 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:13:12 GMT
content-type: font/woff2
age: 302565
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7927fa1bac0e5bcc27ed32b6b5107bd3
68da43f59df9c524940efc35f40e3599b9a1995b
f48f276b9dee3b509dd0554b8e660039fe61020bd793cbf9a0381d3e5f76ae59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 22:29:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kuvjaboost.ml/assets/plugins/aos/dist/aos.js
139.144.121.219200 OK 14 kB URL HTTP/1.1 kuvjaboost.ml/assets/plugins/aos/dist/aos.js
IP 139.144.121.219:0
File type ASCII text, with very long lines (14243), with no line terminators
Hash a01f9089e8301e9eacfb9d029dc0ca5c
165152546121aaaf96c19418908cffe3630a2336
4460f1596174d06cca957fdaca2c71e1a377cf1d6f07ee4c75ffb3bf3fc97a03
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /assets/plugins/aos/dist/aos.js HTTP/1.1
Host: kuvjaboost.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kuvjaboost.ml/
Cookie: token=bf022bf12d93ee82a23eb2e08a6462dc; general_sessions=225b892ef7b0fca9fed2d81ee8c4cd015d976432
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 22:29:26 GMT
Server: Apache
Last-Modified: Sat, 07 Jul 2018 23:40:38 GMT
Accept-Ranges: bytes
Content-Length: 14243
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
kuvjaboost.ml/assets/js/process.js
139.144.121.219200 OK 6.1 kB URL HTTP/1.1 kuvjaboost.ml/assets/js/process.js
IP 139.144.121.219:0
File type ASCII text, with CRLF line terminators
Hash 0d93aa86f1c61e90bd17d42e19abbc5e
bfd81714fd54d29d0042be8091cf2d22106a578c
601f3dab2d29fc9a45a89c734bf38c41983b31854ac75cd0492f62f34f8e162c
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /assets/js/process.js HTTP/1.1
Host: kuvjaboost.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kuvjaboost.ml/
Cookie: token=bf022bf12d93ee82a23eb2e08a6462dc; general_sessions=225b892ef7b0fca9fed2d81ee8c4cd015d976432
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 22:29:26 GMT
Server: Apache
Last-Modified: Wed, 21 Jul 2021 03:43:54 GMT
Accept-Ranges: bytes
Content-Length: 6094
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
kuvjaboost.ml/assets/js/general.js
139.144.121.219200 OK 46 kB URL HTTP/1.1 kuvjaboost.ml/assets/js/general.js
IP 139.144.121.219:0
File type ASCII text, with CRLF line terminators
Hash 390767d3d7be8bb168850f6df0e95eab
0b20a199f1f638833cf32444412dfdb4da0aac72
802db3891ef74ca3c91ac0a3f43952689ae10ffb529cbcab75f3861c9982ae9b
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /assets/js/general.js HTTP/1.1
Host: kuvjaboost.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kuvjaboost.ml/
Cookie: token=bf022bf12d93ee82a23eb2e08a6462dc; general_sessions=225b892ef7b0fca9fed2d81ee8c4cd015d976432
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 22:29:26 GMT
Server: Apache
Last-Modified: Wed, 21 Jul 2021 03:43:54 GMT
Accept-Ranges: bytes
Content-Length: 46100
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
kuvjaboost.ml/themes/monoka/assets/images/fb.png
139.144.121.219200 OK 3.4 kB URL HTTP/1.1 kuvjaboost.ml/themes/monoka/assets/images/fb.png
IP 139.144.121.219:0
File type PNG image data, 116 x 117, 8-bit/color RGBA, non-interlaced\012- data
Hash 8c2baf018b153fe69625721ad3527e65
6c3642dc529325940d3593506ed70da608201140
ba419a77aee09b1217038fbcf88c93179f6a91c7cd76380e11422824d416ff36
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /themes/monoka/assets/images/fb.png HTTP/1.1
Host: kuvjaboost.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kuvjaboost.ml/
Cookie: token=bf022bf12d93ee82a23eb2e08a6462dc; general_sessions=225b892ef7b0fca9fed2d81ee8c4cd015d976432
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 22:29:26 GMT
Server: Apache
Last-Modified: Wed, 21 Jul 2021 03:43:54 GMT
Accept-Ranges: bytes
Content-Length: 3366
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
kuvjaboost.ml/themes/monoka/assets/js/swiper.min.js
139.144.121.219200 OK 126 kB URL HTTP/1.1 kuvjaboost.ml/themes/monoka/assets/js/swiper.min.js
IP 139.144.121.219:0
File type ASCII text, with very long lines (65259), with CRLF line terminators
