r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7e05c8461bd2dc5a149f71e2c465ea29
705983959c887e243cb55a8a1796757b579ee977
4d9ea085d5dda9dabed11af9847c2b0aa6182358673b356a4e2bd631e22a9922
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D9EA085D5DDA9DABED11AF9847C2B0AA6182358673B356A4E2BD631E22A9922"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12885
Expires: Thu, 02 Feb 2023 05:37:36 GMT
Date: Thu, 02 Feb 2023 02:02:51 GMT
Connection: keep-alive
idoc-pub.programaspc.net/
104.21.73.21200 OK 48 kB URL HTTP/1.1 idoc-pub.programaspc.net/
IP 104.21.73.21:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (40843)
Hash eab72cf63c03bd20beb09b6db7dc575d
9618b0d008249d1c612660d7a7c8b133e256f6b2
1064404cf95a73fab41a7d96aaa2d0b87457f291c0affd39d7f8edfcb5db6acf
NIDS Severity Alert suricata low ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1
suricata low ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M2
suricata low ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M3
GET / HTTP/1.1
Host: idoc-pub.programaspc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 02:02:51 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: view=1; expires=Fri, 03-Feb-2023 02:02:51 GMT; Max-Age=86400
PHPSESSID=qe2m61u1opdvc24esh2eqmkhtm; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2LvdtNJeNE2sFOW9bPU92a7HUEB0wIPMQQMc%2BRJWnyXCcz5GI2izoyQgWyEagi%2BmoYMNS00NPfb1Q6r1bXz%2BSL5XCLAGXMLtY2uxEiplghijGSg%2Fe9tzYi%2Fv93cPYLuMnsw8NaL6VDYfpP0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 792f58d52df20b55-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11819
Expires: Thu, 02 Feb 2023 05:19:50 GMT
Date: Thu, 02 Feb 2023 02:02:51 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 02 Feb 2023 01:43:27 GMT
content-type: application/json
age: 1164
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7016
Expires: Thu, 02 Feb 2023 03:59:47 GMT
Date: Thu, 02 Feb 2023 02:02:51 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ErlmOBSa4KvmMVaayns1GW359NQM/er3sN8uDuzX5YPuLzrg7j0Vhi6haG9BM/+BH4L6s6L+keU=
x-amz-request-id: A05MSDXKY3K2ZNTW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 02 Feb 2023 01:51:47 GMT
age: 664
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:02:51 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
idoc-pub.programaspc.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
104.21.73.21200 OK 655 B URL HTTP/1.1 idoc-pub.programaspc.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 104.21.73.21:0
File type HTML document, ASCII text, with very long lines (1238)
Hash bc3ba461c8a309acf61b6d9c41cb6236
88482306ecc9258d5e9cbb9ba5314dab223a5db4
31331f1b1519882d2f2fb60367708fd56a7a1ec0bddd0554c635547179c7dc8f
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: idoc-pub.programaspc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
Cookie: view=1; PHPSESSID=qe2m61u1opdvc24esh2eqmkhtm
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 02:02:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 30 Jan 2023 14:59:41 GMT
ETag: W/"63d7db5d-4d7"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UxBN5qxcc%2BXEVWV5g%2FoqxkF5wJIxAc5AhO91r6mAKAz5DQ3TxNkoyO21qF97d%2BBwOMpKOiL%2FWj6dAInHHXleYCRIXOR4JrxNeacuJHdL1r2w4i7k6OrwAXbpgp6Pk4dUvqW7gY8GH1JfjjM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792f58d7dea70b55-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Sat, 04 Feb 2023 02:02:51 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip
glimtors.net/ntfc.php?p=4717370
139.45.197.251200 OK 5.9 kB URL HTTP/1.1 glimtors.net/ntfc.php?p=4717370
IP 139.45.197.251:0
File type C source, ASCII text, with very long lines (14324), with no line terminators
Hash b5f1ce6ad306807085d94576e1bae02a
dbd684ea5d4bf1b6126f1b7139bf6308d1fe28f8
65423936450d3e2794f6ad502f4ba8bd8975032b2a653e5af35f6381cead90b1
GET /ntfc.php?p=4717370 HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 02:02:51 GMT
Content-Type: application/javascript
Last-Modified: Fri, 27 Jan 2023 11:03:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63d3af98-37f4"
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Pragma: no-cache
Content-Encoding: gzip
benumelan.com/1?z=4724958
139.45.197.239200 OK 7.0 kB URL HTTP/1.1 benumelan.com/1?z=4724958
IP 139.45.197.239:0
File type ASCII text, with very long lines (17093)
Hash 6f0f5dca5c47b4c46e7049b2aeda5f51
57d938e967eb4778dac82ad36f19bf8419d3e565
656268d2754de53ad67b199d695763d7e4148c142cd811b293f797c0f9472bb3
Analyzer Verdict Alert quad9 Sinkholed
GET /1?z=4724958 HTTP/1.1
Host: benumelan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 02:02:51 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin:
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
X-Trace-Id: a669dfd5e8d228d197e2e2fd72d7f53f
Access-Control-Expose-Headers: X-Sc
X-Sc: INxWjrNNwvzVlBlUtKdfvboukmE0qz-mpJPGwkAEvIneVQuF-3b4HJo1RqPWTeib4ziI4u74Hecd9n2cK3p3KG4OCFA=
Set-Cookie: scm=1; expires=Fri, 02 Feb 2024 02:02:51 GMT; secure; SameSite=None
OAID=50a2cb28f51149629522b103f3cab5e2; expires=Fri, 02 Feb 2024 02:02:51 GMT; secure; SameSite=None
oaidts=1675303371; expires=Fri, 02 Feb 2024 02:02:51 GMT; secure; SameSite=None
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 2751084b42dd111d0a7f28241a77201b
680a9ac2f4cf451c9a8449c4df3587595ed9cc4c
1c68a770afbcdb5405fe330f2eabefa576ea1d08740719956083d7f6b490ccf8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 02:02:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
benumelan.com/5/4724942
139.45.197.239200 OK 24 kB IP 139.45.197.239:0
File type ASCII text, with very long lines (64242), with no line terminators
Hash 6612e2c0e68e9d73fa5e420742ee014e
a2a219b84977e881994a56ee0e4da1609404cd5f
6c6b9249b779dcb029cb18b241221cf07c3df8974e9bcfd7b1ab6e8490c90c5f
Analyzer Verdict Alert quad9 Sinkholed
GET /5/4724942 HTTP/1.1
Host: benumelan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 02:02:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 8fbd540afc850d8c4152d7b107a379c6
Link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Set-Cookie: OAID=276e693cc19f4e0a96aa064e94c50176; expires=Fri, 02 Feb 2024 02:02:51 GMT; path=/
oaidts=1675303371; expires=Fri, 02 Feb 2024 02:02:51 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Pragma: no-cache, no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
Content-Encoding: gzip
www.googletagmanager.com/gtag/js?id=UA-144860406-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-144860406-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1759)
Hash 6736db62e48097f0582709b10c10a1ce
c6c22c1c966bc1c0519b304e3251b9ac7a1d10ed
ada490c61cef16f4e4fb3197bb94dd1ff7749843bdfbd5c830e1b97421aded51
GET /gtag/js?id=UA-144860406-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 02 Feb 2023 02:02:51 GMT
expires: Thu, 02 Feb 2023 02:02:51 GMT
cache-control: private, max-age=900
last-modified: Thu, 02 Feb 2023 00:50:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43952
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
idoc-pub.programaspc.net/static/javascripts/popper.min.js
104.21.73.21200 OK 7.8 kB URL HTTP/2 idoc-pub.programaspc.net/static/javascripts/popper.min.js
IP 104.21.73.21:0
File type ASCII text, with very long lines (20141)
Hash 06bfec9deb3610742118a785feacb7e4
7e74738b07813638f921d4b57799b5f85b178985
c0658609c147b674ea9aacfa3c20a649b0e509909b435597ee65775c11892755
GET /static/javascripts/popper.min.js HTTP/1.1
Host: idoc-pub.programaspc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 02:02:51 GMT
content-type: text/javascript;charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: view=1; expires=Fri, 03-Feb-2023 02:02:51 GMT; Max-Age=86400
PHPSESSID=7jn7g4di8jtcgg6ctv150aqphq; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jmjW9WwaR0MJHIXQZuKG5YVUx7G2m3AnSFfUYUK0DczbSWfKlkKqgo4TZsNuTqdK681%2F2GrXFOf2bvq84SKct565%2FM4Qf6ie%2Ffm%2BGHFC1tRzKQ5X8Vo8Vxf%2FC3qMmOUYYWcfuWh0P%2FUgj1o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792f58d80a790b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
idoc-pub.programaspc.net/img/crop/300x300/6klzyx6z0yng.jpg
104.21.73.21200 OK 19 kB URL HTTP/2 idoc-pub.programaspc.net/img/crop/300x300/6klzyx6z0yng.jpg
IP 104.21.73.21:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 390x390, components 3\012- data
Hash 3fa0482e9abe9bbf116fde6c6998d39b
8bb8fe37a3473619932c8801798b4eae066ed012
ebbcbcbdfd8e6d434f38b69e64220c076f87f8694169af4234114d5bbc7c0298
GET /img/crop/300x300/6klzyx6z0yng.jpg HTTP/1.1
Host: idoc-pub.programaspc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 02:02:51 GMT
content-type: image/jpeg
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: view=1; expires=Fri, 03-Feb-2023 02:02:51 GMT; Max-Age=86400
PHPSESSID=69ao531pg1q2u00r7j9rmv49aq; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ahIjC5FFOenIY7AlKioH0C7GAUDuHEH8XuhVOQXN8Z6E5FeKZQzHYc13gHRKq62bwQdCd5smPjcUwGG2xAWHqgDbdFQaMz0f2VjBNYFP1gZ4jdKVKXyR2vniNPmdaoNYH31nOimsFmxRVYk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792f58d80a810b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11181
Expires: Thu, 02 Feb 2023 05:09:13 GMT
Date: Thu, 02 Feb 2023 02:02:52 GMT
Connection: keep-alive
heartilyscales.com/87/6b/74/876b74812be8762e152c61679c29a3f5.js
192.243.59.20200 OK 13 kB URL HTTP/1.1 heartilyscales.com/87/6b/74/876b74812be8762e152c61679c29a3f5.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37168), with no line terminators
Hash 5b5077573ddc8ccaa50b91777f905159
ec27fa5537a6d7a59fcb63a0e88c4c73ad624d0d
9459587f2fe9c004b9387b9b2dc71b2e1bbaab46fd5f55c6a8adc4cd827caab2
Analyzer Verdict Alert quad9 Sinkholed
GET /87/6b/74/876b74812be8762e152c61679c29a3f5.js HTTP/1.1
Host: heartilyscales.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 02 Feb 2023 02:02:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 573dbfce0112d37a1c3dcfc565479be7
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
use.fontawesome.com/releases/v5.8.1/webfonts/fa-regular-400.woff2
172.64.132.15200 OK 14 kB URL HTTP/2 use.fontawesome.com/releases/v5.8.1/webfonts/fa-regular-400.woff2
IP 172.64.132.15:0
File type Web Open Font Format (Version 2), TrueType, length 13552, version 329.-17761\012- data
Hash e6257a726a0cf6ec8c6fec22821c055f
8583a4f0dd12e15a48b3395593307a84d971cc33
ccf4db1eeb68c96e05e74f8ebfa75cc60c3a0fed862dae6b0ad85d4e1b5b4e4f
GET /releases/v5.8.1/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://idoc-pub.programaspc.net
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 02:02:52 GMT
content-type: font/woff2
content-length: 13552
x-amz-id-2: pULYmR8t5Chx+zVS8rNUP/LpyVuXjlmE3nQPwHC/R4vUICUOXGfbFqai+WhAdCzrlrMwBpopu7o=
x-amz-request-id: M806X5CZ7MZD5N87
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:47:00 GMT
etag: "e6257a726a0cf6ec8c6fec22821c055f"
cache-control: max-age=31556926
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QnanPorg2aSRuIQ1XKTXyQK73p7A8wjRITixKO503sfF4obkyICpJakvxlNUZ4Ea8i9pofRkbo3dbPfgOz2%2FEpmzo%2BIHeZztRoYWxbex95rsWqziOpExFQ0729nyUPF7XbY76agS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792f58db5fa17708-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.8.1/webfonts/fa-solid-900.woff2
172.64.132.15200 OK 74 kB URL HTTP/2 use.fontawesome.com/releases/v5.8.1/webfonts/fa-solid-900.woff2
IP 172.64.132.15:0
File type Web Open Font Format (Version 2), TrueType, length 74256, version 329.-17761\012- data
Hash 418dad87601f9c8abd0e5798c0dc1feb
a6b003ef506e92d05cde73adf67487d7fd7ec6df
f18c486a80175cf02fee0e05c2b4acd86c04cdbaecec61c1ef91f920509b5efe
GET /releases/v5.8.1/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://idoc-pub.programaspc.net
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 02:02:52 GMT
content-type: font/woff2
content-length: 74256
x-amz-id-2: QSEWZq6815ykHnKImzSkb86LvONj8rpoKY5LGzRh7FdiCbvBKAe4w7vjDre8e4B8rI6u2rm/OVQ=
x-amz-request-id: M80FNKX07N2CHFVF
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:47:00 GMT
etag: "418dad87601f9c8abd0e5798c0dc1feb"
cache-control: max-age=31556926
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HC2DN8US2%2BE3N6Uu5wd79QWIUX9POwqpW%2FygkqWVI137gnfBGLJiLPdGGqTyo%2FFM0c4sFgZkG%2F1HKW1LS16cXGy1p6jbse59h2U8NLPObvhTnLHmJ%2F1Vhyb6O%2BIDtgt%2FGLJrw%2B%2F8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792f58db3f837708-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.167.125.33101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.167.125.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: OAeT5NHMxjeNykDK+iF1PA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Wo/U6qU+b/juERTVaxa8GGUPc8c=
idoc-pub.programaspc.net/user.php
104.21.73.21200 OK 25 B URL HTTP/1.1 idoc-pub.programaspc.net/user.php
IP 104.21.73.21:0
Hash 363f411ba212d4d1ccf7856f856145e9
08331057577f273187dd15e7c6f57937835e0aff
c50b40612adfdbf2e228758746fc7927cf440cb9bb5a8280c00d7946632a1943
POST /user.php HTTP/1.1
Host: idoc-pub.programaspc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Content-Length: 39
Origin: http://idoc-pub.programaspc.net
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
Cookie: view=1; PHPSESSID=8b04n0rnko57g1b6f7ovg1v52g
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 02:02:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K8OOtG345DdnAe0%2Bevcrgj7AGEcnHDjVeZWXb0mJTa1ZAeOEHTkfFxV5%2F4V5NfYzYoNxfd9JF3%2FJGvXqa258qHZQKnJN0YCu5gWGvSLPS0jaI2eCrFEZGs0fN25WuyvgEJcFE0BXm3pTlhY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 792f58dd78180b55-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
idoc-pub.programaspc.net/static/javascripts/jquery.min.js
104.21.73.21200 OK 26 kB URL HTTP/2 idoc-pub.programaspc.net/static/javascripts/jquery.min.js
IP 104.21.73.21:0
File type ASCII text, with very long lines (65451)
Hash f19198d6ab252f0891cc640d94ea3a8f
6be329e535564a5d11ae202b86e759e765bf55f6
a84b80f05876d04ce28c0c0fc642b5c1b33b0d640bb2d6ce86f77b0e2b1353e3
GET /static/javascripts/jquery.min.js HTTP/1.1
Host: idoc-pub.programaspc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 02:02:51 GMT
content-type: text/javascript;charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: view=1; expires=Fri, 03-Feb-2023 02:02:51 GMT; Max-Age=86400
PHPSESSID=d7kgovjpcmosugesj85rif13bv; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=87jHt5ujIFSL91WUVVyEGYNZjSYuGC5NcCiUWZyhhycSrhWnrHn%2Bwvvsb09BZkDKceIs%2F0kXDYC%2FfPJ3ymRek4M5yJ8oSFeiN41d15jYQbU7wdy%2Fh8Xpgjwdp8eZZQAXNxmAPCiyYydim9I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792f58d80a780b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
idoc-pub.programaspc.net/img/crop/300x300/2nv58pewq9lk.jpg
104.21.73.21200 OK 6.1 kB URL HTTP/2 idoc-pub.programaspc.net/img/crop/300x300/2nv58pewq9lk.jpg
IP 104.21.73.21:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 390x390, components 3\012- data
Hash 059f63711214fdbcebcdd398dc81dd51
02c1cb547a56d356a2ed0ebe3700841b8335d1b6
4f75a3817fa75c5d2614aa4617bc3467a0a172125e1c42404018f46feecdc218
GET /img/crop/300x300/2nv58pewq9lk.jpg HTTP/1.1
Host: idoc-pub.programaspc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 02:02:52 GMT
content-type: image/jpeg
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: view=1; expires=Fri, 03-Feb-2023 02:02:51 GMT; Max-Age=86400