Size 126 kB (125630 bytes)
Hash d7710cf2451508d902a4d158cf049858
0b875ea1b34ca675dde6846a57c45de56d78d9fc
9ac6de41541a4e6dbde576f8f531f8144c85657d037286b319a865d1ec6b65e8
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /themes/monoka/assets/js/swiper.min.js HTTP/1.1
Host: kuvjaboost.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kuvjaboost.ml/
Cookie: token=bf022bf12d93ee82a23eb2e08a6462dc; general_sessions=225b892ef7b0fca9fed2d81ee8c4cd015d976432
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 22:29:26 GMT
Server: Apache
Last-Modified: Wed, 21 Jul 2021 03:43:54 GMT
Accept-Ranges: bytes
Content-Length: 125630
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
kuvjaboost.ml/themes/monoka/assets/webfonts/fa-regular-400.woff2
139.144.121.219200 OK 14 kB URL HTTP/1.1 kuvjaboost.ml/themes/monoka/assets/webfonts/fa-regular-400.woff2
IP 139.144.121.219:0
File type Web Open Font Format (Version 2), TrueType, length 13596, version 330.15794\012- data
Hash bd52a727b5449dc3f8195b72c9c58341
9cd2abb4e9dce5fb3f54182ed06216c82ce76019
d04d1dc6d82e0f31815b0b045bf396bc479b9d1669e66d872f632cc852732120
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /themes/monoka/assets/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: kuvjaboost.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://kuvjaboost.ml/themes/monoka/assets/css/fontawesome-all.css
Cookie: token=bf022bf12d93ee82a23eb2e08a6462dc; general_sessions=225b892ef7b0fca9fed2d81ee8c4cd015d976432
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 22:29:26 GMT
Server: Apache
Last-Modified: Wed, 21 Jul 2021 03:43:59 GMT
Accept-Ranges: bytes
Content-Length: 13596
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: font/woff2
kuvjaboost.ml/themes/monoka/assets/images/ig.png
139.144.121.219200 OK 7.9 kB URL HTTP/1.1 kuvjaboost.ml/themes/monoka/assets/images/ig.png
IP 139.144.121.219:0
File type PNG image data, 116 x 117, 8-bit/color RGBA, non-interlaced\012- data
Hash 0f9721bf1e1565bdfc8f236bfe805383
8371e1a2712480621d07a701cd79c833d4f62e10
f339c6d9713097f7d67338dc1816504030b14aa48e4ad41687a4ef7043dd830c
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /themes/monoka/assets/images/ig.png HTTP/1.1
Host: kuvjaboost.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kuvjaboost.ml/
Cookie: token=bf022bf12d93ee82a23eb2e08a6462dc; general_sessions=225b892ef7b0fca9fed2d81ee8c4cd015d976432
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 22:29:26 GMT
Server: Apache
Last-Modified: Wed, 21 Jul 2021 03:43:54 GMT
Accept-Ranges: bytes
Content-Length: 7902
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
kuvjaboost.ml/themes/monoka/assets/images/yt.png
139.144.121.219200 OK 4.5 kB URL HTTP/1.1 kuvjaboost.ml/themes/monoka/assets/images/yt.png
IP 139.144.121.219:0
File type PNG image data, 116 x 117, 8-bit/color RGBA, non-interlaced\012- data
Hash 64587e27fb668e5750a3127e44c89344
b7611506577331a9d6f7864750fe2837656ce491
1d0ffecdb7d5774def96ba9421acf6bb93de002e8f105a7188cfc36ad94f7b4c
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /themes/monoka/assets/images/yt.png HTTP/1.1
Host: kuvjaboost.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kuvjaboost.ml/
Cookie: token=bf022bf12d93ee82a23eb2e08a6462dc; general_sessions=225b892ef7b0fca9fed2d81ee8c4cd015d976432
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 22:29:26 GMT
Server: Apache
Last-Modified: Wed, 21 Jul 2021 03:43:54 GMT
Accept-Ranges: bytes
Content-Length: 4480
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
kuvjaboost.ml/themes/monoka/assets/images/in.png
139.144.121.219200 OK 3.9 kB URL HTTP/1.1 kuvjaboost.ml/themes/monoka/assets/images/in.png
IP 139.144.121.219:0
File type PNG image data, 116 x 117, 8-bit/color RGBA, non-interlaced\012- data
Hash a25786812ec1f2283711e0ea884f7df7
e5c68e064b643ffbacca696fde848c8e7ac761b4
b83d6889b56d935ca4ba2bb8645e85822670705a305ccdf691691518e0006488
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /themes/monoka/assets/images/in.png HTTP/1.1
Host: kuvjaboost.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kuvjaboost.ml/