PHPSESSID=ech492lel4qa1pqkn61qgjch6c; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i142jeeKhE50pFnF6DJEIaYcr%2FrwNpycUm%2B11xdijESfT5A9hmm9HHjGkQjsizDAGQKygAJMLhsSipJhOKI86fqIqZQ%2BEC3W3J%2BG5973aPDVNnvNA%2F5hekI4%2BdvAAnKuDCxLPsOOmoqQAnk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792f58d80a8d0b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
idoc-pub.programaspc.net/img/crop/300x300/wl1p6go0ovlj.jpg
104.21.73.21200 OK 47 kB URL HTTP/2 idoc-pub.programaspc.net/img/crop/300x300/wl1p6go0ovlj.jpg
IP 104.21.73.21:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 390x390, components 3\012- data
Hash ef50b921ca70c11602e988921b616254
20c8e1a69eae7c07869685884351df32319a9afb
18ea20f34c9f44d6f010414d9f3e4d6661aebf65dc6a2cc5591a45de81c9c480
GET /img/crop/300x300/wl1p6go0ovlj.jpg HTTP/1.1
Host: idoc-pub.programaspc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 02:02:52 GMT
content-type: image/jpeg
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: view=1; expires=Fri, 03-Feb-2023 02:02:51 GMT; Max-Age=86400
PHPSESSID=cfk7eno0jqhm9k3cp5f866798v; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TpTKhk0opJT5PCbBXPzSt3Nd4Sx0cTFp%2BGe%2FQgyptU7YyLFpY5b2l4jhtvUN0z6xV6yS%2BLAwHWiEnEn9xY9TuoQ3PeTvblvBfhwM7P3Q9GbxS3zQmMc%2FpQnzZdjyxdhEVjNic7oRF3mSFTA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792f58d80a8e0b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
idoc-pub.programaspc.net/img/crop/300x300/vnd56vp1wrlx.jpg
104.21.73.21200 OK 44 kB URL HTTP/2 idoc-pub.programaspc.net/img/crop/300x300/vnd56vp1wrlx.jpg
IP 104.21.73.21:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 390x390, components 3\012- data
Hash 6acae5d72801007d64c5fbe530331e42
1a90c3ed0231663fb9bc98b37cecbe0e753b3b06
0cfad1d6d05a81ec2ec9245652a220087c91a096e11b841f9b6ad0f64d481553
GET /img/crop/300x300/vnd56vp1wrlx.jpg HTTP/1.1
Host: idoc-pub.programaspc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 02:02:52 GMT
content-type: image/jpeg
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: view=1; expires=Fri, 03-Feb-2023 02:02:51 GMT; Max-Age=86400
PHPSESSID=3jm2o9e4fagib0qfr68p6lt6s5; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ADaoKyjfTBfQCCgkq%2F3RwaKLSh9EDaTv1S5bLvO%2FkuZKDkQXIU6cfPWR724kTqcQqsTvg%2BefWurrXQwlhv7NWudKkjzlaDX3AgC6noa1U%2BwU6i8N%2F3dRweyD5fZ6asI8qo5%2FoHDWj3%2BlzYU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792f58d80a870b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rndskittytor.com/400/4724965
139.45.197.238200 OK 33 kB URL HTTP/1.1 rndskittytor.com/400/4724965
IP 139.45.197.238:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 744bf4685ef4c08fdd3a1dfad1e94976
e23e829d3b0b76d2071b2b6c4e3d21e82b363cbe
ca8ef4f3e1a1cf75e4b4a0d9fc32023f24834c45f74b05b1e73ae0896579ba0d
Analyzer Verdict Alert quad9 Sinkholed
GET /400/4724965 HTTP/1.1
Host: rndskittytor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 02:02:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 2ebb4243ab75705bea218f81b883fd71
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Pragma: no-cache
Vary: Origin
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Link
Access-Control-Allow-Credentials: true
Set-Cookie: OAID=d111fc6b06c84ebf9741c7fe8f18bd32; expires=Fri, 02 Feb 2024 02:02:52 GMT; path=/; secure; SameSite=None
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip
rndskittytor.com/400/4837723
139.45.197.238200 OK 33 kB URL HTTP/1.1 rndskittytor.com/400/4837723
IP 139.45.197.238:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7ca650edf2fe846a5ba14b3b8f248213
1739b863fe0b50389eac2279beef668e6d677d45
46368eec25be3fe2b05ce616de8f0947579d7d1c133c21d847d97770282bf049
Analyzer Verdict Alert quad9 Sinkholed
GET /400/4837723 HTTP/1.1
Host: rndskittytor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 02:02:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: b9766044636af2ecc5998b655635f1e7
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Pragma: no-cache
Vary: Origin
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Link
Access-Control-Allow-Credentials: true
Set-Cookie: OAID=9b40e040e3c74c428211594f4a67ec5e; expires=Fri, 02 Feb 2024 02:02:52 GMT; path=/; secure; SameSite=None
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 80f52df5e0a02860681823dcf39a1486
d111804cbf5a2d82c76ef23ba669cce449f58a2b
dc92cc3256aa62c665e792c752d00c325ba5ba885c3c19052ab9a2165ce84475
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=133478
Date: Thu, 02 Feb 2023 02:02:52 GMT
Etag: "63da6996-1d7"
Expires: Fri, 03 Feb 2023 15:07:30 GMT
Last-Modified: Wed, 01 Feb 2023 13:31:02 GMT
Server: ECS (nyb/1D07)
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: T-fPF0oOUuJTRP_FLtyn-KiOcsJarAnvt1orz--M8hpwZKE_OKmIHA==
Age: 5788
idoc-pub.programaspc.net/img/crop/300x300/2nv8wqz690lk.jpg
104.21.73.21200 OK 62 kB URL HTTP/2 idoc-pub.programaspc.net/img/crop/300x300/2nv8wqz690lk.jpg
IP 104.21.73.21:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 390x390, components 3\012- data
Hash a736bd7c90ef7481bab47440eaa3a567
2e29f5c34c8aafa483e86881aa01cec196872be4
f4b5786af3022eabda2473b36491a42b80ec7eba3d1e434fe745a04f67639556
GET /img/crop/300x300/2nv8wqz690lk.jpg HTTP/1.1
Host: idoc-pub.programaspc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 02:02:52 GMT
content-type: image/jpeg
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: view=1; expires=Fri, 03-Feb-2023 02:02:51 GMT; Max-Age=86400
PHPSESSID=v65k06cmfq2u6c03cc013chiuq; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oVBMJP4hcP0hYx%2BBObrzlDsbNZDpine0F8AhG8IKpKF6YvIpjXHbs%2FhQGksn06SMMhjG%2FLwhjxCRGBBpiQiELb2hLwqdO72yCFcKDAW%2F08yncIvXky2SSowYDGmFjhwgpUVYlFCRH6QVQZQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792f58d80a890b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
35.156.167.37200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 35.156.167.37:0
File type ASCII text, with no line terminators
Hash d8afa5e61049d061d8a056a75668d452
755b1e6ebf03c6f3e5df2190f7296745e2a00214
de17932893f43dda06ecde9cf6d74223feb3116e76db033898bb4e1a0835e37d
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://idoc-pub.programaspc.net
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 02:02:52 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://idoc-pub.programaspc.net
access-control-allow-credentials: true
set-cookie: uid_id2=dbb13b07-2e7e-405c-8137-531ada76238d:3:1; expires=Sun, 30 Jan 2033 02:02:52 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a5be9132364a718119f7a0e6fe82942b
bf51ecba7321f80452262c57fbcc29b7a8180c49
bf1a1459592da779659ddf8613864fcc4f4341342a54551a71b43920532227bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF1A1459592DA779659DDF8613864FCC4F4341342A54551A71B43920532227BF"
Last-Modified: Tue, 31 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5565
Expires: Thu, 02 Feb 2023 03:35:37 GMT
Date: Thu, 02 Feb 2023 02:02:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a5be9132364a718119f7a0e6fe82942b
bf51ecba7321f80452262c57fbcc29b7a8180c49
bf1a1459592da779659ddf8613864fcc4f4341342a54551a71b43920532227bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF1A1459592DA779659DDF8613864FCC4F4341342A54551A71B43920532227BF"
Last-Modified: Tue, 31 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5565
Expires: Thu, 02 Feb 2023 03:35:37 GMT
Date: Thu, 02 Feb 2023 02:02:52 GMT
Connection: keep-alive
idoc-pub.programaspc.net/img/crop/300x300/6nge61767klv.jpg
104.21.73.21200 OK 44 kB URL HTTP/2 idoc-pub.programaspc.net/img/crop/300x300/6nge61767klv.jpg
IP 104.21.73.21:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 390x390, components 3\012- data
Hash 7f9ae962b5a83e8fef017f11387837c9
7e9b8c8f8e728f3496084786a89e9225a4f06fae
ff3fcc3b198f96fe5d6edb505380a52734eda817e72c229df21a5afe8d12173b
GET /img/crop/300x300/6nge61767klv.jpg HTTP/1.1
Host: idoc-pub.programaspc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 02:02:52 GMT
content-type: image/jpeg
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: view=1; expires=Fri, 03-Feb-2023 02:02:51 GMT; Max-Age=86400
PHPSESSID=872p09usmmfg6j6obhbguetu6c; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MBR%2FFSgBQgDXjvVaZooxdQ0lMV14sitvRzVquIqjK%2FTfWqql%2BE7mZDpFLJ7T2bw%2B%2Fphz0fmqkUDaq8tTnMKk0s3KIjIYy8SjwjfIm3n1%2B5j%2F0B5soPM6UCpddSOncKZ0bW0pbPS6vubecBk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792f58d80a8b0b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
overzubatan.com/5/4724942
139.45.197.239200 OK 24 kB URL HTTP/1.1 overzubatan.com/5/4724942
IP 139.45.197.239:0
File type ASCII text, with very long lines (64246), with no line terminators
Hash 700dbb9c2f3103d36aaea68e568e9ab1
fbbc9d2f02129b078184b22e6a0c1127a045e11c
5dabf1c6d8e4b7adc3cb059e3edf69f4d0cbd8acd66c3ea24ddb84035f4611ca
Analyzer Verdict Alert quad9 Sinkholed
GET /5/4724942 HTTP/1.1
Host: overzubatan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 02:02:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 51e29cf27b2ec7b52dbbe66068656f3e
Link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Set-Cookie: OAID=d4727433d1a94dabba8488b032895f6d; expires=Fri, 02 Feb 2024 02:02:52 GMT; path=/
oaidts=1675303372; expires=Fri, 02 Feb 2024 02:02:52 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Pragma: no-cache, no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
Content-Encoding: gzip
idoc-pub.programaspc.net/static/images/-2.jpg
104.21.73.21200 OK 129 kB URL HTTP/2 idoc-pub.programaspc.net/static/images/-2.jpg
IP 104.21.73.21:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (61649)
Size 129 kB (129314 bytes)
Hash c56fecdcd2992a0953aed2857f981796
15bc307baf467104eb19401c78a4f96edd56e8c8
3fa18b8c094bcabacc47b9e14c0646aa989412586bb9b0423a996458fc492339
GET /static/images/-2.jpg HTTP/1.1
Host: idoc-pub.programaspc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 02:02:52 GMT
content-type: image/jpeg
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: view=1; expires=Fri, 03-Feb-2023 02:02:51 GMT; Max-Age=86400
PHPSESSID=29vjbt0iog6lkl2gber4s3a93e; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GQSSbte5a6FXDTjpQg5rArWLx%2Bl9fzyRMEe1t5IrLZwy1RMxCPUAi9v9w0gqntZtqPAmFUsvKXwaylYxr2E1NLUrfKN%2FeRPcZLMjcNQZHPPbVpbkTFtsDGhLMVtxM8xR3KQ%2FWQsjSqdn7Zs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792f58d80a830b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
idoc-pub.programaspc.net/static/javascripts/main.js?v=1675295335
104.21.73.21200 OK 2.1 kB URL HTTP/2 idoc-pub.programaspc.net/static/javascripts/main.js?v=1675295335
IP 104.21.73.21:0
File type ASCII text, with very long lines (1249)
Hash 4337e0e0a442c8d33e6a171d00753e80
21df9cf558525540403e797e075f2ce1a85aade2
18c433e804a915f0b51ca745cf91aeec13c42002bce85c95e5af3ba95138dcd3
GET /static/javascripts/main.js?v=1675295335 HTTP/1.1
Host: idoc-pub.programaspc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 02:02:52 GMT
content-type: text/javascript;charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: view=1; expires=Fri, 03-Feb-2023 02:02:51 GMT; Max-Age=86400
PHPSESSID=8b04n0rnko57g1b6f7ovg1v52g; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P4AUQOlpKkF6m0P0g6H96qa645AeATBMvAqE1Ac2yy6TaTARJIVRXsEpzYpUY2hu6%2BAI%2F0qW7duMfhTbluuX%2FjsRtjLsghsdPnq1oFa684WCEVMl63N51tNoNVA6WwLNetsR3O359RUhOfs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792f58d80a7d0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
idoc-pub.programaspc.net/static/images/-1.jpg
104.21.73.21200 OK 129 kB URL HTTP/2 idoc-pub.programaspc.net/static/images/-1.jpg
IP 104.21.73.21:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (61649)
Size 129 kB (128876 bytes)
Hash d95bf6850819e2e631a8f8cb2e0a1918
735e84b133261c630bdec70dbbf3213a763d1650
e633a324a94b857be8712ad03981f2372d946e4514642dc45d41c62e666a414a
GET /static/images/-1.jpg HTTP/1.1
Host: idoc-pub.programaspc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 02:02:52 GMT
content-type: image/jpeg
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: view=1; expires=Fri, 03-Feb-2023 02:02:51 GMT; Max-Age=86400
PHPSESSID=oh14cpco030nsa164dfod55llr; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bLtOJ27sHdy3xVs%2Bjs52gq9IiJ5iS7x7yAMTEpOBXc%2BzJ4OaMcQvsVk2UgVMGzf11X95ZM64esgDgHhVJkFtM4bnblTb9JNsINuzhohunIYUpd6%2B6K800fN0JF32ZkRMvWn1EkFXNDZ4laY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792f58d80a820b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.78200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.78:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Thu, 02 Feb 2023 01:45:20 GMT
expires: Thu, 02 Feb 2023 03:45:20 GMT
cache-control: public, max-age=7200
age: 1053
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 00825eed252f4afa46f26f88cd5f9b78
a08e0df1159dfc1b288ba8f2569179b2879c05e3
e5a7161b9629f93e9a480762319a289d93aabcbbc0f4bfcf7fb2707aaa59e1df
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 02:02:53 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Sun, 05 Feb 2023 22:10:11 GMT
ETag: "a08e0df1159dfc1b288ba8f2569179b2879c05e3"
Last-Modified: Wed, 01 Feb 2023 22:10:12 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3330
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792f58e2ac8fb4f7-OSL
mc.yandex.ru/metrika/tag.js
93.158.134.119200 OK 74 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 93.158.134.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (659)
Hash a236c7014c1f1a1e52d356f59e5d665a
b66c638eb2346287364c37725819bbab1f409d66
ad2d57579e453af0eac49156840bcd1dcfbd802a82135af98f41f714d7e698f2
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73769
date: Thu, 02 Feb 2023 02:02:53 GMT
access-control-allow-origin: *
etag: "63c93a4b-12029"
expires: Thu, 02 Feb 2023 03:02:53 GMT
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: application/javascript
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 761c70aea865f27c277a60a7aa196529
a55e89e7211c22ccbe79c3fbb490ccfc60e81b66
54fcff75930ad3a9bc7b3a74630bd63ebabcaaffd767dcd6beaf7f3160f11c8f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 02:02:53 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 15:49:36 GMT
Expires: Wed, 08 Feb 2023 15:49:35 GMT
Etag: "a55e89e7211c22ccbe79c3fbb490ccfc60e81b66"
Cache-Control: max-age=567401,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 792f58e30b670b59-OSL
idoc-pub.programaspc.net/static/images/google-play-badge.png
104.21.73.21302 Found 12 B URL HTTP/2 idoc-pub.programaspc.net/static/images/google-play-badge.png
IP 104.21.73.21:0
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
GET /static/images/google-play-badge.png HTTP/1.1
Host: idoc-pub.programaspc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 02 Feb 2023 02:02:51 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: /
cf-cache-status: BYPASS
set-cookie: view=1; expires=Fri, 03-Feb-2023 02:02:51 GMT; Max-Age=86400
PHPSESSID=70vu023011ojskk682rf6gqn3p; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yKrBolW%2F%2F34VneuvG5KASQjvEU8vSIFLcGlmlda%2FRwo01pH2bV6itiOwBAa9H%2BtbNZ59nRKBnryIqSM6cE8hXm1PH6H4sqkE4ko%2BZEHAdKy8ksuISKdMSkLbZ%2BoSS0PF68tYpD8FJ5sv7bY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792f58d81a910b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
35.156.167.37200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 35.156.167.37:0
File type ASCII text, with no line terminators
Hash d8afa5e61049d061d8a056a75668d452