Cookie: token=bf022bf12d93ee82a23eb2e08a6462dc; general_sessions=225b892ef7b0fca9fed2d81ee8c4cd015d976432
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 22:29:26 GMT
Server: Apache
Last-Modified: Wed, 21 Jul 2021 03:43:54 GMT
Accept-Ranges: bytes
Content-Length: 3921
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
kuvjaboost.ml/themes/monoka/assets/images/tw.png
139.144.121.219200 OK 4.5 kB URL HTTP/1.1 kuvjaboost.ml/themes/monoka/assets/images/tw.png
IP 139.144.121.219:0
File type PNG image data, 116 x 117, 8-bit/color RGBA, non-interlaced\012- data
Hash 00c3b93859eb2a82f4cfcefa55fab366
67201865245a8f6350e4c7e2e7ba278166f584f5
4c4b904536751058f2f8a93fa75a6acb4dd355ba7e9def8a8022264e418784b2
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /themes/monoka/assets/images/tw.png HTTP/1.1
Host: kuvjaboost.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kuvjaboost.ml/
Cookie: token=bf022bf12d93ee82a23eb2e08a6462dc; general_sessions=225b892ef7b0fca9fed2d81ee8c4cd015d976432
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 22:29:26 GMT
Server: Apache
Last-Modified: Wed, 21 Jul 2021 03:43:54 GMT
Accept-Ranges: bytes
Content-Length: 4487
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
kuvjaboost.ml/themes/monoka/assets/images/delivering.png
139.144.121.219200 OK 12 kB URL HTTP/1.1 kuvjaboost.ml/themes/monoka/assets/images/delivering.png
IP 139.144.121.219:0
File type PNG image data, 178 x 130, 8-bit/color RGBA, non-interlaced\012- data
Hash b7e01db1fd2c881c96a1b59c71c9b918
cd9c0842726aee8ead9f9310ef1b7453c591b254
a8d5e94b4b7ab1322af5c516f6d9415444ab3dc48b7aaa2789cb289b25bf2d08
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /themes/monoka/assets/images/delivering.png HTTP/1.1
Host: kuvjaboost.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kuvjaboost.ml/
Cookie: token=bf022bf12d93ee82a23eb2e08a6462dc; general_sessions=225b892ef7b0fca9fed2d81ee8c4cd015d976432
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 22:29:26 GMT
Server: Apache
Last-Modified: Wed, 21 Jul 2021 03:43:54 GMT
Accept-Ranges: bytes
Content-Length: 12457
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
kuvjaboost.ml/themes/monoka/assets/images/prices.png
139.144.121.219200 OK 9.9 kB URL HTTP/1.1 kuvjaboost.ml/themes/monoka/assets/images/prices.png
IP 139.144.121.219:0
File type PNG image data, 177 x 129, 8-bit/color RGBA, non-interlaced\012- data
Hash ce293da52991c966235cc9808f5720f3
ab4d19c66c1e70ff159d61cfceed04f11b7cb372
dd853a422096fac89544ed670e88a6afaedc486cdb70e6ff8a8b30a58b4ad828
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /themes/monoka/assets/images/prices.png HTTP/1.1
Host: kuvjaboost.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kuvjaboost.ml/
Cookie: token=bf022bf12d93ee82a23eb2e08a6462dc; general_sessions=225b892ef7b0fca9fed2d81ee8c4cd015d976432
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 22:29:26 GMT
Server: Apache
Last-Modified: Wed, 21 Jul 2021 03:43:54 GMT
Accept-Ranges: bytes
Content-Length: 9943
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
kuvjaboost.ml/themes/monoka/assets/images/presentation-2.png
139.144.121.219200 OK 47 kB URL HTTP/1.1 kuvjaboost.ml/themes/monoka/assets/images/presentation-2.png
IP 139.144.121.219:0
File type PNG image data, 600 x 430, 8-bit/color RGBA, non-interlaced\012- data
Hash 4f641635fccea60a49724e058a15add3
6749cecc9bc139abbb40b1e35c592d7ee74f128d
a268492151608a9a21b2c19c92f4f766bb8e90f43baf35c9cf6a8109a109654f
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /themes/monoka/assets/images/presentation-2.png HTTP/1.1
Host: kuvjaboost.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kuvjaboost.ml/
Cookie: token=bf022bf12d93ee82a23eb2e08a6462dc; general_sessions=225b892ef7b0fca9fed2d81ee8c4cd015d976432
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 22:29:26 GMT
Server: Apache
Last-Modified: Wed, 21 Jul 2021 03:43:54 GMT
Accept-Ranges: bytes
Content-Length: 47276
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
kuvjaboost.ml/themes/monoka/assets/images/sc.png