755b1e6ebf03c6f3e5df2190f7296745e2a00214
de17932893f43dda06ecde9cf6d74223feb3116e76db033898bb4e1a0835e37d
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://idoc-pub.programaspc.net
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
Cookie: uid_id2=dbb13b07-2e7e-405c-8137-531ada76238d:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 02:02:53 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://idoc-pub.programaspc.net
access-control-allow-credentials: true
X-Firefox-Spdy: h2
benumelan.com/?rb=vhDxbj4PWOny6wKFHVRn0rQe-Eh8WhAUZizVSjo_P76Sh5v5nJ6rPPdByQTl0Qu71s2yAYx3St4e-xJZEwBhI_TiJ5QQWdJQkuKANuIW13xJ13LUA5Z-U0g35Z45LXD0FQk66epK5U6bYtmdCjJyVWQnPi04t6DhS1slcXknSwIVZ3rxwjUPj7_OLlumtYvraCn8EJaP80i9zS5kPBU8FU94Phf3SiLniHV1z47gzN5hadg5KmPR0w%3D%3D&request_ab2=0&zoneid=4724942&js_build=iclick-v1.478.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=1&pl=http%3A%2F%2Fidoc-pub.programaspc.net%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.478.0&bs=c6c0a1e5-d37e-45f2-b28f-82091a91c8ae&userId=276e693cc19f4e0a96aa064e94c50176&m=link
139.45.197.239200 OK 1.3 kB URL HTTP/1.1 benumelan.com/?rb=vhDxbj4PWOny6wKFHVRn0rQe-Eh8WhAUZizVSjo_P76Sh5v5nJ6rPPdByQTl0Qu71s2yAYx3St4e-xJZEwBhI_TiJ5QQWdJQkuKANuIW13xJ13LUA5Z-U0g35Z45LXD0FQk66epK5U6bYtmdCjJyVWQnPi04t6DhS1slcXknSwIVZ3rxwjUPj7_OLlumtYvraCn8EJaP80i9zS5kPBU8FU94Phf3SiLniHV1z47gzN5hadg5KmPR0w%3D%3D&request_ab2=0&zoneid=4724942&js_build=iclick-v1.478.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=1&pl=http%3A%2F%2Fidoc-pub.programaspc.net%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.478.0&bs=c6c0a1e5-d37e-45f2-b28f-82091a91c8ae&userId=276e693cc19f4e0a96aa064e94c50176&m=link
IP 139.45.197.239:0
File type JSON data\012- , ASCII text, with very long lines (1627), with no line terminators
Hash 1f817e7e7727a732a829fb2f5f2dfa13
f5c7e07303c20a740ff4df53fe4ccfc0d084e87d
876f66a0582f55f9a8c1810d382d011308a6b413fea220f74dc7b405a9769f6d
Analyzer Verdict Alert quad9 Sinkholed
GET /?rb=vhDxbj4PWOny6wKFHVRn0rQe-Eh8WhAUZizVSjo_P76Sh5v5nJ6rPPdByQTl0Qu71s2yAYx3St4e-xJZEwBhI_TiJ5QQWdJQkuKANuIW13xJ13LUA5Z-U0g35Z45LXD0FQk66epK5U6bYtmdCjJyVWQnPi04t6DhS1slcXknSwIVZ3rxwjUPj7_OLlumtYvraCn8EJaP80i9zS5kPBU8FU94Phf3SiLniHV1z47gzN5hadg5KmPR0w%3D%3D&request_ab2=0&zoneid=4724942&js_build=iclick-v1.478.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=1&pl=http%3A%2F%2Fidoc-pub.programaspc.net%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.478.0&bs=c6c0a1e5-d37e-45f2-b28f-82091a91c8ae&userId=276e693cc19f4e0a96aa064e94c50176&m=link HTTP/1.1
Host: benumelan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://idoc-pub.programaspc.net/
Origin: http://idoc-pub.programaspc.net
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 02:02:53 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 4ef513aed444da2669bf803519a2408d
Access-Control-Allow-Origin: http://idoc-pub.programaspc.net
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Set-Cookie: OAID=276e693cc19f4e0a96aa064e94c50176; expires=Fri, 02 Feb 2024 02:02:53 GMT; path=/
oaidts=1675303373; expires=Fri, 02 Feb 2024 02:02:53 GMT; path=/
syncedCookie=true; expires=Thu, 09 Feb 2023 02:02:53 GMT; path=/
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip
glizauvo.net/500/5108418?excludes=&oaid=276e693cc19f4e0a96aa064e94c50176&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=http%3A%2F%2Fidoc-pub.programaspc.net%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.236200 OK 0 B URL HTTP/1.1 glizauvo.net/500/5108418?excludes=&oaid=276e693cc19f4e0a96aa064e94c50176&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=http%3A%2F%2Fidoc-pub.programaspc.net%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/5108418?excludes=&oaid=276e693cc19f4e0a96aa064e94c50176&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=http%3A%2F%2Fidoc-pub.programaspc.net%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: glizauvo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: http://idoc-pub.programaspc.net/
Origin: http://idoc-pub.programaspc.net
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 02:02:53 GMT
Content-Length: 0
Connection: keep-alive
Allow: GET, OPTIONS
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: http://idoc-pub.programaspc.net
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 600
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *
rndskittytor.com/500/4724965?excludes=&oaid=276e693cc19f4e0a96aa064e94c50176&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=http%3A%2F%2Fidoc-pub.programaspc.net%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.238200 OK 0 B URL HTTP/1.1 rndskittytor.com/500/4724965?excludes=&oaid=276e693cc19f4e0a96aa064e94c50176&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=http%3A%2F%2Fidoc-pub.programaspc.net%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.238:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/4724965?excludes=&oaid=276e693cc19f4e0a96aa064e94c50176&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=http%3A%2F%2Fidoc-pub.programaspc.net%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: rndskittytor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: http://idoc-pub.programaspc.net/
Origin: http://idoc-pub.programaspc.net
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 02:02:53 GMT
Content-Length: 0
Connection: keep-alive
Allow: GET, OPTIONS
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: http://idoc-pub.programaspc.net
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 600
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2540
Expires: Thu, 02 Feb 2023 02:45:13 GMT
Date: Thu, 02 Feb 2023 02:02:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2540
Expires: Thu, 02 Feb 2023 02:45:13 GMT
Date: Thu, 02 Feb 2023 02:02:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2540
Expires: Thu, 02 Feb 2023 02:45:13 GMT
Date: Thu, 02 Feb 2023 02:02:53 GMT
Connection: keep-alive
glizauvo.net/500/5108418?excludes=&oaid=276e693cc19f4e0a96aa064e94c50176&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=http%3A%2F%2Fidoc-pub.programaspc.net%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.236200 OK 925 B URL HTTP/1.1 glizauvo.net/500/5108418?excludes=&oaid=276e693cc19f4e0a96aa064e94c50176&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=http%3A%2F%2Fidoc-pub.programaspc.net%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.236:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (1140), with no line terminators
Hash a99e6b44b6fa006eee77ad827c9e7f3a
3963ca449e935ef4bdb773f9495230092e460f07
b5db7258c2878974b8aab681132190c38403400e59685f7163b32c9214a2b406
Analyzer Verdict Alert quad9 Sinkholed
GET /500/5108418?excludes=&oaid=276e693cc19f4e0a96aa064e94c50176&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=http%3A%2F%2Fidoc-pub.programaspc.net%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: glizauvo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json
Origin: http://idoc-pub.programaspc.net
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 02:02:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 766996c92dac7391ef7267b3be973722
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Pragma: no-cache
Vary: Origin
Access-Control-Allow-Origin: http://idoc-pub.programaspc.net
Access-Control-Expose-Headers: Link
Access-Control-Allow-Credentials: true
Set-Cookie: OAID=276e693cc19f4e0a96aa064e94c50176; expires=Fri, 02 Feb 2024 02:02:53 GMT; path=/; secure; SameSite=None
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2540
Expires: Thu, 02 Feb 2023 02:45:13 GMT
Date: Thu, 02 Feb 2023 02:02:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 395bb0f71f9eba82f5ca23548d08900f
b1fada280c7ea3eb775a6fa46ce173a51eb045f5
7443babb69532e1ee3ee779e05ad4f62de2c5bf62548bcb5702f8290a527664c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11367
x-amzn-requestid: 67702c15-9a68-46ec-95e5-efb57f08e2f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5OGfBoAMF3Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6e-033182ba55fdd0230ad5a270;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Ybz4mmNUwsKOkpz6GFm4nLz7iGX5gJ--EiUjqrs8G92GBLn6qaF7IQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:57:51 GMT
age: 14702
etag: "b1fada280c7ea3eb775a6fa46ce173a51eb045f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 91987222-d376-4099-a4e9-5f877b5212be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLzO2FSDIAMFktg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ce325e-281a7e062ee3039d42ae8f83;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 07:08:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: SEH32iK4aCkxhxQyu3fSlW8uVM1Oj5hwnl2U09k_THEOdAqdEeVMJw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:03:43 GMT
age: 14350
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ff2ba7c-95eb-402b-8e98-e95f8ac322aa.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ff2ba7c-95eb-402b-8e98-e95f8ac322aa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0f85742f336de59ca88f7f964a8b33f4
0fc7177f8cb06421a8807e93989f651bda743567
fbd5fd39c39c218b0fa956f8cb8050cbdbfcb109a92303f6175d73cc8c339526
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ff2ba7c-95eb-402b-8e98-e95f8ac322aa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8642
x-amzn-requestid: f47f7616-41aa-4983-8ada-20f6f0b6856b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frfXtHkUoAMFr1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadf64-083a903959cdab540bd38265;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:53:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UqoeSWse0jZAC3IEIWk5fj9q_4xsAoZRkn67U4m2L5NkayHxsAYmlA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:00:35 GMT
age: 14538
etag: "0fc7177f8cb06421a8807e93989f651bda743567"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
idoc-pub.programaspc.net/img/crop/300x300/klzoowdozy4g.jpg
104.21.73.21200 OK 56 kB URL HTTP/2 idoc-pub.programaspc.net/img/crop/300x300/klzoowdozy4g.jpg
IP 104.21.73.21:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 390x390, components 3\012- data
Hash 992be48d3c782a8e42483b35bc8af932
8b81cb3848117006c666be0c87a49c31db334b48
8a1c4601eafcf19aa4d677b7a420f4c3c682fa4dbbf22b4effdb12362beaeb40
GET /img/crop/300x300/klzoowdozy4g.jpg HTTP/1.1
Host: idoc-pub.programaspc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 02:02:52 GMT
content-type: image/jpeg
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: view=1; expires=Fri, 03-Feb-2023 02:02:51 GMT; Max-Age=86400
PHPSESSID=f7lcd6f4uhsdgbm08coe7apvm3; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RHKto8ER2KRPXUrYbFWEraSZ8A48CrD9SOPbMyI1qhqgvmKjlzfDl95SszpN5y6voOWu%2Fpv4YNqsMNX1ktxmlCxcQoyqRtHl0oummraFBpELoAlbUyaURhv4rdjgHNEQP%2BFHvvV2KWz0aIE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792f58d80a8f0b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6bb5b89e738516f4862491eec286bf6d
8fb46b9ca85f2c578eb2a56d0007859183e12209
7f164a37b675bf39f8473392b07a2a383397da003303965fb190fd4f455bb43b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15051
x-amzn-requestid: 72a3f2ae-538e-40dc-9496-86c28334ba0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc6jGTAIAMFy4A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb76-72178ed13a2e70d462785b90;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CKTfQzCvXa4oL6Lm2n8Rw_9Uhj69YfgpDTP9s0zoaX5qW1vcqWIXDA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:54:58 GMT
age: 14875
etag: "8fb46b9ca85f2c578eb2a56d0007859183e12209"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
benumelan.com/27/dae1eb9bef878cda2f3d5a0907ef4d01
139.45.197.239200 OK 155 kB URL HTTP/2 benumelan.com/27/dae1eb9bef878cda2f3d5a0907ef4d01
IP 139.45.197.239:0
Size 155 kB (154987 bytes)
Hash 7177afcb4681f76e1aa4678032a828d5
221c834266df57cef2481703ab70dd5c8005ad2b
a0f161d44c3e86f22d955abff047c45314749c3102edcacd60173cfd0a9b7e5f
Analyzer Verdict Alert quad9 Sinkholed
GET /27/dae1eb9bef878cda2f3d5a0907ef4d01 HTTP/1.1
Host: benumelan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:02:53 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
cache-control: max-age:290304000, public
last-modified: Fri, 27 Jan 2023 06:22:51 GMT
expires: Fri, 26 Feb 2083 06:22:51 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
benumelan.com/9?z=4724958&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fidoc-pub.programaspc.net%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=276e693cc19f4e0a96aa064e94c50176
139.45.197.239204 No Content 0 B URL HTTP/2 benumelan.com/9?z=4724958&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fidoc-pub.programaspc.net%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=276e693cc19f4e0a96aa064e94c50176
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /9?z=4724958&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fidoc-pub.programaspc.net%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=276e693cc19f4e0a96aa064e94c50176 HTTP/1.1
Host: benumelan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://idoc-pub.programaspc.net/
Origin: http://idoc-pub.programaspc.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Thu, 02 Feb 2023 02:02:53 GMT
access-control-allow-credentials: true
access-control-allow-origin: http://idoc-pub.programaspc.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
glimtors.net/custom
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://idoc-pub.programaspc.net/
Origin: http://idoc-pub.programaspc.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:02:53 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: http://idoc-pub.programaspc.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
glimtors.net/custom
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://idoc-pub.programaspc.net/
Origin: http://idoc-pub.programaspc.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:02:53 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: http://idoc-pub.programaspc.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=cc888dc3cd484f33b086b26578d969cf&zoneId=4717370&checkDuplicate=true&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=cc888dc3cd484f33b086b26578d969cf&zoneId=4717370&checkDuplicate=true&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash ee3eefdf767da86de573e392427f843a
9613fea126aa31c77759ff27a53d0367864076fb
d06cd6f411601533bab6677bd9d9145c66ea0fb648e9e62bd6a3d558bbc889d5
GET /gid.js?pub=0&userId=cc888dc3cd484f33b086b26578d969cf&zoneId=4717370&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://idoc-pub.programaspc.net/
Origin: http://idoc-pub.programaspc.net
Connection: keep-alive
Cookie: ID=276e693cc19f4e0a96aa064e94c50176
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:02:53 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: http://idoc-pub.programaspc.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=276e693cc19f4e0a96aa064e94c50176; expires=Fri, 02 Feb 2024 02:02:53 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
rndskittytor.com/500/4724965?excludes=&oaid=276e693cc19f4e0a96aa064e94c50176&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=http%3A%2F%2Fidoc-pub.programaspc.net%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.238200 OK 924 B URL HTTP/1.1 rndskittytor.com/500/4724965?excludes=&oaid=276e693cc19f4e0a96aa064e94c50176&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=http%3A%2F%2Fidoc-pub.programaspc.net%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.238:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (1148), with no line terminators
Hash e70f639e92bf535aef595acf13ca13d3
b78779b74456b608f98e5873cf8fbe3d222b6db1
533e96599c592ec78573cbf5a8773ace0667a0ad1e07a56ae6f2f00232a9f2e1
Analyzer Verdict Alert quad9 Sinkholed
GET /500/4724965?excludes=&oaid=276e693cc19f4e0a96aa064e94c50176&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=http%3A%2F%2Fidoc-pub.programaspc.net%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: rndskittytor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json
Origin: http://idoc-pub.programaspc.net
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 02:02:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 950f0dbb66454776879f0c8a834374a9
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Pragma: no-cache
Vary: Origin
Access-Control-Allow-Origin: http://idoc-pub.programaspc.net
Access-Control-Expose-Headers: Link
Access-Control-Allow-Credentials: true
Set-Cookie: OAID=276e693cc19f4e0a96aa064e94c50176; expires=Fri, 02 Feb 2024 02:02:53 GMT; path=/; secure; SameSite=None
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip
offerimage.com/www/images/7d763937692f59aea0578ffe58c10ee0.jpeg
172.67.22.216200 OK 14 kB URL HTTP/2 offerimage.com/www/images/7d763937692f59aea0578ffe58c10ee0.jpeg
IP 172.67.22.216:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 7d763937692f59aea0578ffe58c10ee0
b3a4cc4fd1a0d8319e59057e535b0b19f1a3b35b
2d7300c572db1683cbc8071be4bbaf31b00954193f6f82d453c99a7a58bd7620
GET /www/images/7d763937692f59aea0578ffe58c10ee0.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 02:02:53 GMT
content-type: image/jpeg
content-length: 13778
cache-control: max-age=86400
cf-bgj: h2pri
etag: "63888441-35d2"
expires: Thu, 02 Feb 2023 20:37:09 GMT
last-modified: Thu, 01 Dec 2022 10:38:57 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 19544
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 792f58e628150afe-OSL
X-Firefox-Spdy: h2
glimtors.net/custom
139.45.197.251200 OK 39 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://idoc-pub.programaspc.net/
Content-Type: application/json
Origin: http://idoc-pub.programaspc.net
Content-Length: 621
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:02:53 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 7a6c82c921d773d1f990792ebc6fda55
access-control-allow-origin: http://idoc-pub.programaspc.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
benumelan.com/9?z=4724958&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fidoc-pub.programaspc.net%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=276e693cc19f4e0a96aa064e94c50176
139.45.197.239200 OK 2.7 kB URL HTTP/2 benumelan.com/9?z=4724958&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fidoc-pub.programaspc.net%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=276e693cc19f4e0a96aa064e94c50176
IP 139.45.197.239:0
Hash f8dd2df737f331886a5e3ca39ddb367d
ce2abb6c34a2dfef91925677d61967365d53cb0e
5d00835ffa1111d623fe084c4243f5ce195af588bfe5c21972060bb8b1e5951a
Analyzer Verdict Alert quad9 Sinkholed
POST /9?z=4724958&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fidoc-pub.programaspc.net%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=276e693cc19f4e0a96aa064e94c50176 HTTP/1.1
Host: benumelan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 108
Origin: http://idoc-pub.programaspc.net
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:02:53 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: http://idoc-pub.programaspc.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: 76be976c6d42234df00e85f2aba310a7
access-control-expose-headers: X-Sc
x-sc: xU928FsZv--vJibZdAnC7ZcAqeZWfe7_Vj1iRtNLMrVd_iKB1CV8dpTIx60DWIwbudU-E0IFjruj5nenV07mSAeF-Bs=
set-cookie: scm=1; expires=Fri, 02 Feb 2024 02:02:53 GMT; secure; SameSite=None
OAID=276e693cc19f4e0a96aa064e94c50176; expires=Fri, 02 Feb 2024 02:02:53 GMT; secure; SameSite=None
oaidts=1675303373; expires=Fri, 02 Feb 2024 02:02:53 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ca2ec6f5ca0c087161c9782bde0a1ae8
ff047b8ca48625528806889b01f686fb657a1b62
fb2cd27a067f046be33a8e6a1bc4bbff335c7717bea9210f302737fc67e67a43
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FB2CD27A067F046BE33A8E6A1BC4BBFF335C7717BEA9210F302737FC67E67A43"
Last-Modified: Wed, 01 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10096
Expires: Thu, 02 Feb 2023 04:51:09 GMT
Date: Thu, 02 Feb 2023 02:02:53 GMT
Connection: keep-alive
benumelan.com/11?rnd=891253708&z=4724958&b=16336478&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=jYn49ugB4ds6enjUxwHJcUUSXbJtAqhrLXY8nzjTDlh7cXEQ_Q0BdSNzSVBCQEXeMU_RpwBwMkhkhkVhFZJyXXCumQd_hx4ifikKVa_Yqs3uUZ2ijQjgh26qSFZ-Z921IqoCS5ueiQR4SRCPHgl5r96FOKEVxHI04afmId-YFn7nmlMudD6AQCOzUAIUU4qRF3yr4dqdBI_liK_v_QoIKje0PYlWRY8yJzuAySl6LeSggxtOxXm5v9xCtniLycE1kiUwveI1XD_sFDuK2tiE41nbP6Snpw5fzMA4yT_sCjbwTFrRfAu6snXkAV6CMEtWExT6UxzoWRa27mIqcCVsjnwD-LahtL4ld3i3dc796MNfY2-NvLCPqWt5gPX_pxHrXH0AsM_8RKkdUggLzDt3YNqVKOtekOBlzzeUXdF9kM4UbtykyMh47HF5FtvkCpuAT7_eS_Q0OhreC71btHD3tt6d5LbmxWYxr7Ui2IGYF5QVCtU_Zm1PyCurKBSGbUy7QWnNBbC6Kp0MAcP-s72xUE9F6KoVZGclBGx9gqf_tR0KgAvYtRJPeqI1qqNKW3EkeZT2JYvbugv0wLTa73q2Zqqm2PazE4gfHqJxpbyrrMfz2rJqlu54JQyniEkGSL72Oqc1eHG2Gc5wo9HQqxz-wg==&ruid=1fe45ed7-a597-4fc8-b548-24d544c014ca&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fidoc-pub.programaspc.net%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&ot=258
139.45.197.239204 No Content 0 B URL HTTP/2 benumelan.com/11?rnd=891253708&z=4724958&b=16336478&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=jYn49ugB4ds6enjUxwHJcUUSXbJtAqhrLXY8nzjTDlh7cXEQ_Q0BdSNzSVBCQEXeMU_RpwBwMkhkhkVhFZJyXXCumQd_hx4ifikKVa_Yqs3uUZ2ijQjgh26qSFZ-Z921IqoCS5ueiQR4SRCPHgl5r96FOKEVxHI04afmId-YFn7nmlMudD6AQCOzUAIUU4qRF3yr4dqdBI_liK_v_QoIKje0PYlWRY8yJzuAySl6LeSggxtOxXm5v9xCtniLycE1kiUwveI1XD_sFDuK2tiE41nbP6Snpw5fzMA4yT_sCjbwTFrRfAu6snXkAV6CMEtWExT6UxzoWRa27mIqcCVsjnwD-LahtL4ld3i3dc796MNfY2-NvLCPqWt5gPX_pxHrXH0AsM_8RKkdUggLzDt3YNqVKOtekOBlzzeUXdF9kM4UbtykyMh47HF5FtvkCpuAT7_eS_Q0OhreC71btHD3tt6d5LbmxWYxr7Ui2IGYF5QVCtU_Zm1PyCurKBSGbUy7QWnNBbC6Kp0MAcP-s72xUE9F6KoVZGclBGx9gqf_tR0KgAvYtRJPeqI1qqNKW3EkeZT2JYvbugv0wLTa73q2Zqqm2PazE4gfHqJxpbyrrMfz2rJqlu54JQyniEkGSL72Oqc1eHG2Gc5wo9HQqxz-wg==&ruid=1fe45ed7-a597-4fc8-b548-24d544c014ca&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fidoc-pub.programaspc.net%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&ot=258
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /11?rnd=891253708&z=4724958&b=16336478&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=jYn49ugB4ds6enjUxwHJcUUSXbJtAqhrLXY8nzjTDlh7cXEQ_Q0BdSNzSVBCQEXeMU_RpwBwMkhkhkVhFZJyXXCumQd_hx4ifikKVa_Yqs3uUZ2ijQjgh26qSFZ-Z921IqoCS5ueiQR4SRCPHgl5r96FOKEVxHI04afmId-YFn7nmlMudD6AQCOzUAIUU4qRF3yr4dqdBI_liK_v_QoIKje0PYlWRY8yJzuAySl6LeSggxtOxXm5v9xCtniLycE1kiUwveI1XD_sFDuK2tiE41nbP6Snpw5fzMA4yT_sCjbwTFrRfAu6snXkAV6CMEtWExT6UxzoWRa27mIqcCVsjnwD-LahtL4ld3i3dc796MNfY2-NvLCPqWt5gPX_pxHrXH0AsM_8RKkdUggLzDt3YNqVKOtekOBlzzeUXdF9kM4UbtykyMh47HF5FtvkCpuAT7_eS_Q0OhreC71btHD3tt6d5LbmxWYxr7Ui2IGYF5QVCtU_Zm1PyCurKBSGbUy7QWnNBbC6Kp0MAcP-s72xUE9F6KoVZGclBGx9gqf_tR0KgAvYtRJPeqI1qqNKW3EkeZT2JYvbugv0wLTa73q2Zqqm2PazE4gfHqJxpbyrrMfz2rJqlu54JQyniEkGSL72Oqc1eHG2Gc5wo9HQqxz-wg==&ruid=1fe45ed7-a597-4fc8-b548-24d544c014ca&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fidoc-pub.programaspc.net%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&ot=258 HTTP/1.1
Host: benumelan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-sc
Referer: http://idoc-pub.programaspc.net/
Origin: http://idoc-pub.programaspc.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 02 Feb 2023 02:02:53 GMT
access-control-allow-credentials: true
access-control-allow-origin: http://idoc-pub.programaspc.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
benumelan.com/11?rnd=891253708&z=4724958&b=16336478&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=jYn49ugB4ds6enjUxwHJcUUSXbJtAqhrLXY8nzjTDlh7cXEQ_Q0BdSNzSVBCQEXeMU_RpwBwMkhkhkVhFZJyXXCumQd_hx4ifikKVa_Yqs3uUZ2ijQjgh26qSFZ-Z921IqoCS5ueiQR4SRCPHgl5r96FOKEVxHI04afmId-YFn7nmlMudD6AQCOzUAIUU4qRF3yr4dqdBI_liK_v_QoIKje0PYlWRY8yJzuAySl6LeSggxtOxXm5v9xCtniLycE1kiUwveI1XD_sFDuK2tiE41nbP6Snpw5fzMA4yT_sCjbwTFrRfAu6snXkAV6CMEtWExT6UxzoWRa27mIqcCVsjnwD-LahtL4ld3i3dc796MNfY2-NvLCPqWt5gPX_pxHrXH0AsM_8RKkdUggLzDt3YNqVKOtekOBlzzeUXdF9kM4UbtykyMh47HF5FtvkCpuAT7_eS_Q0OhreC71btHD3tt6d5LbmxWYxr7Ui2IGYF5QVCtU_Zm1PyCurKBSGbUy7QWnNBbC6Kp0MAcP-s72xUE9F6KoVZGclBGx9gqf_tR0KgAvYtRJPeqI1qqNKW3EkeZT2JYvbugv0wLTa73q2Zqqm2PazE4gfHqJxpbyrrMfz2rJqlu54JQyniEkGSL72Oqc1eHG2Gc5wo9HQqxz-wg==&ruid=1fe45ed7-a597-4fc8-b548-24d544c014ca&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fidoc-pub.programaspc.net%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&ot=258
139.45.197.239200 OK 0 B URL HTTP/2 benumelan.com/11?rnd=891253708&z=4724958&b=16336478&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=jYn49ugB4ds6enjUxwHJcUUSXbJtAqhrLXY8nzjTDlh7cXEQ_Q0BdSNzSVBCQEXeMU_RpwBwMkhkhkVhFZJyXXCumQd_hx4ifikKVa_Yqs3uUZ2ijQjgh26qSFZ-Z921IqoCS5ueiQR4SRCPHgl5r96FOKEVxHI04afmId-YFn7nmlMudD6AQCOzUAIUU4qRF3yr4dqdBI_liK_v_QoIKje0PYlWRY8yJzuAySl6LeSggxtOxXm5v9xCtniLycE1kiUwveI1XD_sFDuK2tiE41nbP6Snpw5fzMA4yT_sCjbwTFrRfAu6snXkAV6CMEtWExT6UxzoWRa27mIqcCVsjnwD-LahtL4ld3i3dc796MNfY2-NvLCPqWt5gPX_pxHrXH0AsM_8RKkdUggLzDt3YNqVKOtekOBlzzeUXdF9kM4UbtykyMh47HF5FtvkCpuAT7_eS_Q0OhreC71btHD3tt6d5LbmxWYxr7Ui2IGYF5QVCtU_Zm1PyCurKBSGbUy7QWnNBbC6Kp0MAcP-s72xUE9F6KoVZGclBGx9gqf_tR0KgAvYtRJPeqI1qqNKW3EkeZT2JYvbugv0wLTa73q2Zqqm2PazE4gfHqJxpbyrrMfz2rJqlu54JQyniEkGSL72Oqc1eHG2Gc5wo9HQqxz-wg==&ruid=1fe45ed7-a597-4fc8-b548-24d544c014ca&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fidoc-pub.programaspc.net%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&ot=258
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /11?rnd=891253708&z=4724958&b=16336478&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=jYn49ugB4ds6enjUxwHJcUUSXbJtAqhrLXY8nzjTDlh7cXEQ_Q0BdSNzSVBCQEXeMU_RpwBwMkhkhkVhFZJyXXCumQd_hx4ifikKVa_Yqs3uUZ2ijQjgh26qSFZ-Z921IqoCS5ueiQR4SRCPHgl5r96FOKEVxHI04afmId-YFn7nmlMudD6AQCOzUAIUU4qRF3yr4dqdBI_liK_v_QoIKje0PYlWRY8yJzuAySl6LeSggxtOxXm5v9xCtniLycE1kiUwveI1XD_sFDuK2tiE41nbP6Snpw5fzMA4yT_sCjbwTFrRfAu6snXkAV6CMEtWExT6UxzoWRa27mIqcCVsjnwD-LahtL4ld3i3dc796MNfY2-NvLCPqWt5gPX_pxHrXH0AsM_8RKkdUggLzDt3YNqVKOtekOBlzzeUXdF9kM4UbtykyMh47HF5FtvkCpuAT7_eS_Q0OhreC71btHD3tt6d5LbmxWYxr7Ui2IGYF5QVCtU_Zm1PyCurKBSGbUy7QWnNBbC6Kp0MAcP-s72xUE9F6KoVZGclBGx9gqf_tR0KgAvYtRJPeqI1qqNKW3EkeZT2JYvbugv0wLTa73q2Zqqm2PazE4gfHqJxpbyrrMfz2rJqlu54JQyniEkGSL72Oqc1eHG2Gc5wo9HQqxz-wg==&ruid=1fe45ed7-a597-4fc8-b548-24d544c014ca&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fidoc-pub.programaspc.net%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&ot=258 HTTP/1.1
Host: benumelan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Sc: xU928FsZv--vJibZdAnC7ZcAqeZWfe7_Vj1iRtNLMrVd_iKB1CV8dpTIx60DWIwbudU-E0IFjruj5nenV07mSAeF-Bs=
Origin: http://idoc-pub.programaspc.net
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
Cookie: scm=1; OAID=276e693cc19f4e0a96aa064e94c50176; oaidts=1675303373
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:02:53 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: http://idoc-pub.programaspc.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: c0a7e5366b0ba69889d26223cdf47985
access-control-expose-headers: X-Sc
x-sc:
set-cookie: OAID=276e693cc19f4e0a96aa064e94c50176; expires=Fri, 02 Feb 2024 02:02:53 GMT; secure; SameSite=None
oaidts=1675303373; expires=Fri, 02 Feb 2024 02:02:53 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
glimtors.net/pfe/current/defaultSkin.min.js
139.45.197.251200 OK 20 kB URL HTTP/2 glimtors.net/pfe/current/defaultSkin.min.js
IP 139.45.197.251:0
Hash 85d9a01b5a5f893ac6558cb2b4c1b568
1a9f425ef71ae97dbbdeff512f0bad8ad2905986
db0ebd5eb176342d7ca5dc4aa3ac08943b8b78041161fbd876e617ee260da2bd
GET /pfe/current/defaultSkin.min.js HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://idoc-pub.programaspc.net/
Origin: http://idoc-pub.programaspc.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:02:53 GMT
content-type: application/javascript
last-modified: Fri, 27 Jan 2023 11:03:52 GMT
etag: W/"63d3af98-df63"
access-control-allow-origin: http://idoc-pub.programaspc.net
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
glimtors.net/custom
139.45.197.251200 OK 39 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://idoc-pub.programaspc.net/
Content-Type: application/json
Origin: http://idoc-pub.programaspc.net
Content-Length: 381
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:02:53 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 009b49d944593700265425a2b23a02fe
access-control-allow-origin: http://idoc-pub.programaspc.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
unseenreport.com/pxf.gif?uuid=dbb13b07-2e7e-405c-8137-531ada76238d&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=876b74812be8762e152c61679c29a3f5&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=2
192.243.59.13200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=dbb13b07-2e7e-405c-8137-531ada76238d&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=876b74812be8762e152c61679c29a3f5&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=2
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=dbb13b07-2e7e-405c-8137-531ada76238d&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=876b74812be8762e152c61679c29a3f5&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=2 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 02 Feb 2023 02:02:53 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6a41f031b1a803ff0b716f4bca5f74c6
Strict-Transport-Security: max-age=0; includeSubdomains
interstitial-07.com/contents/s/71/23/05/e8fe68574c40b7e25dd26970dc/01534287215884.jpeg
139.45.197.155200 OK 18 kB URL HTTP/2 interstitial-07.com/contents/s/71/23/05/e8fe68574c40b7e25dd26970dc/01534287215884.jpeg
IP 139.45.197.155:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 256x256, components 3\012- data
Hash 712305e8fe68574c40b7e25dd26970dc
1f0a0f3102897227b7edfcdae22737511ccd87e0
8d1cdd0256eba854bb29caa4bbd45a7b6e71928b9a2fd878485bd85a85bf6eef
GET /contents/s/71/23/05/e8fe68574c40b7e25dd26970dc/01534287215884.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=iSNWy4rID4OXSxD&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fbenumelan.com%2F12%3Frnd%3D1189397921%26z%3D4724958%26b%3D16336478%26c%3D6497346%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D1499%2526key%253D078e8e1696ef5f705a04995394169693%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DjYn49ugB4ds6enjUxwHJcUUSXbJtAqhrLXY8nzjTDlh7cXEQ_Q0BdSNzSVBCQEXeMU_RpwBwMkhkhkVhFZJyXXCumQd_hx4ifikKVa_Yqs3uUZ2ijQjgh26qSFZ-Z921IqoCS5ueiQR4SRCPHgl5r96FOKEVxHI04afmId-YFn7nmlMudD6AQCOzUAIUU4qRF3yr4dqdBI_liK_v_QoIKje0PYlWRY8yJzuAySl6LeSggxtOxXm5v9xCtniLycE1kiUwveI1XD_sFDuK2tiE41nbP6Snpw5fzMA4yT_sCjbwTFrRfAu6snXkAV6CMEtWExT6UxzoWRa27mIqcCVsjnwD-LahtL4ld3i3dc796MNfY2-NvLCPqWt5gPX_pxHrXH0AsM_8RKkdUggLzDt3YNqVKOtekOBlzzeUXdF9kM4UbtykyMh47HF5FtvkCpuAT7_eS_Q0OhreC71btHD3tt6d5LbmxWYxr7Ui2IGYF5QVCtU_Zm1PyCurKBSGbUy7QWnNBbC6Kp0MAcP-s72xUE9F6KoVZGclBGx9gqf_tR0KgAvYtRJPeqI1qqNKW3EkeZT2JYvbugv0wLTa73q2Zqqm2PazE4gfHqJxpbyrrMfz2rJqlu54JQyniEkGSL72Oqc1eHG2Gc5wo9HQqxz-wg%3D%3D%26bag%3DmtlVseJPZwq8MrL-yExcig%3D%3D%26ruid%3D1fe45ed7-a597-4fc8-b548-24d544c014ca%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttp%253A%252F%252Fidoc-pub.programaspc.net%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D1%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D1%26X-Sc%3DxU928FsZv--vJibZdAnC7ZcAqeZWfe7_Vj1iRtNLMrVd_iKB1CV8dpTIx60DWIwbudU-E0IFjruj5nenV07mSAeF-Bs%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:02:54 GMT