139.144.121.219200 OK 6.1 kB URL HTTP/1.1 kuvjaboost.ml/themes/monoka/assets/images/sc.png
IP 139.144.121.219:0
File type PNG image data, 116 x 117, 8-bit/color RGBA, non-interlaced\012- data
Hash f01f2b1c39e9e210f4ff860e9e1685d0
eacf3b402dc3a16ecd805ec4bef5013f02f58aa5
49316ff9376de7d72c081d820536ce3f341a765731e44ac4152d90bfdadc448c
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /themes/monoka/assets/images/sc.png HTTP/1.1
Host: kuvjaboost.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kuvjaboost.ml/
Cookie: token=bf022bf12d93ee82a23eb2e08a6462dc; general_sessions=225b892ef7b0fca9fed2d81ee8c4cd015d976432
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 22:29:26 GMT
Server: Apache
Last-Modified: Wed, 21 Jul 2021 03:43:54 GMT
Accept-Ranges: bytes
Content-Length: 6083
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
kuvjaboost.ml/themes/monoka/assets/images/support247.png
139.144.121.219200 OK 13 kB URL HTTP/1.1 kuvjaboost.ml/themes/monoka/assets/images/support247.png
IP 139.144.121.219:0
File type PNG image data, 177 x 132, 8-bit/color RGBA, non-interlaced\012- data
Hash 9a8bd7abd2b3df3aac78d34f9e7e7c82
30e1b3aadb361c41af4e668e09241111f3505f4b
1da54e7674f807280c9f6db342e7cf0c4e966b2df029689f92bc7f8b5146346b
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /themes/monoka/assets/images/support247.png HTTP/1.1
Host: kuvjaboost.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kuvjaboost.ml/
Cookie: token=bf022bf12d93ee82a23eb2e08a6462dc; general_sessions=225b892ef7b0fca9fed2d81ee8c4cd015d976432
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 22:29:26 GMT
Server: Apache
Last-Modified: Wed, 21 Jul 2021 03:43:54 GMT
Accept-Ranges: bytes
Content-Length: 13408
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
kuvjaboost.ml/themes/monoka/assets/images/testimonial-1.jpg
139.144.121.219200 OK 6.9 kB URL HTTP/1.1 kuvjaboost.ml/themes/monoka/assets/images/testimonial-1.jpg
IP 139.144.121.219:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Hash e43140a0279d3c52802ec351188c5998
cf9c4c69764afe134a2e588b28c530b2da4052f7
ad6c7d48950922bb63f22161c4a4cef3924c2fe2e2bc4851c3e24bdd9c69c283
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /themes/monoka/assets/images/testimonial-1.jpg HTTP/1.1
Host: kuvjaboost.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kuvjaboost.ml/
Cookie: token=bf022bf12d93ee82a23eb2e08a6462dc; general_sessions=225b892ef7b0fca9fed2d81ee8c4cd015d976432
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 22:29:26 GMT
Server: Apache
Last-Modified: Wed, 21 Jul 2021 03:43:54 GMT
Accept-Ranges: bytes
Content-Length: 6925
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
kuvjaboost.ml/themes/monoka/assets/images/testimonial-2.jpg
139.144.121.219200 OK 5.1 kB URL HTTP/1.1 kuvjaboost.ml/themes/monoka/assets/images/testimonial-2.jpg
IP 139.144.121.219:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 128x128, components 1\012- data
Hash 6dc0bd9d6711535437189f3ed8b765c6
b58868b40741ccc76310fef9833fd45efd7666bb
fff1ebe9b4900843110fa2ba88ae17a57ba80c7b317b712f421993da242f41d7
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /themes/monoka/assets/images/testimonial-2.jpg HTTP/1.1
Host: kuvjaboost.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kuvjaboost.ml/
Cookie: token=bf022bf12d93ee82a23eb2e08a6462dc; general_sessions=225b892ef7b0fca9fed2d81ee8c4cd015d976432
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 22:29:26 GMT
Server: Apache
Last-Modified: Wed, 21 Jul 2021 03:43:54 GMT
Accept-Ranges: bytes
Content-Length: 5109
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
kuvjaboost.ml/themes/monoka/assets/images/testimonial-3.jpg
139.144.121.219200 OK 5.1 kB URL HTTP/1.1 kuvjaboost.ml/themes/monoka/assets/images/testimonial-3.jpg
IP 139.144.121.219:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Hash 9aa68873f061101e87f65e77ec1a5e34
6d42cf54ead645ba692e9df9081665a33752b0be
e0db456f0b05cb12a63f68e4bb3c4280ed46b3c3d23924fc2613aa3965b972b0
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /themes/monoka/assets/images/testimonial-3.jpg HTTP/1.1