content-type: image/jpeg
content-length: 18020
last-modified: Wed, 14 Dec 2022 17:37:10 GMT
vary: Accept-Encoding
etag: "639a09c6-4664"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
interstitial-07.com/contents/s/8c/73/ef/f26d7b8644a42654870f26bd56/0719004534516.jpeg
139.45.197.155200 OK 35 kB URL HTTP/2 interstitial-07.com/contents/s/8c/73/ef/f26d7b8644a42654870f26bd56/0719004534516.jpeg
IP 139.45.197.155:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 492x328, components 3\012- data
Hash 8c73eff26d7b8644a42654870f26bd56
762a5b0e9df2dbd99ab77b4f8f6061fe826072b5
22522e9a52728bbdbe0731b9b1bbca0a0ad89bd55373a4271f2c5bf241239d66
GET /contents/s/8c/73/ef/f26d7b8644a42654870f26bd56/0719004534516.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=iSNWy4rID4OXSxD&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fbenumelan.com%2F12%3Frnd%3D1189397921%26z%3D4724958%26b%3D16336478%26c%3D6497346%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D1499%2526key%253D078e8e1696ef5f705a04995394169693%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DjYn49ugB4ds6enjUxwHJcUUSXbJtAqhrLXY8nzjTDlh7cXEQ_Q0BdSNzSVBCQEXeMU_RpwBwMkhkhkVhFZJyXXCumQd_hx4ifikKVa_Yqs3uUZ2ijQjgh26qSFZ-Z921IqoCS5ueiQR4SRCPHgl5r96FOKEVxHI04afmId-YFn7nmlMudD6AQCOzUAIUU4qRF3yr4dqdBI_liK_v_QoIKje0PYlWRY8yJzuAySl6LeSggxtOxXm5v9xCtniLycE1kiUwveI1XD_sFDuK2tiE41nbP6Snpw5fzMA4yT_sCjbwTFrRfAu6snXkAV6CMEtWExT6UxzoWRa27mIqcCVsjnwD-LahtL4ld3i3dc796MNfY2-NvLCPqWt5gPX_pxHrXH0AsM_8RKkdUggLzDt3YNqVKOtekOBlzzeUXdF9kM4UbtykyMh47HF5FtvkCpuAT7_eS_Q0OhreC71btHD3tt6d5LbmxWYxr7Ui2IGYF5QVCtU_Zm1PyCurKBSGbUy7QWnNBbC6Kp0MAcP-s72xUE9F6KoVZGclBGx9gqf_tR0KgAvYtRJPeqI1qqNKW3EkeZT2JYvbugv0wLTa73q2Zqqm2PazE4gfHqJxpbyrrMfz2rJqlu54JQyniEkGSL72Oqc1eHG2Gc5wo9HQqxz-wg%3D%3D%26bag%3DmtlVseJPZwq8MrL-yExcig%3D%3D%26ruid%3D1fe45ed7-a597-4fc8-b548-24d544c014ca%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttp%253A%252F%252Fidoc-pub.programaspc.net%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D1%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D1%26X-Sc%3DxU928FsZv--vJibZdAnC7ZcAqeZWfe7_Vj1iRtNLMrVd_iKB1CV8dpTIx60DWIwbudU-E0IFjruj5nenV07mSAeF-Bs%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:02:54 GMT
content-type: image/jpeg
content-length: 35106
last-modified: Wed, 14 Dec 2022 17:37:04 GMT
vary: Accept-Encoding
etag: "639a09c0-8922"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 02 Feb 2023 02:02:54 GMT
access-control-allow-origin: *
etag: "63c93a4b-2b"
expires: Thu, 02 Feb 2023 03:02:54 GMT
accept-ranges: bytes
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/90922299?wmode=7&page-url=http%3A%2F%2Fidoc-pub.programaspc.net%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1082%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A1409811824495%3Ahid%3A295693856%3Az%3A0%3Ai%3A20230202020317%3Aet%3A1675303398%3Ac%3A1%3Arn%3A875280360%3Arqn%3A1%3Au%3A1675303398922442342%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A2%2C2%2C156%2C85%2C-5%2C0%2C%2C1495%2C2%2C%2C%2C%2C1874%3Aco%3A0%3Ans%3A1675303395023%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675303398%3At%3ADocuments%20and%20E-books&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
93.158.134.119302 Found 400 B URL HTTP/2 mc.yandex.ru/watch/90922299?wmode=7&page-url=http%3A%2F%2Fidoc-pub.programaspc.net%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1082%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A1409811824495%3Ahid%3A295693856%3Az%3A0%3Ai%3A20230202020317%3Aet%3A1675303398%3Ac%3A1%3Arn%3A875280360%3Arqn%3A1%3Au%3A1675303398922442342%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A2%2C2%2C156%2C85%2C-5%2C0%2C%2C1495%2C2%2C%2C%2C%2C1874%3Aco%3A0%3Ans%3A1675303395023%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675303398%3At%3ADocuments%20and%20E-books&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 93.158.134.119:0
File type JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Hash d7c01a89f73147d04905f2135395ed77
19a074d086c029411406049a1f7204c30cf1cc10
cb4170550b63f518bf1710703399163ecd2ca78c7461be34f0fef564fa030310
GET /watch/90922299?wmode=7&page-url=http%3A%2F%2Fidoc-pub.programaspc.net%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1082%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A1409811824495%3Ahid%3A295693856%3Az%3A0%3Ai%3A20230202020317%3Aet%3A1675303398%3Ac%3A1%3Arn%3A875280360%3Arqn%3A1%3Au%3A1675303398922442342%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A2%2C2%2C156%2C85%2C-5%2C0%2C%2C1495%2C2%2C%2C%2C%2C1874%3Aco%3A0%3Ans%3A1675303395023%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675303398%3At%3ADocuments%20and%20E-books&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://idoc-pub.programaspc.net
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/90922299/1?wmode=7&page-url=http%3A%2F%2Fidoc-pub.programaspc.net%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1082%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A1409811824495%3Ahid%3A295693856%3Az%3A0%3Ai%3A20230202020317%3Aet%3A1675303398%3Ac%3A1%3Arn%3A875280360%3Arqn%3A1%3Au%3A1675303398922442342%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A2%2C2%2C156%2C85%2C-5%2C0%2C%2C1495%2C2%2C%2C%2C%2C1874%3Aco%3A0%3Ans%3A1675303395023%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675303398%3At%3ADocuments%20and%20E-books&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Thu, 02 Feb 2023 02:02:54 GMT
access-control-allow-origin: http://idoc-pub.programaspc.net
set-cookie: yabs-sid=1130651041675303374; Path=/; SameSite=None; Secure
i=gVtqWGJVp1ribRF72nNl+S5U6znkudNZapogVXFvYouOAMU+6jgT1RriDBVI8X8FxxvPETmkLsM4FjVoWu72LsphHK0=; Expires=Sun, 30-Jan-2033 02:02:41 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=1123729861675303374; Expires=Fri, 02-Feb-2024 02:02:54 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=1123729861675303374; Expires=Fri, 02-Feb-2024 02:02:54 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1706839374.yc.1675303374#1706839374.yrts.1675303374#1706839374.yrtsi.1675303374; Expires=Fri, 02-Feb-2024 02:02:54 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 02-Feb-2023 02:02:54 GMT
last-modified: Thu, 02-Feb-2023 02:02:54 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/86704299?wmode=7&page-url=http%3A%2F%2Fidoc-pub.programaspc.net%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1082%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A381477877280%3Ahid%3A295693856%3Az%3A0%3Ai%3A20230202020317%3Aet%3A1675303398%3Ac%3A1%3Arn%3A423234703%3Arqn%3A1%3Au%3A1675303398922442342%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A2%2C2%2C156%2C85%2C-5%2C0%2C%2C1495%2C2%2C%2C%2C%2C1874%3Aco%3A0%3Ans%3A1675303395023%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675303398%3At%3ADocuments%20and%20E-books&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
93.158.134.119302 Found 407 B URL HTTP/2 mc.yandex.ru/watch/86704299?wmode=7&page-url=http%3A%2F%2Fidoc-pub.programaspc.net%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1082%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A381477877280%3Ahid%3A295693856%3Az%3A0%3Ai%3A20230202020317%3Aet%3A1675303398%3Ac%3A1%3Arn%3A423234703%3Arqn%3A1%3Au%3A1675303398922442342%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A2%2C2%2C156%2C85%2C-5%2C0%2C%2C1495%2C2%2C%2C%2C%2C1874%3Aco%3A0%3Ans%3A1675303395023%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675303398%3At%3ADocuments%20and%20E-books&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 93.158.134.119:0
File type JSON data\012- , ASCII text, with very long lines (407), with no line terminators
Hash b8b11e3298de80520169643465506cef
4c97a3496cccb57ef6c1eda24de76220aa6f1fb4
39871c9820485475cfb52fa92038a38a4d07d9302d4f3b00ad2085cd64de4eda
GET /watch/86704299?wmode=7&page-url=http%3A%2F%2Fidoc-pub.programaspc.net%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1082%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A381477877280%3Ahid%3A295693856%3Az%3A0%3Ai%3A20230202020317%3Aet%3A1675303398%3Ac%3A1%3Arn%3A423234703%3Arqn%3A1%3Au%3A1675303398922442342%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A2%2C2%2C156%2C85%2C-5%2C0%2C%2C1495%2C2%2C%2C%2C%2C1874%3Aco%3A0%3Ans%3A1675303395023%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675303398%3At%3ADocuments%20and%20E-books&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://idoc-pub.programaspc.net
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/86704299/1?wmode=7&page-url=http%3A%2F%2Fidoc-pub.programaspc.net%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1082%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A381477877280%3Ahid%3A295693856%3Az%3A0%3Ai%3A20230202020317%3Aet%3A1675303398%3Ac%3A1%3Arn%3A423234703%3Arqn%3A1%3Au%3A1675303398922442342%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A2%2C2%2C156%2C85%2C-5%2C0%2C%2C1495%2C2%2C%2C%2C%2C1874%3Aco%3A0%3Ans%3A1675303395023%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675303398%3At%3ADocuments%20and%20E-books&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Thu, 02 Feb 2023 02:02:54 GMT
access-control-allow-origin: http://idoc-pub.programaspc.net
set-cookie: yabs-sid=1167652361675303374; Path=/; SameSite=None; Secure
i=AprC9oZqq2VmcVmrmHrI2F84qWFmL/b6721akW5Q2a+YxXxwUBXoh3AA8cRlDp6kN+ENcNAue23GNiQmQQYFd4VyEDY=; Expires=Sun, 30-Jan-2033 02:02:52 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=7285162401675303374; Expires=Fri, 02-Feb-2024 02:02:54 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=7285162401675303374; Expires=Fri, 02-Feb-2024 02:02:54 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1706839374.yc.1675303374#1706839374.yrts.1675303374#1706839374.yrtsi.1675303374; Expires=Fri, 02-Feb-2024 02:02:54 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 02-Feb-2023 02:02:54 GMT
last-modified: Thu, 02-Feb-2023 02:02:54 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0ffd26a248ef8e44cab403c7d2fff9f5
634348376fe3a43eafe6546f4b49bb10f1982536
5df91504f42a12b470cb51c7b93ee4123dc2ab06252bb01375ead748590f295d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5DF91504F42A12B470CB51C7B93EE4123DC2AB06252BB01375EAD748590F295D"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21331
Expires: Thu, 02 Feb 2023 07:58:25 GMT
Date: Thu, 02 Feb 2023 02:02:54 GMT
Connection: keep-alive
outdilateinterrupt.com/sbar.json?key=876b74812be8762e152c61679c29a3f5&uuid=dbb13b07-2e7e-405c-8137-531ada76238d%3A3%3A1
192.243.59.20200 OK 4.0 kB URL HTTP/1.1 outdilateinterrupt.com/sbar.json?key=876b74812be8762e152c61679c29a3f5&uuid=dbb13b07-2e7e-405c-8137-531ada76238d%3A3%3A1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (6166), with no line terminators
Hash 0496377dbd7376e3ea53438d6b8ded8b
c9e49cf8ba37e94ec56525764ded33e61d60ca8a
2e1465d0d192cd82a8f5bcf38b1d62e98cae7c476d5af59f9d725ffd4d0770f3
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=876b74812be8762e152c61679c29a3f5&uuid=dbb13b07-2e7e-405c-8137-531ada76238d%3A3%3A1 HTTP/1.1
Host: outdilateinterrupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://idoc-pub.programaspc.net
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 02 Feb 2023 02:02:54 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://idoc-pub.programaspc.net
Access-Control-Allow-Origin: http://idoc-pub.programaspc.net
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16710802; expires=Fri, 03 Feb 2023 02:02:53 GMT; secure; SameSite=None
uid_id2=dbb13b07-2e7e-405c-8137-531ada76238d:3:1; expires=Thu, 09 Feb 2023 02:02:53 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 03 Feb 2023 02:02:54 GMT; secure; SameSite=None
uncs=1; expires=Fri, 03 Feb 2023 02:02:54 GMT; secure; SameSite=None
pdhtkv29=true; expires=Fri, 03 Feb 2023 02:02:54 GMT; secure; SameSite=None
uncs29=1; expires=Fri, 03 Feb 2023 02:02:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 11adde1154961cbd9c1bddf1d5aa7141
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
interstitial-07.com/?l=iSNWy4rID4OXSxD&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fbenumelan.com%2F12%3Frnd%3D1189397921%26z%3D4724958%26b%3D16336478%26c%3D6497346%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D1499%2526key%253D078e8e1696ef5f705a04995394169693%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DjYn49ugB4ds6enjUxwHJcUUSXbJtAqhrLXY8nzjTDlh7cXEQ_Q0BdSNzSVBCQEXeMU_RpwBwMkhkhkVhFZJyXXCumQd_hx4ifikKVa_Yqs3uUZ2ijQjgh26qSFZ-Z921IqoCS5ueiQR4SRCPHgl5r96FOKEVxHI04afmId-YFn7nmlMudD6AQCOzUAIUU4qRF3yr4dqdBI_liK_v_QoIKje0PYlWRY8yJzuAySl6LeSggxtOxXm5v9xCtniLycE1kiUwveI1XD_sFDuK2tiE41nbP6Snpw5fzMA4yT_sCjbwTFrRfAu6snXkAV6CMEtWExT6UxzoWRa27mIqcCVsjnwD-LahtL4ld3i3dc796MNfY2-NvLCPqWt5gPX_pxHrXH0AsM_8RKkdUggLzDt3YNqVKOtekOBlzzeUXdF9kM4UbtykyMh47HF5FtvkCpuAT7_eS_Q0OhreC71btHD3tt6d5LbmxWYxr7Ui2IGYF5QVCtU_Zm1PyCurKBSGbUy7QWnNBbC6Kp0MAcP-s72xUE9F6KoVZGclBGx9gqf_tR0KgAvYtRJPeqI1qqNKW3EkeZT2JYvbugv0wLTa73q2Zqqm2PazE4gfHqJxpbyrrMfz2rJqlu54JQyniEkGSL72Oqc1eHG2Gc5wo9HQqxz-wg%3D%3D%26bag%3DmtlVseJPZwq8MrL-yExcig%3D%3D%26ruid%3D1fe45ed7-a597-4fc8-b548-24d544c014ca%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttp%253A%252F%252Fidoc-pub.programaspc.net%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D1%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D1%26X-Sc%3DxU928FsZv--vJibZdAnC7ZcAqeZWfe7_Vj1iRtNLMrVd_iKB1CV8dpTIx60DWIwbudU-E0IFjruj5nenV07mSAeF-Bs%3D
139.45.197.155200 OK 4.9 kB URL HTTP/2 interstitial-07.com/?l=iSNWy4rID4OXSxD&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fbenumelan.com%2F12%3Frnd%3D1189397921%26z%3D4724958%26b%3D16336478%26c%3D6497346%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D1499%2526key%253D078e8e1696ef5f705a04995394169693%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DjYn49ugB4ds6enjUxwHJcUUSXbJtAqhrLXY8nzjTDlh7cXEQ_Q0BdSNzSVBCQEXeMU_RpwBwMkhkhkVhFZJyXXCumQd_hx4ifikKVa_Yqs3uUZ2ijQjgh26qSFZ-Z921IqoCS5ueiQR4SRCPHgl5r96FOKEVxHI04afmId-YFn7nmlMudD6AQCOzUAIUU4qRF3yr4dqdBI_liK_v_QoIKje0PYlWRY8yJzuAySl6LeSggxtOxXm5v9xCtniLycE1kiUwveI1XD_sFDuK2tiE41nbP6Snpw5fzMA4yT_sCjbwTFrRfAu6snXkAV6CMEtWExT6UxzoWRa27mIqcCVsjnwD-LahtL4ld3i3dc796MNfY2-NvLCPqWt5gPX_pxHrXH0AsM_8RKkdUggLzDt3YNqVKOtekOBlzzeUXdF9kM4UbtykyMh47HF5FtvkCpuAT7_eS_Q0OhreC71btHD3tt6d5LbmxWYxr7Ui2IGYF5QVCtU_Zm1PyCurKBSGbUy7QWnNBbC6Kp0MAcP-s72xUE9F6KoVZGclBGx9gqf_tR0KgAvYtRJPeqI1qqNKW3EkeZT2JYvbugv0wLTa73q2Zqqm2PazE4gfHqJxpbyrrMfz2rJqlu54JQyniEkGSL72Oqc1eHG2Gc5wo9HQqxz-wg%3D%3D%26bag%3DmtlVseJPZwq8MrL-yExcig%3D%3D%26ruid%3D1fe45ed7-a597-4fc8-b548-24d544c014ca%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttp%253A%252F%252Fidoc-pub.programaspc.net%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D1%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D1%26X-Sc%3DxU928FsZv--vJibZdAnC7ZcAqeZWfe7_Vj1iRtNLMrVd_iKB1CV8dpTIx60DWIwbudU-E0IFjruj5nenV07mSAeF-Bs%3D
IP 139.45.197.155:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1589)
Hash 5a7c2a6b7905994f36105aba065cbcf9
3675482b1487a9ee7a73efbd2c243053e1fba9bf
c3e6a5c5d42bbc9e9500299a13b86eda234a6c38a017cd48af4f37d912dbf373
GET /?l=iSNWy4rID4OXSxD&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fbenumelan.com%2F12%3Frnd%3D1189397921%26z%3D4724958%26b%3D16336478%26c%3D6497346%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D1499%2526key%253D078e8e1696ef5f705a04995394169693%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DjYn49ugB4ds6enjUxwHJcUUSXbJtAqhrLXY8nzjTDlh7cXEQ_Q0BdSNzSVBCQEXeMU_RpwBwMkhkhkVhFZJyXXCumQd_hx4ifikKVa_Yqs3uUZ2ijQjgh26qSFZ-Z921IqoCS5ueiQR4SRCPHgl5r96FOKEVxHI04afmId-YFn7nmlMudD6AQCOzUAIUU4qRF3yr4dqdBI_liK_v_QoIKje0PYlWRY8yJzuAySl6LeSggxtOxXm5v9xCtniLycE1kiUwveI1XD_sFDuK2tiE41nbP6Snpw5fzMA4yT_sCjbwTFrRfAu6snXkAV6CMEtWExT6UxzoWRa27mIqcCVsjnwD-LahtL4ld3i3dc796MNfY2-NvLCPqWt5gPX_pxHrXH0AsM_8RKkdUggLzDt3YNqVKOtekOBlzzeUXdF9kM4UbtykyMh47HF5FtvkCpuAT7_eS_Q0OhreC71btHD3tt6d5LbmxWYxr7Ui2IGYF5QVCtU_Zm1PyCurKBSGbUy7QWnNBbC6Kp0MAcP-s72xUE9F6KoVZGclBGx9gqf_tR0KgAvYtRJPeqI1qqNKW3EkeZT2JYvbugv0wLTa73q2Zqqm2PazE4gfHqJxpbyrrMfz2rJqlu54JQyniEkGSL72Oqc1eHG2Gc5wo9HQqxz-wg%3D%3D%26bag%3DmtlVseJPZwq8MrL-yExcig%3D%3D%26ruid%3D1fe45ed7-a597-4fc8-b548-24d544c014ca%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttp%253A%252F%252Fidoc-pub.programaspc.net%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D1%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D1%26X-Sc%3DxU928FsZv--vJibZdAnC7ZcAqeZWfe7_Vj1iRtNLMrVd_iKB1CV8dpTIx60DWIwbudU-E0IFjruj5nenV07mSAeF-Bs%3D HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:02:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.27
set-cookie: reverse=l5ZWAIr5LJfE4NHNM2GpueZlO6KFeG5myzGOdotVKiE; expires=Thu, 02-Feb-2023 03:02:53 GMT; Max-Age=3600; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d62d6b1aa5d380b6cdbfae5d3dca5421
f715b643ffd374ace9695098eb3ed3a70de0fde1
04f32494a66d0cd2ed4b1a8078b86edcfca40190fedcf0334d9cd62ca2ca6d19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "04F32494A66D0CD2ED4B1A8078B86EDCFCA40190FEDCF0334D9CD62CA2CA6D19"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11152
Expires: Thu, 02 Feb 2023 05:08:46 GMT
Date: Thu, 02 Feb 2023 02:02:54 GMT
Connection: keep-alive
outdilateinterrupt.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuTuLFnBRBgoiDeIjgTvrH9PRMQgjGGAnGJCSRXLzUr94tt7qrreqe3uwpGJAcxIyePPZ%2Bk2RRg5iLN0V7vciCkPGgi7gH%2FwSDnoLIzA6svkO9r%2Bp7Bd%2F73vtgo9olPiq6c%2Bkts660psfirt85ek3lwtSuc%2BFqJ%2FC7%2FonONZX3eyc6a7PDjo4Hftz1X%2B68IfmqORb6ge8HftA5q6xMzdqxOQtV3B8G3aHf7YXdIO5hzf7%2F7ioPjnoQo13yNJSYPrHy4wMo3iLPvjoj3WppildezypNS2MxEptv56u5qXNk%2BzC1HtJ8c1EN46aEfHoAJt9cdAAzujPrAExNifdLAJZvLmSCje7uKWUaMgcTh1GPWkjdQtEW3NyEEg8JwAUuXESe3btgbE2v77F0xk7Job8fQdVTcuj3Z5BnX57Waq1zxeiqVCZ3WEsbqLUWarlFUW2hXPeg6i3w8n0oQZBnDZTYeUkwFkTMT5ZCmcilnh%2FzpUEQJUtxFFBBk34YDcTcGqVaqLSFlmNQdxCV81ApD1XqoSo8ZGKnQ%2BNh6vtJytIoGvQ451HEeTzoi1hEvUHqo%2BIz7WOUxRhcj8HtDRT2BlbVGLb6Dm6lgRMeXEkwEg1qSVA7gpoS1IqgLgnqUXNXaBe65p7QrmLBIoeLHDUTUy5v0LumXJY52Sh2yVNzw%2F55%2FAlW5U5nkPRZ0hsEIZODpB%2FKIA55P%2BgnQx4OaZTGcKqBcgdAnYd1NSVH%2FniMQk0Juf0rGN2C01vgygOtngetJ0nog65MegMf6%2FnXTpXSCemYNu9VkgrjutxkEKZBUR5Ced3b0LvkyFzR8ZOHIfn2qentd47%2B1d4Gtw0K2%2BBd9QPBsr41uWxqcueyqR15cLEoVabW6Wy8V0payoOfvymv18aKc2fc%2BLNX%2BYyYwftXpSvP01yofNmRL04rIaQ9ayyX5Jtz7ppklyq3crqyeVWcv%2FTa2XNZYaVzyuQtqHroPgRXU%2FLkrY%2Fmi%2FvCixmUbWGrBlm1TRYBZVrw4gZcsa%2FeGQKr92tY4aGumokN2f6jVlMSPnoWWm6f%2Bv7kt5vFc3%2BCsgZO%2FufjPt5wt7BsPdDy5nxlR7bBSDegegxXHZyUhd0%2B9XM0DzDtTZi23h2mrf54z16ndjoyTv1U%2BqFk6ZClCfXFMO0NGR0GMmExDVC6Kf%2FtyE%2F%2FAgAA%2F%2F8BAAD%2F%2F%2FDzuLWUBAAA
192.243.59.20200 OK 7 B URL HTTP/1.1 outdilateinterrupt.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuTuLFnBRBgoiDeIjgTvrH9PRMQgjGGAnGJCSRXLzUr94tt7qrreqe3uwpGJAcxIyePPZ%2Bk2RRg5iLN0V7vciCkPGgi7gH%2FwSDnoLIzA6svkO9r%2Bp7Bd%2F73vtgo9olPiq6c%2Bkts660psfirt85ek3lwtSuc%2BFqJ%2FC7%2FonONZX3eyc6a7PDjo4Hftz1X%2B68IfmqORb6ge8HftA5q6xMzdqxOQtV3B8G3aHf7YXdIO5hzf7%2F7ioPjnoQo13yNJSYPrHy4wMo3iLPvjoj3WppildezypNS2MxEptv56u5qXNk%2BzC1HtJ8c1EN46aEfHoAJt9cdAAzujPrAExNifdLAJZvLmSCje7uKWUaMgcTh1GPWkjdQtEW3NyEEg8JwAUuXESe3btgbE2v77F0xk7Job8fQdVTcuj3Z5BnX57Waq1zxeiqVCZ3WEsbqLUWarlFUW2hXPeg6i3w8n0oQZBnDZTYeUkwFkTMT5ZCmcilnh%2FzpUEQJUtxFFBBk34YDcTcGqVaqLSFlmNQdxCV81ApD1XqoSo8ZGKnQ%2BNh6vtJytIoGvQ451HEeTzoi1hEvUHqo%2BIz7WOUxRhcj8HtDRT2BlbVGLb6Dm6lgRMeXEkwEg1qSVA7gpoS1IqgLgnqUXNXaBe65p7QrmLBIoeLHDUTUy5v0LumXJY52Sh2yVNzw%2F55%2FAlW5U5nkPRZ0hsEIZODpB%2FKIA55P%2BgnQx4OaZTGcKqBcgdAnYd1NSVH%2FniMQk0Juf0rGN2C01vgygOtngetJ0nog65MegMf6%2FnXTpXSCemYNu9VkgrjutxkEKZBUR5Ced3b0LvkyFzR8ZOHIfn2qentd47%2B1d4Gtw0K2%2BBd9QPBsr41uWxqcueyqR15cLEoVabW6Wy8V0payoOfvymv18aKc2fc%2BLNX%2BYyYwftXpSvP01yofNmRL04rIaQ9ayyX5Jtz7ppklyq3crqyeVWcv%2FTa2XNZYaVzyuQtqHroPgRXU%2FLkrY%2Fmi%2FvCixmUbWGrBlm1TRYBZVrw4gZcsa%2FeGQKr92tY4aGumokN2f6jVlMSPnoWWm6f%2Bv7kt5vFc3%2BCsgZO%2FufjPt5wt7BsPdDy5nxlR7bBSDegegxXHZyUhd0%2B9XM0DzDtTZi23h2mrf54z16ndjoyTv1U%2BqFk6ZClCfXFMO0NGR0GMmExDVC6Kf%2FtyE%2F%2FAgAA%2F%2F8BAAD%2F%2F%2FDzuLWUBAAA
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuTuLFnBRBgoiDeIjgTvrH9PRMQgjGGAnGJCSRXLzUr94tt7qrreqe3uwpGJAcxIyePPZ%2Bk2RRg5iLN0V7vciCkPGgi7gH%2FwSDnoLIzA6svkO9r%2Bp7Bd%2F73vtgo9olPiq6c%2Bkts660psfirt85ek3lwtSuc%2BFqJ%2FC7%2FonONZX3eyc6a7PDjo4Hftz1X%2B68IfmqORb6ge8HftA5q6xMzdqxOQtV3B8G3aHf7YXdIO5hzf7%2F7ioPjnoQo13yNJSYPrHy4wMo3iLPvjoj3WppildezypNS2MxEptv56u5qXNk%2BzC1HtJ8c1EN46aEfHoAJt9cdAAzujPrAExNifdLAJZvLmSCje7uKWUaMgcTh1GPWkjdQtEW3NyEEg8JwAUuXESe3btgbE2v77F0xk7Job8fQdVTcuj3Z5BnX57Waq1zxeiqVCZ3WEsbqLUWarlFUW2hXPeg6i3w8n0oQZBnDZTYeUkwFkTMT5ZCmcilnh%2FzpUEQJUtxFFBBk34YDcTcGqVaqLSFlmNQdxCV81ApD1XqoSo8ZGKnQ%2BNh6vtJytIoGvQ451HEeTzoi1hEvUHqo%2BIz7WOUxRhcj8HtDRT2BlbVGLb6Dm6lgRMeXEkwEg1qSVA7gpoS1IqgLgnqUXNXaBe65p7QrmLBIoeLHDUTUy5v0LumXJY52Sh2yVNzw%2F55%2FAlW5U5nkPRZ0hsEIZODpB%2FKIA55P%2BgnQx4OaZTGcKqBcgdAnYd1NSVH%2FniMQk0Juf0rGN2C01vgygOtngetJ0nog65MegMf6%2FnXTpXSCemYNu9VkgrjutxkEKZBUR5Ced3b0LvkyFzR8ZOHIfn2qentd47%2B1d4Gtw0K2%2BBd9QPBsr41uWxqcueyqR15cLEoVabW6Wy8V0payoOfvymv18aKc2fc%2BLNX%2BYyYwftXpSvP01yofNmRL04rIaQ9ayyX5Jtz7ppklyq3crqyeVWcv%2FTa2XNZYaVzyuQtqHroPgRXU%2FLkrY%2Fmi%2FvCixmUbWGrBlm1TRYBZVrw4gZcsa%2FeGQKr92tY4aGumokN2f6jVlMSPnoWWm6f%2Bv7kt5vFc3%2BCsgZO%2FufjPt5wt7BsPdDy5nxlR7bBSDegegxXHZyUhd0%2B9XM0DzDtTZi23h2mrf54z16ndjoyTv1U%2BqFk6ZClCfXFMO0NGR0GMmExDVC6Kf%2FtyE%2F%2FAgAA%2F%2F8BAAD%2F%2F%2FDzuLWUBAAA HTTP/1.1
Host: outdilateinterrupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
Cookie: u_pl=16710802; uid_id2=dbb13b07-2e7e-405c-8137-531ada76238d:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 02 Feb 2023 02:02:54 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 542cec67c2284ebaea00ad983fe21aca
Strict-Transport-Security: max-age=0; includeSubdomains
unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbl?t=72747&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 02 Feb 2023 02:02:54 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: d0f9e494553babd8b4e268f41bbb53a1
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e55279b0641fb8435b27a53d5af7d6e8
cd3ac0125fc6e1705f9340d797e76d4cd1045ff4
0e8644ff039742611260e8288f1466bcce8bdfa61b0bc9b6223b75836225dc34
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0E8644FF039742611260E8288F1466BCCE8BDFA61B0BC9B6223B75836225DC34"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13645
Expires: Thu, 02 Feb 2023 05:50:19 GMT
Date: Thu, 02 Feb 2023 02:02:54 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e55279b0641fb8435b27a53d5af7d6e8
cd3ac0125fc6e1705f9340d797e76d4cd1045ff4
0e8644ff039742611260e8288f1466bcce8bdfa61b0bc9b6223b75836225dc34
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0E8644FF039742611260E8288F1466BCCE8BDFA61B0BC9B6223B75836225DC34"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13645
Expires: Thu, 02 Feb 2023 05:50:19 GMT
Date: Thu, 02 Feb 2023 02:02:54 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e55279b0641fb8435b27a53d5af7d6e8
cd3ac0125fc6e1705f9340d797e76d4cd1045ff4
0e8644ff039742611260e8288f1466bcce8bdfa61b0bc9b6223b75836225dc34
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0E8644FF039742611260E8288F1466BCCE8BDFA61B0BC9B6223B75836225DC34"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13645
Expires: Thu, 02 Feb 2023 05:50:19 GMT
Date: Thu, 02 Feb 2023 02:02:54 GMT
Connection: keep-alive
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
142.250.74.106200 OK 660 B URL HTTP/1.1 fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP 142.250.74.106:0
Hash 55130bf120bd75a4bba7d678be617cdf
77b172c0cc1d15e60ab95edccf3ac1e640d16812
262b9e8c2eeba18bdc3dd53ac7bbacdbbec713a9443ff5dc34e359de56ea040d
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Thu, 02 Feb 2023 02:02:54 GMT
Date: Thu, 02 Feb 2023 02:02:54 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e55279b0641fb8435b27a53d5af7d6e8
cd3ac0125fc6e1705f9340d797e76d4cd1045ff4
0e8644ff039742611260e8288f1466bcce8bdfa61b0bc9b6223b75836225dc34
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0E8644FF039742611260E8288F1466BCCE8BDFA61B0BC9B6223B75836225DC34"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13645
Expires: Thu, 02 Feb 2023 05:50:19 GMT
Date: Thu, 02 Feb 2023 02:02:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d1ede23ab1ddbc0d7fa930fd3810e49e
879f79b820606c514ae97d5a3c2be12533440a51
7ec120a673fc6ae1a147829269069666ef47b0258b832030906da7dc97ab2a14
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7EC120A673FC6AE1A147829269069666EF47B0258B832030906DA7DC97AB2A14"
Last-Modified: Tue, 31 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3382
Expires: Thu, 02 Feb 2023 02:59:16 GMT
Date: Thu, 02 Feb 2023 02:02:54 GMT
Connection: keep-alive
cdn.cloudimagesb.com/si/83/3d/e5/833de546c56c331bebb4de53b31dba05/1669388537.png
45.133.44.9200 OK 78 kB URL HTTP/2 cdn.cloudimagesb.com/si/83/3d/e5/833de546c56c331bebb4de53b31dba05/1669388537.png
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash b5363f9084c2365d15b9c8524ef0bad7
61bb4d49ffa7276b01447c15de4f4f9fc3da3c79
7939092319490c3a974f459a094ead8ab72bdc3915af2956c1fba6cf489d732a
GET /si/83/3d/e5/833de546c56c331bebb4de53b31dba05/1669388537.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 02:02:54 GMT
content-type: image/png
content-length: 78101
server: nginx/1.17.6
last-modified: Fri, 25 Nov 2022 15:02:26 GMT
etag: "6380d902-13115"
expires: Sat, 04 Feb 2023 02:02:54 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/img/close.svg
172.64.166.9200 OK 16 kB URL HTTP/2 cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/img/close.svg
IP 172.64.166.9:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash f050c5b59c50a8bfe0b8f5ada13bbdba
60bcca26676da182fb6d4828da36cce452d8e627
8e84499c07bb975e9c391b4e65614e1b39b03fb27d65edb37bc5098f02f8796f
GET /sb/ssp/utility/social-media/facebook/img/close.svg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 02:02:54 GMT
content-type: image/svg+xml
last-modified: Thu, 11 Feb 2021 15:13:59 GMT
etag: W/"602549b7-52a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 6783109
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zXFrdDNUbsJjKliIHqQTDFRpYXCVuJmYzkTPO%2FIHYeefyBHbe6XzkqyeabfxIbj8nHz%2Fg693dQr09xQTMOCyLfRCpD1uXMrTLVlVSXJ8K1qitsv7g2cUnr4AtFlh9Ypqi8EzVFbLLSLM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792f58eb0b257595-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.67200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.67:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://idoc-pub.programaspc.net
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15744
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 27 Jan 2023 18:19:32 GMT
Expires: Sat, 27 Jan 2024 18:19:32 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Wed, 11 May 2022 19:24:48 GMT
Content-Type: font/woff2
Age: 459802
outdilateinterrupt.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuTuLFnBRBgoiDeIjgTvrHzHRPQgjGGAnGZEkie%2FFSXVUzW251V1vVPT27p8WA7EHc0ZPH3m92s6hBzMWbor1eZEHIeNBF3IN%2FgkFPQWRmB1bfod5X9b2C733vfbBVHBIXBT1YfEuvSaXouXbTbZxdkinXpW3cuNPw3KZ7obEk007rQmM4PczgvOe2m%2B7LjTcEW9HnfNdzXc%2F1GlelET09PDdjIbP7Xa%2FZdZstv%2Bm1Wxia%2F99t4cBSB3xwSJ6G5JMnln98AMlqpMlXV4RdyXX2yutJoWiuDQZ89%2B10JdVliuQY9oyDXro7r4a2E0I%2BPQGd7s47gB5sTztALCfE%2BcVDnO7OZSIe7BwpjRVEipifRjmoIVQNSWswfReSPyQA47hxE2ly74Y2JV09YumUnZBTfz%2BCLCfk1O%2FPIE2%2BvKzksHFbqyKXOrUY9irIYQ3Zr5EVe8jXHMhyDyx%2FH5ITpEkFyQ9e4nHsBbEbLvgiFAstt80WIi8IF9qBRzkNO34Q8Zk1UtaQvRpKjEDtSRTWQSEdFD0HReYg4QcN2u72XDfsxb0giFqMsSBgrB11eJsHrajnomBT7SPk2QhMjcDMOjKzjhU5gim%2Bg12uYLkDmxMMeIVSEJSWoKQEpSQoc4JyUO1wZX1b3ePKFrE3z%2F48B9VY5%2F0tuqPzvkjJVnZInpoZ9s%2FjT7AiDhpR2InDVuT5sYjCji%2B8ts86XifsMr9Lg14bVlaQ9gSodbAmJ%2BTMH4%2BRyQkhm78ipnuwag9MOqDF86DlOPRd0OVxK3Kxln5tZS4sFzZW%2Br1CUK5tk%2BkEXFfI8lPIV50tdUjOzBSdv3gagu1fmmy%2Bc%2FavehPMVMhMhXflDwR9tTG%2BpUuyfUuXljy4meUykWt0Ot7bOc3Fyc%2FfFKulNvzaFTv67FU2Jabw%2Fh1h8%2Bs05TLtW%2FLFZcm5MFe1YYJ8c80uiXixsMuXC5MW2fXF165eSzIjrJU6rUHlQ%2FshmJyQJzc%2Bmi3uCy8mkKaGKSokxT6ZB6SuwbJ12OxYvdUERh3XxJmDsqjGxo%2BPH5WcEP%2FRs1Bi%2F9L3F7%2FdzZ77EzSuYMV%2FPh7jLbuBvnFA87uzlR2YCgNVgaoRbHFynGdm%2F9LPwSwQK2ccK%2BNsx8qoj4%2FstfKg0fZaIoqjkHEeC8a90A%2BiwHV9zlthV3hd5HbCfjvz078AAAD%2F%2FwEAAP%2F%2F5Ps2U5QEAAA%3D
192.243.59.20200 OK 7 B URL HTTP/1.1 outdilateinterrupt.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuTuLFnBRBgoiDeIjgTvrHzHRPQgjGGAnGZEkie%2FFSXVUzW251V1vVPT27p8WA7EHc0ZPH3m92s6hBzMWbor1eZEHIeNBF3IN%2FgkFPQWRmB1bfod5X9b2C733vfbBVHBIXBT1YfEuvSaXouXbTbZxdkinXpW3cuNPw3KZ7obEk007rQmM4PczgvOe2m%2B7LjTcEW9HnfNdzXc%2F1GlelET09PDdjIbP7Xa%2FZdZstv%2Bm1Wxia%2F99t4cBSB3xwSJ6G5JMnln98AMlqpMlXV4RdyXX2yutJoWiuDQZ89%2B10JdVliuQY9oyDXro7r4a2E0I%2BPQGd7s47gB5sTztALCfE%2BcVDnO7OZSIe7BwpjRVEipifRjmoIVQNSWswfReSPyQA47hxE2ly74Y2JV09YumUnZBTfz%2BCLCfk1O%2FPIE2%2BvKzksHFbqyKXOrUY9irIYQ3Zr5EVe8jXHMhyDyx%2FH5ITpEkFyQ9e4nHsBbEbLvgiFAstt80WIi8IF9qBRzkNO34Q8Zk1UtaQvRpKjEDtSRTWQSEdFD0HReYg4QcN2u72XDfsxb0giFqMsSBgrB11eJsHrajnomBT7SPk2QhMjcDMOjKzjhU5gim%2Bg12uYLkDmxMMeIVSEJSWoKQEpSQoc4JyUO1wZX1b3ePKFrE3z%2F48B9VY5%2F0tuqPzvkjJVnZInpoZ9s%2FjT7AiDhpR2InDVuT5sYjCji%2B8ts86XifsMr9Lg14bVlaQ9gSodbAmJ%2BTMH4%2BRyQkhm78ipnuwag9MOqDF86DlOPRd0OVxK3Kxln5tZS4sFzZW%2Br1CUK5tk%2BkEXFfI8lPIV50tdUjOzBSdv3gagu1fmmy%2Bc%2FavehPMVMhMhXflDwR9tTG%2BpUuyfUuXljy4meUykWt0Ot7bOc3Fyc%2FfFKulNvzaFTv67FU2Jabw%2Fh1h8%2Bs05TLtW%2FLFZcm5MFe1YYJ8c80uiXixsMuXC5MW2fXF165eSzIjrJU6rUHlQ%2FshmJyQJzc%2Bmi3uCy8mkKaGKSokxT6ZB6SuwbJ12OxYvdUERh3XxJmDsqjGxo%2BPH5WcEP%2FRs1Bi%2F9L3F7%2FdzZ77EzSuYMV%2FPh7jLbuBvnFA87uzlR2YCgNVgaoRbHFynGdm%2F9LPwSwQK2ccK%2BNsx8qoj4%2FstfKg0fZaIoqjkHEeC8a90A%2BiwHV9zlthV3hd5HbCfjvz078AAAD%2F%2FwEAAP%2F%2F5Ps2U5QEAAA%3D
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuTuLFnBRBgoiDeIjgTvrHzHRPQgjGGAnGZEkie%2FFSXVUzW251V1vVPT27p8WA7EHc0ZPH3m92s6hBzMWbor1eZEHIeNBF3IN%2FgkFPQWRmB1bfod5X9b2C733vfbBVHBIXBT1YfEuvSaXouXbTbZxdkinXpW3cuNPw3KZ7obEk007rQmM4PczgvOe2m%2B7LjTcEW9HnfNdzXc%2F1GlelET09PDdjIbP7Xa%2FZdZstv%2Bm1Wxia%2F99t4cBSB3xwSJ6G5JMnln98AMlqpMlXV4RdyXX2yutJoWiuDQZ89%2B10JdVliuQY9oyDXro7r4a2E0I%2BPQGd7s47gB5sTztALCfE%2BcVDnO7OZSIe7BwpjRVEipifRjmoIVQNSWswfReSPyQA47hxE2ly74Y2JV09YumUnZBTfz%2BCLCfk1O%2FPIE2%2BvKzksHFbqyKXOrUY9irIYQ3Zr5EVe8jXHMhyDyx%2FH5ITpEkFyQ9e4nHsBbEbLvgiFAstt80WIi8IF9qBRzkNO34Q8Zk1UtaQvRpKjEDtSRTWQSEdFD0HReYg4QcN2u72XDfsxb0giFqMsSBgrB11eJsHrajnomBT7SPk2QhMjcDMOjKzjhU5gim%2Bg12uYLkDmxMMeIVSEJSWoKQEpSQoc4JyUO1wZX1b3ePKFrE3z%2F48B9VY5%2F0tuqPzvkjJVnZInpoZ9s%2FjT7AiDhpR2InDVuT5sYjCji%2B8ts86XifsMr9Lg14bVlaQ9gSodbAmJ%2BTMH4%2BRyQkhm78ipnuwag9MOqDF86DlOPRd0OVxK3Kxln5tZS4sFzZW%2Br1CUK5tk%2BkEXFfI8lPIV50tdUjOzBSdv3gagu1fmmy%2Bc%2FavehPMVMhMhXflDwR9tTG%2BpUuyfUuXljy4meUykWt0Ot7bOc3Fyc%2FfFKulNvzaFTv67FU2Jabw%2Fh1h8%2Bs05TLtW%2FLFZcm5MFe1YYJ8c80uiXixsMuXC5MW2fXF165eSzIjrJU6rUHlQ%2FshmJyQJzc%2Bmi3uCy8mkKaGKSokxT6ZB6SuwbJ12OxYvdUERh3XxJmDsqjGxo%2BPH5WcEP%2FRs1Bi%2F9L3F7%2FdzZ77EzSuYMV%2FPh7jLbuBvnFA87uzlR2YCgNVgaoRbHFynGdm%2F9LPwSwQK2ccK%2BNsx8qoj4%2FstfKg0fZaIoqjkHEeC8a90A%2BiwHV9zlthV3hd5HbCfjvz078AAAD%2F%2FwEAAP%2F%2F5Ps2U5QEAAA%3D HTTP/1.1
Host: outdilateinterrupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
Cookie: u_pl=16710802; uid_id2=dbb13b07-2e7e-405c-8137-531ada76238d:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 02 Feb 2023 02:02:54 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9c5f55367f40bd79546658a9a1fcc6c9
Strict-Transport-Security: max-age=0; includeSubdomains
outdilateinterrupt.com/pixel/sbs?c=1
192.243.59.20200 OK 0 B URL HTTP/1.1 outdilateinterrupt.com/pixel/sbs?c=1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: outdilateinterrupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
Cookie: u_pl=16710802; uid_id2=dbb13b07-2e7e-405c-8137-531ada76238d:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 02 Feb 2023 02:02:55 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
rndskittytor.com/500/4837723?excludes=&oaid=276e693cc19f4e0a96aa064e94c50176&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=http%3A%2F%2Fidoc-pub.programaspc.net%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.238200 OK 0 B URL HTTP/1.1 rndskittytor.com/500/4837723?excludes=&oaid=276e693cc19f4e0a96aa064e94c50176&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=http%3A%2F%2Fidoc-pub.programaspc.net%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.238:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/4837723?excludes=&oaid=276e693cc19f4e0a96aa064e94c50176&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=http%3A%2F%2Fidoc-pub.programaspc.net%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: rndskittytor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: http://idoc-pub.programaspc.net/
Origin: http://idoc-pub.programaspc.net
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 02:02:58 GMT
Content-Length: 0
Connection: keep-alive
Allow: GET, OPTIONS
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: http://idoc-pub.programaspc.net
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 600
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *
rndskittytor.com/500/4837723?excludes=&oaid=276e693cc19f4e0a96aa064e94c50176&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=http%3A%2F%2Fidoc-pub.programaspc.net%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.238200 OK 980 B URL HTTP/1.1 rndskittytor.com/500/4837723?excludes=&oaid=276e693cc19f4e0a96aa064e94c50176&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=http%3A%2F%2Fidoc-pub.programaspc.net%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.238:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (1200), with no line terminators
Hash 6c3e143b4e112a6bd56b3ea9f840a988
63ec12dd7aaffba218f6bebf41cf944638d1c72c
c64884c51c812627950acfa66701b3ea4ed3d80d128506c281c7c27217bfbb65
Analyzer Verdict Alert quad9 Sinkholed
GET /500/4837723?excludes=&oaid=276e693cc19f4e0a96aa064e94c50176&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=http%3A%2F%2Fidoc-pub.programaspc.net%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: rndskittytor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json
Origin: http://idoc-pub.programaspc.net
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 02:02:58 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 053b1f9ef9566df34b9154ee9288e22d
Pragma: no-cache
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Vary: Origin
Access-Control-Allow-Origin: http://idoc-pub.programaspc.net
Access-Control-Expose-Headers: Link
Access-Control-Allow-Credentials: true
Set-Cookie: OAID=276e693cc19f4e0a96aa064e94c50176; expires=Fri, 02 Feb 2024 02:02:58 GMT; path=/; secure; SameSite=None
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip
benumelan.com/11?rnd=891253708&z=4724958&b=16336478&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=jYn49ugB4ds6enjUxwHJcUUSXbJtAqhrLXY8nzjTDlh7cXEQ_Q0BdSNzSVBCQEXeMU_RpwBwMkhkhkVhFZJyXXCumQd_hx4ifikKVa_Yqs3uUZ2ijQjgh26qSFZ-Z921IqoCS5ueiQR4SRCPHgl5r96FOKEVxHI04afmId-YFn7nmlMudD6AQCOzUAIUU4qRF3yr4dqdBI_liK_v_QoIKje0PYlWRY8yJzuAySl6LeSggxtOxXm5v9xCtniLycE1kiUwveI1XD_sFDuK2tiE41nbP6Snpw5fzMA4yT_sCjbwTFrRfAu6snXkAV6CMEtWExT6UxzoWRa27mIqcCVsjnwD-LahtL4ld3i3dc796MNfY2-NvLCPqWt5gPX_pxHrXH0AsM_8RKkdUggLzDt3YNqVKOtekOBlzzeUXdF9kM4UbtykyMh47HF5FtvkCpuAT7_eS_Q0OhreC71btHD3tt6d5LbmxWYxr7Ui2IGYF5QVCtU_Zm1PyCurKBSGbUy7QWnNBbC6Kp0MAcP-s72xUE9F6KoVZGclBGx9gqf_tR0KgAvYtRJPeqI1qqNKW3EkeZT2JYvbugv0wLTa73q2Zqqm2PazE4gfHqJxpbyrrMfz2rJqlu54JQyniEkGSL72Oqc1eHG2Gc5wo9HQqxz-wg==&ruid=1fe45ed7-a597-4fc8-b548-24d544c014ca&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fidoc-pub.programaspc.net%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
139.45.197.239204 No Content 0 B URL HTTP/2 benumelan.com/11?rnd=891253708&z=4724958&b=16336478&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=jYn49ugB4ds6enjUxwHJcUUSXbJtAqhrLXY8nzjTDlh7cXEQ_Q0BdSNzSVBCQEXeMU_RpwBwMkhkhkVhFZJyXXCumQd_hx4ifikKVa_Yqs3uUZ2ijQjgh26qSFZ-Z921IqoCS5ueiQR4SRCPHgl5r96FOKEVxHI04afmId-YFn7nmlMudD6AQCOzUAIUU4qRF3yr4dqdBI_liK_v_QoIKje0PYlWRY8yJzuAySl6LeSggxtOxXm5v9xCtniLycE1kiUwveI1XD_sFDuK2tiE41nbP6Snpw5fzMA4yT_sCjbwTFrRfAu6snXkAV6CMEtWExT6UxzoWRa27mIqcCVsjnwD-LahtL4ld3i3dc796MNfY2-NvLCPqWt5gPX_pxHrXH0AsM_8RKkdUggLzDt3YNqVKOtekOBlzzeUXdF9kM4UbtykyMh47HF5FtvkCpuAT7_eS_Q0OhreC71btHD3tt6d5LbmxWYxr7Ui2IGYF5QVCtU_Zm1PyCurKBSGbUy7QWnNBbC6Kp0MAcP-s72xUE9F6KoVZGclBGx9gqf_tR0KgAvYtRJPeqI1qqNKW3EkeZT2JYvbugv0wLTa73q2Zqqm2PazE4gfHqJxpbyrrMfz2rJqlu54JQyniEkGSL72Oqc1eHG2Gc5wo9HQqxz-wg==&ruid=1fe45ed7-a597-4fc8-b548-24d544c014ca&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fidoc-pub.programaspc.net%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /11?rnd=891253708&z=4724958&b=16336478&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=jYn49ugB4ds6enjUxwHJcUUSXbJtAqhrLXY8nzjTDlh7cXEQ_Q0BdSNzSVBCQEXeMU_RpwBwMkhkhkVhFZJyXXCumQd_hx4ifikKVa_Yqs3uUZ2ijQjgh26qSFZ-Z921IqoCS5ueiQR4SRCPHgl5r96FOKEVxHI04afmId-YFn7nmlMudD6AQCOzUAIUU4qRF3yr4dqdBI_liK_v_QoIKje0PYlWRY8yJzuAySl6LeSggxtOxXm5v9xCtniLycE1kiUwveI1XD_sFDuK2tiE41nbP6Snpw5fzMA4yT_sCjbwTFrRfAu6snXkAV6CMEtWExT6UxzoWRa27mIqcCVsjnwD-LahtL4ld3i3dc796MNfY2-NvLCPqWt5gPX_pxHrXH0AsM_8RKkdUggLzDt3YNqVKOtekOBlzzeUXdF9kM4UbtykyMh47HF5FtvkCpuAT7_eS_Q0OhreC71btHD3tt6d5LbmxWYxr7Ui2IGYF5QVCtU_Zm1PyCurKBSGbUy7QWnNBbC6Kp0MAcP-s72xUE9F6KoVZGclBGx9gqf_tR0KgAvYtRJPeqI1qqNKW3EkeZT2JYvbugv0wLTa73q2Zqqm2PazE4gfHqJxpbyrrMfz2rJqlu54JQyniEkGSL72Oqc1eHG2Gc5wo9HQqxz-wg==&ruid=1fe45ed7-a597-4fc8-b548-24d544c014ca&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fidoc-pub.programaspc.net%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 HTTP/1.1
Host: benumelan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-sc
Referer: http://idoc-pub.programaspc.net/
Origin: http://idoc-pub.programaspc.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 02 Feb 2023 02:02:58 GMT
access-control-allow-credentials: true
access-control-allow-origin: http://idoc-pub.programaspc.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
benumelan.com/11?rnd=891253708&z=4724958&b=16336478&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=jYn49ugB4ds6enjUxwHJcUUSXbJtAqhrLXY8nzjTDlh7cXEQ_Q0BdSNzSVBCQEXeMU_RpwBwMkhkhkVhFZJyXXCumQd_hx4ifikKVa_Yqs3uUZ2ijQjgh26qSFZ-Z921IqoCS5ueiQR4SRCPHgl5r96FOKEVxHI04afmId-YFn7nmlMudD6AQCOzUAIUU4qRF3yr4dqdBI_liK_v_QoIKje0PYlWRY8yJzuAySl6LeSggxtOxXm5v9xCtniLycE1kiUwveI1XD_sFDuK2tiE41nbP6Snpw5fzMA4yT_sCjbwTFrRfAu6snXkAV6CMEtWExT6UxzoWRa27mIqcCVsjnwD-LahtL4ld3i3dc796MNfY2-NvLCPqWt5gPX_pxHrXH0AsM_8RKkdUggLzDt3YNqVKOtekOBlzzeUXdF9kM4UbtykyMh47HF5FtvkCpuAT7_eS_Q0OhreC71btHD3tt6d5LbmxWYxr7Ui2IGYF5QVCtU_Zm1PyCurKBSGbUy7QWnNBbC6Kp0MAcP-s72xUE9F6KoVZGclBGx9gqf_tR0KgAvYtRJPeqI1qqNKW3EkeZT2JYvbugv0wLTa73q2Zqqm2PazE4gfHqJxpbyrrMfz2rJqlu54JQyniEkGSL72Oqc1eHG2Gc5wo9HQqxz-wg==&ruid=1fe45ed7-a597-4fc8-b548-24d544c014ca&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fidoc-pub.programaspc.net%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
139.45.197.239200 OK 0 B URL HTTP/2 benumelan.com/11?rnd=891253708&z=4724958&b=16336478&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=jYn49ugB4ds6enjUxwHJcUUSXbJtAqhrLXY8nzjTDlh7cXEQ_Q0BdSNzSVBCQEXeMU_RpwBwMkhkhkVhFZJyXXCumQd_hx4ifikKVa_Yqs3uUZ2ijQjgh26qSFZ-Z921IqoCS5ueiQR4SRCPHgl5r96FOKEVxHI04afmId-YFn7nmlMudD6AQCOzUAIUU4qRF3yr4dqdBI_liK_v_QoIKje0PYlWRY8yJzuAySl6LeSggxtOxXm5v9xCtniLycE1kiUwveI1XD_sFDuK2tiE41nbP6Snpw5fzMA4yT_sCjbwTFrRfAu6snXkAV6CMEtWExT6UxzoWRa27mIqcCVsjnwD-LahtL4ld3i3dc796MNfY2-NvLCPqWt5gPX_pxHrXH0AsM_8RKkdUggLzDt3YNqVKOtekOBlzzeUXdF9kM4UbtykyMh47HF5FtvkCpuAT7_eS_Q0OhreC71btHD3tt6d5LbmxWYxr7Ui2IGYF5QVCtU_Zm1PyCurKBSGbUy7QWnNBbC6Kp0MAcP-s72xUE9F6KoVZGclBGx9gqf_tR0KgAvYtRJPeqI1qqNKW3EkeZT2JYvbugv0wLTa73q2Zqqm2PazE4gfHqJxpbyrrMfz2rJqlu54JQyniEkGSL72Oqc1eHG2Gc5wo9HQqxz-wg==&ruid=1fe45ed7-a597-4fc8-b548-24d544c014ca&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fidoc-pub.programaspc.net%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /11?rnd=891253708&z=4724958&b=16336478&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=jYn49ugB4ds6enjUxwHJcUUSXbJtAqhrLXY8nzjTDlh7cXEQ_Q0BdSNzSVBCQEXeMU_RpwBwMkhkhkVhFZJyXXCumQd_hx4ifikKVa_Yqs3uUZ2ijQjgh26qSFZ-Z921IqoCS5ueiQR4SRCPHgl5r96FOKEVxHI04afmId-YFn7nmlMudD6AQCOzUAIUU4qRF3yr4dqdBI_liK_v_QoIKje0PYlWRY8yJzuAySl6LeSggxtOxXm5v9xCtniLycE1kiUwveI1XD_sFDuK2tiE41nbP6Snpw5fzMA4yT_sCjbwTFrRfAu6snXkAV6CMEtWExT6UxzoWRa27mIqcCVsjnwD-LahtL4ld3i3dc796MNfY2-NvLCPqWt5gPX_pxHrXH0AsM_8RKkdUggLzDt3YNqVKOtekOBlzzeUXdF9kM4UbtykyMh47HF5FtvkCpuAT7_eS_Q0OhreC71btHD3tt6d5LbmxWYxr7Ui2IGYF5QVCtU_Zm1PyCurKBSGbUy7QWnNBbC6Kp0MAcP-s72xUE9F6KoVZGclBGx9gqf_tR0KgAvYtRJPeqI1qqNKW3EkeZT2JYvbugv0wLTa73q2Zqqm2PazE4gfHqJxpbyrrMfz2rJqlu54JQyniEkGSL72Oqc1eHG2Gc5wo9HQqxz-wg==&ruid=1fe45ed7-a597-4fc8-b548-24d544c014ca&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fidoc-pub.programaspc.net%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 HTTP/1.1
Host: benumelan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Sc: xU928FsZv--vJibZdAnC7ZcAqeZWfe7_Vj1iRtNLMrVd_iKB1CV8dpTIx60DWIwbudU-E0IFjruj5nenV07mSAeF-Bs=
Origin: http://idoc-pub.programaspc.net
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
Cookie: scm=1; OAID=276e693cc19f4e0a96aa064e94c50176; oaidts=1675303373
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:02:58 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: http://idoc-pub.programaspc.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: 8dba3377462a465e5837d1f0416aa52b
access-control-expose-headers: X-Sc
x-sc:
set-cookie: OAID=276e693cc19f4e0a96aa064e94c50176; expires=Fri, 02 Feb 2024 02:02:58 GMT; secure; SameSite=None
oaidts=1675303373; expires=Fri, 02 Feb 2024 02:02:58 GMT; secure; SameSite=None
oaidvc=1; expires=Fri, 02 Feb 2024 02:02:58 GMT; secure; SameSite=None
CNT=1_v1_Xkb5AAEAAAC-SwAA; expires=Thu, 02 Feb 2023 03:02:58 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
idoc-pub.programaspc.net/static/javascripts/bootbox.all.min.js
104.21.73.21200 OK 0 B URL HTTP/2 idoc-pub.programaspc.net/static/javascripts/bootbox.all.min.js
IP 104.21.73.21:0
GET /static/javascripts/bootbox.all.min.js HTTP/1.1
Host: idoc-pub.programaspc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 02:02:51 GMT
content-type: text/javascript;charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: view=1; expires=Fri, 03-Feb-2023 02:02:51 GMT; Max-Age=86400
PHPSESSID=j0hjv6q5a3hqvbsqu3na47hjpd; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HXvKSzDoeXqUbVKH8HxQT2NB2%2F%2FMV0gvh0NFJDgXGe6q%2BYk62BQxgblW49DqeVR9fhLzup2ZpKKy%2Bzcihm5ov74o13zC9oNeiinjJuMiVRSUsgHvRWr8yHJaZvNnUQhDm0UZF7f0uH1TvAM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792f58d80a7b0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
idoc-pub.programaspc.net/img/crop/300x300/d47e6qye6mn2.jpg
104.21.73.21200 OK 0 B URL HTTP/2 idoc-pub.programaspc.net/img/crop/300x300/d47e6qye6mn2.jpg
IP 104.21.73.21:0
GET /img/crop/300x300/d47e6qye6mn2.jpg HTTP/1.1
Host: idoc-pub.programaspc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 02:02:52 GMT
content-type: image/jpeg
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: view=1; expires=Fri, 03-Feb-2023 02:02:51 GMT; Max-Age=86400
PHPSESSID=tlvjhrv66jmjt0ksbc2eqld3oq; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ceq2SIhF0mEbUQsVEH32t%2FJyUDtfjEaeetemuP7v661r%2FcjK1XV9HlcscxQiL%2BCXDRNcTD%2F8LDPSLPUoohoUXOMZiUVoC05xltyeklnvwmJridIqvRHqwzfhX2M7pKODTxb20o56Q5w%2FQ3U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792f58d80a880b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
idoc-pub.programaspc.net/img/crop/300x300/vlr076qrejlz.jpg
104.21.73.21200 OK 0 B URL HTTP/2 idoc-pub.programaspc.net/img/crop/300x300/vlr076qrejlz.jpg
IP 104.21.73.21:0
GET /img/crop/300x300/vlr076qrejlz.jpg HTTP/1.1
Host: idoc-pub.programaspc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 02:02:52 GMT
content-type: image/jpeg
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: view=1; expires=Fri, 03-Feb-2023 02:02:51 GMT; Max-Age=86400
PHPSESSID=qp028ejo5gido7nr74k31nc8os; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ndi4kmz4%2BKVd9LQEZVstD3OPBv%2BGJe51UxLwgqDK5ZqLascso1%2BBOqypqXVOXHQ5eJln%2FcKM1aX%2FUEL14Q7gCFBuPV0rweo92y%2BLVS6oelYXj4swSa%2FUVt%2Ff5im0s801805syx8qSPdZ2II%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792f58d80a8c0b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
idoc-pub.programaspc.net/static/styles/main.css
104.21.73.21200 OK 0 B URL HTTP/2 idoc-pub.programaspc.net/static/styles/main.css
IP 104.21.73.21:0
GET /static/styles/main.css HTTP/1.1
Host: idoc-pub.programaspc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 02:02:51 GMT
content-type: text/css;charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: view=1; expires=Fri, 03-Feb-2023 02:02:51 GMT; Max-Age=86400
PHPSESSID=opgr7dripscne7j9lo3bncbj2a; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LHBBY8h131%2Bc%2BX6Ft8vLB4fVM8oxNhIld0aurWUJeNy6rWufhO5u80KgXH6IHbRBgAi3ESPK9JS5bFNlfIBcbBgwR82ybq7XYZG3ndy35HNhFmLLLaKnW9paLOI5CVGgorBV2nhCFGJ7inE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792f58d82a990b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
idoc-pub.programaspc.net/img/crop/300x300/pnxk8pyqyx4v.jpg
104.21.73.21200 OK 0 B URL HTTP/2 idoc-pub.programaspc.net/img/crop/300x300/pnxk8pyqyx4v.jpg
IP 104.21.73.21:0
GET /img/crop/300x300/pnxk8pyqyx4v.jpg HTTP/1.1
Host: idoc-pub.programaspc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 02:02:51 GMT
content-type: image/jpeg
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: view=1; expires=Fri, 03-Feb-2023 02:02:51 GMT; Max-Age=86400
PHPSESSID=kgfk9i26odkhqsrrb1ccf7f9si; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PtoY1UgwzvzbZFkejO%2FGNol4A8AV%2B7hEUSb5YcRYzRrxeAoDq%2Fur6QUOy%2Fz9gUtvMXcdgrLir0rwoNDqS%2FWzuOEt%2BKD3K5DaGRhclUqgiv9kwBypXSvV0IlU1pMsIzebSiOXNLJSrePjf50%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792f58d81a930b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
104.21.89.122200 OK 0 B IP 104.21.89.122:0
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 02:02:53 GMT
content-type: application/javascript
last-modified: Thu, 29 Dec 2022 16:01:28 GMT
etag: W/"63adb9d8-3341"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 1702
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CBHVX9NIgPloMJQR4rBz1wO794%2BbfzAMI5B%2F0kZtMvruaEnTpdE9W3IUHOo%2FEzf44sW4TzY6IUd4HIZQijYjj22KNqR96n9p1V%2FRl6hCe4SfUSZ0qGAeF%2FXILLC6TA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792f58e14f49b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
idoc-pub.programaspc.net/static/javascripts/filepond.js
104.21.73.21200 OK 0 B URL HTTP/2 idoc-pub.programaspc.net/static/javascripts/filepond.js
IP 104.21.73.21:0
GET /static/javascripts/filepond.js HTTP/1.1
Host: idoc-pub.programaspc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 02:02:51 GMT
content-type: text/javascript;charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: view=1; expires=Fri, 03-Feb-2023 02:02:51 GMT; Max-Age=86400
PHPSESSID=7c3anfcfkvq8hnktes5cd5pvc4; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NXmOKxcfvz0fVOs4odUUKUra54T0di95MDRCQEwDjxtB8uSS1d7R8ZrLpZfmU%2B1GeuNBSwI5blMh%2FJ2ujDErdEFArU4S6eu0zSIztyPjFRvvqT0rD8T8bnyQCjSLMu%2FqZY0MAfW9glPU7Go%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792f58d80a7c0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
idoc-pub.programaspc.net/img/crop/300x300/pnx1wx86delv.jpg
104.21.73.21200 OK 0 B URL HTTP/2 idoc-pub.programaspc.net/img/crop/300x300/pnx1wx86delv.jpg
IP 104.21.73.21:0
GET /img/crop/300x300/pnx1wx86delv.jpg HTTP/1.1
Host: idoc-pub.programaspc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 02:02:51 GMT
content-type: image/jpeg
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: view=1; expires=Fri, 03-Feb-2023 02:02:51 GMT; Max-Age=86400
PHPSESSID=ipavd5stfiac1fakudhisajp5e; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HODmChpeffCQMcVWTsND%2BD8lxAr9yaNbzRk83a1ogghvzVnrm4rjkhJDoBlBj2NV4Tc5r6uwikTYDo9SQ0ZGuXGr%2FPlnOCGxeMwDSC3N8GHBZxkBtoPFkjHf5g%2BgngFNe9bU0RZsaj88%2F00%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792f58d80a800b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
idoc-pub.programaspc.net/img/crop/300x300/d477ere6oy42.jpg
104.21.73.21200 OK 0 B URL HTTP/2 idoc-pub.programaspc.net/img/crop/300x300/d477ere6oy42.jpg
IP 104.21.73.21:0
GET /img/crop/300x300/d477ere6oy42.jpg HTTP/1.1
Host: idoc-pub.programaspc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 02:02:51 GMT
content-type: image/jpeg
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: view=1; expires=Fri, 03-Feb-2023 02:02:51 GMT; Max-Age=86400
PHPSESSID=l9cvcsjeuudg10g4kvqhq71p09; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=viruLvWui2tmOPYyN6NiphVI494frUd18iAlA7faNIySWWpFjdV3Piy%2BM83nclDqAo%2FOJK3dqaXd6OWMmMpmuaBBwIaQQbmq%2BRWkVsM7poKdcNLJ8ETSO5309GYCGAVV5lxY2Zm6BmXeFgk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792f58d81a920b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
idoc-pub.programaspc.net/static/styles/filepond.css
104.21.73.21200 OK 0 B URL HTTP/2 idoc-pub.programaspc.net/static/styles/filepond.css
IP 104.21.73.21:0
GET /static/styles/filepond.css HTTP/1.1
Host: idoc-pub.programaspc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 02:02:51 GMT
content-type: text/css;charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: view=1; expires=Fri, 03-Feb-2023 02:02:51 GMT; Max-Age=86400
PHPSESSID=q5gq5h8mbpohv9p3jipmqu659m; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EVOVDiJSMzMyqczkF3JjU7ZtSL94M2CoVoLTNPonN2O4WPnzHRno3lH8aVawimJ%2FbaHqLZxZc%2BWMarlLd1hk9y2W1PLzqHKr8d%2BkSVCGtUKgtfob8R6nG8GaoA1qb214yNkmN8PQ0hLNR2Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792f58d82a980b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
idoc-pub.programaspc.net/static/images/-3.jpg
104.21.73.21200 OK 0 B URL HTTP/2 idoc-pub.programaspc.net/static/images/-3.jpg
IP 104.21.73.21:0
GET /static/images/-3.jpg HTTP/1.1
Host: idoc-pub.programaspc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 02:02:52 GMT
content-type: image/jpeg
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: view=1; expires=Fri, 03-Feb-2023 02:02:51 GMT; Max-Age=86400
PHPSESSID=8crgngc0gs5jf9euuhtpbc2a8t; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wKJUf1AhbNBPsEfcTJsLjA0EsoM9vrGyJjI41CmECn%2B0gDz37vpwvxsmYOeJ%2BRZR%2BmuJfljGuAXPv146OajT5SIbDsMywZOy2qxEvg7ZfIlenJIh7ngQhgYhgqc2ec39%2FEUXC8spV3iJJec%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792f58d80a840b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
idoc-pub.programaspc.net/img/crop/300x300/9n0k2kvw7p4v.jpg
104.21.73.21200 OK 0 B URL HTTP/2 idoc-pub.programaspc.net/img/crop/300x300/9n0k2kvw7p4v.jpg
IP 104.21.73.21:0
GET /img/crop/300x300/9n0k2kvw7p4v.jpg HTTP/1.1
Host: idoc-pub.programaspc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 02:02:51 GMT
content-type: image/jpeg
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: view=1; expires=Fri, 03-Feb-2023 02:02:51 GMT; Max-Age=86400
PHPSESSID=hpv2uepohuagvr6u426e485spj; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FT0GKfsOg1L4R1%2Ft2NHwtypuTx%2FxfvgYK5DtOn6E4Uooscn%2FrkkMJduZ8tBdBDcxD6VQiTzDqqaKkyl4c646K1t%2BOgYIQFSUdQiQOmAqVwT6%2F4yDEdC7Yp%2Bka5Z370NORXPeCyLuRLnPD7w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792f58d80a7e0b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
idoc-pub.programaspc.net/static/javascripts/bootstrap.min.js
104.21.73.21200 OK 0 B URL HTTP/2 idoc-pub.programaspc.net/static/javascripts/bootstrap.min.js
IP 104.21.73.21:0
GET /static/javascripts/bootstrap.min.js HTTP/1.1
Host: idoc-pub.programaspc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 02:02:51 GMT
content-type: text/javascript;charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: view=1; expires=Fri, 03-Feb-2023 02:02:51 GMT; Max-Age=86400
PHPSESSID=hnhsftgf5dh6ucdqjq05mgqlat; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BkOihoRxDdGhIdoANMrwAaRtA2fMP8X5vbIPo348i%2F8WnWdQYlBZo2Py9O4e676bjM7P1Ey0sjabDUdtJICcLY8Nkq9XCLugVVzFOA6%2B6Lxzj3GDDMnjt4KPvMwVrzgjIqxcTq7EjA9cIKc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792f58d80a7a0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/css/style.css
172.64.166.9200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/css/style.css
IP 172.64.166.9:0
GET /sb/ssp/utility/social-media/facebook/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://idoc-pub.programaspc.net
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 02:02:54 GMT
content-type: text/css
last-modified: Fri, 27 Aug 2021 12:19:14 GMT
etag: W/"6128d842-18be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b5zTLfCW8trNaU87SXa0v56I5mm%2FwpqkgG6DM2%2Bg7W6nPL8kEBiKiRdPjaAkWzqWlvgA930aG1aIV9HVw%2Bd1CuxIB9HfX2F0r4bxyW818nR6vBVHD%2B%2FpGc9qOKzuwDYXZYjC6wJOaN1b"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792f58eaaed6774a-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.8.1/css/all.css
172.64.132.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.8.1/css/all.css
IP 172.64.132.15:0
GET /releases/v5.8.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://idoc-pub.programaspc.net
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 02:02:51 GMT
content-type: text/css
x-amz-id-2: Y1FGTb9CPtbhHqC7oz4jI70tefwz59kfoj6WUFBZAIxOGTv8d/HnQJwoi7FCMLa4aO814wyA7yc=
x-amz-request-id: SNGR0HSB94607B24
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:46:39 GMT
etag: W/"e4c542a7f6bf6f74fdd8cdf6e8096396"
cache-control: max-age=31556926
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hrxvvwz2d5gN810oApH2AKTIoL2PDwRld18grPZz%2BuK84Q%2B%2B2x7133ee6%2B4pT%2FhPyhf6J2wcP3xD2gCJmlb%2Fe1UZpspDtPLXllexo%2F2Nmmd6WL2ZeMLmTAIwMcpaOxujekzgLc8b"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792f58d86c637708-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
idoc-pub.programaspc.net/img/crop/300x300/ylyxmpv57znm.jpg
104.21.73.21200 OK 0 B URL HTTP/2 idoc-pub.programaspc.net/img/crop/300x300/ylyxmpv57znm.jpg
IP 104.21.73.21:0
GET /img/crop/300x300/ylyxmpv57znm.jpg HTTP/1.1
Host: idoc-pub.programaspc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 02:02:51 GMT
content-type: image/jpeg
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: view=1; expires=Fri, 03-Feb-2023 02:02:51 GMT; Max-Age=86400
PHPSESSID=7t182ok6bmi2skhqht29to6959; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xgO8N7K3eyQ5gINufG70MxPYCq5J9M6Ot3ZumAlFvdvbs9nypvPlrzvMFEieiqlTeQa6N3jir9l5tMLumBVg0DPAss%2FN2kQiL3gpRG5IHmptg1lmixx%2Bu8Sy4dhnro78WrZztw%2FFr%2BERq4I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792f58d80a7f0b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
idoc-pub.programaspc.net/img/crop/300x300/6nge8d7rvjlv.jpg
104.21.73.21200 OK 0 B URL HTTP/2 idoc-pub.programaspc.net/img/crop/300x300/6nge8d7rvjlv.jpg
IP 104.21.73.21:0
GET /img/crop/300x300/6nge8d7rvjlv.jpg HTTP/1.1
Host: idoc-pub.programaspc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 02:02:51 GMT
content-type: image/jpeg
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: view=1; expires=Fri, 03-Feb-2023 02:02:51 GMT; Max-Age=86400
PHPSESSID=et15qrb79eifao2l02nu0814ps; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yf5jSWthFu2RoMqzKZ9H2s6djxO5ImzzD75GaIVtTLgsfDb9OGeEzTJGxuorHEGoYzWEorFNmJfJ%2Fi4GQS93AdPizuzTjnKL5gQwvcrpdxy8Ny8ahBoF7PWBHG%2B7xl1OGtqcy9WuuOJ5vs8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792f58d80a860b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
idoc-pub.programaspc.net/static/styles/bootstrap-litera.min.css
104.21.73.21200 OK 0 B URL HTTP/2 idoc-pub.programaspc.net/static/styles/bootstrap-litera.min.css
IP 104.21.73.21:0
GET /static/styles/bootstrap-litera.min.css HTTP/1.1
Host: idoc-pub.programaspc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 02:02:51 GMT
content-type: text/css;charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: view=1; expires=Fri, 03-Feb-2023 02:02:51 GMT; Max-Age=86400
PHPSESSID=8f4q5k4vb0qndom0s7ldgdcdr9; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=smFEw2K5rSs6edeQBmQAk6yy9%2BmSsYGtw7sw3Bx2MGlhth6T%2F7uoFcbzR%2B7IebEgnrdyCKpgLtdQ19E2lZY1spNhpJPg4Eyw3AxHeEmPVi19xJ9Sn1MRjvbtKTR9cFJjr9pEBnAR2UVjaIs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792f58d80a770b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
idoc-pub.programaspc.net/
104.21.73.21200 OK 0 B URL HTTP/2 idoc-pub.programaspc.net/
IP 104.21.73.21:0
NIDS Severity Alert suricata low ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1
suricata low ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M2
suricata low ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M3
GET / HTTP/1.1
Host: idoc-pub.programaspc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://idoc-pub.programaspc.net/
Connection: keep-alive
Cookie: PHPSESSID=70vu023011ojskk682rf6gqn3p
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 02:02:51 GMT
content-type: text/html;charset=UTF-8
set-cookie: view=1; expires=Fri, 03-Feb-2023 02:02:51 GMT; Max-Age=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YHcfBnmESJgNeexWJ54KLv6vVr%2By%2BwpKpkOqthq3Cd7oGnNtmzbGgRIJRI7hJBRGvUlMmQ0sYlaPhxR%2B74w8NWwGMXCFtxarWp2Jbh8Y943pC4wxqBTWuggxSXoEklABWsago10wZAzgPg0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792f58d8baca0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
glimtors.net/pfe/current/universal.min.js?v=3.1.415
139.45.197.251200 OK 0 B URL HTTP/2 glimtors.net/pfe/current/universal.min.js?v=3.1.415
IP 139.45.197.251:0
GET /pfe/current/universal.min.js?v=3.1.415 HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://idoc-pub.programaspc.net/
Origin: http://idoc-pub.programaspc.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 02:02:52 GMT
content-type: application/javascript
last-modified: Fri, 27 Jan 2023 11:03:52 GMT
etag: W/"63d3af98-18c6c"
access-control-allow-origin: http://idoc-pub.programaspc.net
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
idoc-pub.programaspc.net/static/images/app-store-badge.svg
104.21.73.21200 OK 0 B URL HTTP/2 idoc-pub.programaspc.net/static/images/app-store-badge.svg
IP 104.21.73.21:0
GET /static/images/app-store-badge.svg HTTP/1.1
Host: idoc-pub.programaspc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 02:02:51 GMT
content-type: image/svg+xml
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: view=1; expires=Fri, 03-Feb-2023 02:02:51 GMT; Max-Age=86400
PHPSESSID=neudq0kcqc73f6stf54c2atot1; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Clllp%2FxKY11lE2fERZqnS8Xe0IlSOQipof9JGyIxKS2V2xgFcGV4H7kNocLAUG1SaAbkj4%2F3Lg%2FyRq1ExfTSzL9B3%2FF%2FfCoXEArImi6OBgtFvly9aVoHcTk6m%2B%2F4s%2FOIZAfaFKLi7gwoT%2BY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792f58d80a900b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
idoc-pub.programaspc.net/img/crop/300x300/2nv82o781dlk.jpg
104.21.73.21200 OK 0 B URL HTTP/2 idoc-pub.programaspc.net/img/crop/300x300/2nv82o781dlk.jpg
IP 104.21.73.21:0
GET /img/crop/300x300/2nv82o781dlk.jpg HTTP/1.1
Host: idoc-pub.programaspc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 02:02:51 GMT
content-type: image/jpeg
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: view=1; expires=Fri, 03-Feb-2023 02:02:51 GMT; Max-Age=86400
PHPSESSID=fmoo0i6gsmfl9udvjmcha6oida; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NlCqRkT%2BPitEmI9O0Y7UDGiQDPIlRX%2F39O9urkNbhf7c%2BsKyRt7BQi%2B9kpfwjJk09ccdltjFB5NgxVEhlPGYPHd3E9vRvmZJOwtrTcqjaiEAtzDJpmXjHHem4IF706FPB3InJutYNV%2BjgYM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792f58d80a850b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html
45.133.44.4200 OK 0 B URL HTTP/2 cdn.barscreative1.com/sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert fortinet Phishing
GET /sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://idoc-pub.programaspc.net
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 02:02:54 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Fri, 19 Feb 2021 09:27:09 GMT
etag: W/"602f846d-4fa"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Thu, 02 Feb 2023 03:02:54 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/css/animate.css
172.64.166.9200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/css/animate.css
IP 172.64.166.9:0
GET /sb/ssp/utility/social-media/facebook/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://idoc-pub.programaspc.net
Connection: keep-alive
Referer: http://idoc-pub.programaspc.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 02:02:54 GMT
content-type: text/css
last-modified: Sat, 20 Feb 2021 08:44:40 GMT
etag: W/"6030cbf8-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1vjppsJ19pk3MdQ8MoKhVu5UUjjcLPjcyr%2Bo%2FLlSqWoG1uAWFMm7tccMcQj4Vw3nVUoIxb3WnGBwF3wT%2FCM0Chyv2p9NjteXRqc1TeZWKts64BnurxpvOagJRb%2BLUNx%2FakepI88M%2B4q%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792f58eaaecd774a-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2