Host: kuvjaboost.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kuvjaboost.ml/
Cookie: token=bf022bf12d93ee82a23eb2e08a6462dc; general_sessions=225b892ef7b0fca9fed2d81ee8c4cd015d976432
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 22:29:26 GMT
Server: Apache
Last-Modified: Wed, 21 Jul 2021 03:43:54 GMT
Accept-Ranges: bytes
Content-Length: 5107
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/recaptcha__en.js
142.250.74.67200 OK 166 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/recaptcha__en.js
IP 142.250.74.67:0
File type HTML document, ASCII text, with very long lines (597)
Size 166 kB (166058 bytes)
Hash 4043af37a3392a9db521ff9ab62d9608
83828688e7a2259ed2f77345851a16122383b422
ee076822f35390ee382cda71759a2eec8f4db2bc18e4e3acd586173c29dab321
GET /recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://kuvjaboost.ml
Connection: keep-alive
Referer: http://kuvjaboost.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166058
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 27 Mar 2023 11:09:56 GMT
expires: Tue, 26 Mar 2024 11:09:56 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 20 Mar 2023 04:02:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 40771
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
kuvjaboost.ml/themes/monoka/assets/images/subscriber_bg.png
139.144.121.219200 OK 184 kB URL HTTP/1.1 kuvjaboost.ml/themes/monoka/assets/images/subscriber_bg.png
IP 139.144.121.219:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x1080, components 3\012- data
Size 184 kB (183765 bytes)
Hash 069923e839bc84a2afd4fcf448342658
46f6d7dcb0ebd573f9721c67588838373348ff21
19b9a1924b764df1ad7a1ceb63fa215f10f494df310d6418618ad93e36067ca7
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /themes/monoka/assets/images/subscriber_bg.png HTTP/1.1
Host: kuvjaboost.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kuvjaboost.ml/themes/monoka/assets/css/monoka.css
Cookie: token=bf022bf12d93ee82a23eb2e08a6462dc; general_sessions=225b892ef7b0fca9fed2d81ee8c4cd015d976432
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 22:29:26 GMT
Server: Apache
Last-Modified: Wed, 21 Jul 2021 03:43:54 GMT
Accept-Ranges: bytes
Content-Length: 183765
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72713d4b-dac7-4d4c-bfff-c16bd305c5b1.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72713d4b-dac7-4d4c-bfff-c16bd305c5b1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 15e37de1dba62187e1e5f012145813f3
cfe8cd953330252e15594f403e2f38ec56acdfd7
89bf7dbcf5a7fca006545f001b47de0ab6f94014de4bd4c519f6050e6daa5aa0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72713d4b-dac7-4d4c-bfff-c16bd305c5b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6542
x-amzn-requestid: 1106a670-cf68-4e3d-b5af-3013407acc5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CdbsjGAaoAMF5GQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64220cb6-726c7ba02ddb31182834d82d;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 21:37:58 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: TTkQTse69m-F42cDPL9Ekonn48FG74B_3jFCpvBEa7au89m0_JE3og==
via: 1.1 8ead054384c1626556ee4410cad35692.cloudfront.net (CloudFront), 1.1 536063cb28bfc05fcb7a78183dd89b72.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 22:06:45 GMT
age: 1367
etag: "cfe8cd953330252e15594f403e2f38ec56acdfd7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
kuvjaboost.ml/assets/js/vendors/bootstrap.bundle.min.js
139.144.121.219200 OK 0 B URL HTTP/1.1 kuvjaboost.ml/assets/js/vendors/bootstrap.bundle.min.js
IP 139.144.121.219:0
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /assets/js/vendors/bootstrap.bundle.min.js HTTP/1.1
Host: kuvjaboost.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kuvjaboost.ml/
Cookie: token=bf022bf12d93ee82a23eb2e08a6462dc; general_sessions=225b892ef7b0fca9fed2d81ee8c4cd015d976432
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 22:29:25 GMT
Server: Apache
Last-Modified: Wed, 21 Jul 2021 03:43:54 GMT
Accept-Ranges: bytes
Content-Length: 69225
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript