r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b720c31d9c036cd2ef10e35fa29f5345
ac625d2e69284e5080bede4b37c31af62c26338b
323b76eceb5d3ad339a1c55bfa7eea4e39741258e08d5005b691f712a9e9c81c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "323B76ECEB5D3AD339A1C55BFA7EEA4E39741258E08D5005B691F712A9E9C81C"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4812
Expires: Sun, 06 Nov 2022 08:12:42 GMT
Date: Sun, 06 Nov 2022 06:52:30 GMT
Connection: keep-alive
myviid.com/rw1f7bimo6pt.html
200 OK 20 kB URL HTTP/1.1 myviid.com/rw1f7bimo6pt.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (59451)
Hash c5aa143032e09d9a42f54a09dac6d831
1386c603f1584d3dce096c23efb0f59a9c42aec2
4f551987962954f4d8383edf348dc2bad2cfdee82b99b6762b303206da0bae32
GET /rw1f7bimo6pt.html HTTP/1.1
Host: myviid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 06:52:30 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 05 Nov 2022 06:52:30 GMT
Set-Cookie: lang=1; domain=.myviid.com; path=/; HttpOnly
X-Content-Type-Options: nosniff, nosniff
X-XSS-Protection: 1; mode=block
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=63enihl4wMxF12lXt7rYOsx%2FsLh3Jy%2FEEiIJ9ZkLZjehE2gjwhZdDfx5t7dAyLtd5RLkZQ0kN3EEdYYHi8J8aR4aVbAzNENQ8t7t9ttWrXjfQsN5gbTMkUhLCNqw"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 765be8246837b500-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
200 OK 471 B IP
Hash 72c64df35304c35cd95e4ed6e101e795
a39287987854d644a8da295da536fb31de8b44c1
a9bf0da57e0f108b376781ede4b9762ae1b0d088910d26fb7be98c2d03e69092
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1551
Cache-Control: max-age=97464
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 06:52:31 GMT
Etag: "63662d58-1d7"
Expires: Mon, 07 Nov 2022 09:56:55 GMT
Last-Modified: Sat, 05 Nov 2022 09:31:04 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 078950c3ba9ad01927f3da494b1d1de4
443c8a8247e4e3e04c14d21e0227fc4e8f396142
dd5dd09fec51669adf36b3014bbf65d7bff608f72018d037f9ed9b414675037c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DD5DD09FEC51669ADF36B3014BBF65D7BFF608F72018D037F9ED9B414675037C"
Last-Modified: Fri, 04 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4767
Expires: Sun, 06 Nov 2022 08:11:58 GMT
Date: Sun, 06 Nov 2022 06:52:31 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: umD/9p5crMHdE8+X/PZumR3FcUB3bXxPdcLNtTUcd7BluQhyUG2EwTLJ5s4ta1MkfVbdxmq95f4=
x-amz-request-id: 3TMPTYXHKY5ZMK1S
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 06 Nov 2022 06:10:20 GMT
age: 2531
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 06:52:31 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
myviid.com/js/modernizr.custom.04022.js
200 OK 3.1 kB URL HTTP/1.1 myviid.com/js/modernizr.custom.04022.js
IP
File type HTML document, ASCII text, with very long lines (6808)
Hash f404d47735b8e5059a1ed116644d1b21
735fe86d45794a4f15ebe12062f872db13031ade
511fb46623c49666edd74b143b07c207dfe2d76abfa192679d7bab558a9d3d25
GET /js/modernizr.custom.04022.js HTTP/1.1
Host: myviid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myviid.com/rw1f7bimo6pt.html
Cookie: lang=1
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 06:52:31 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 02 Feb 2015 18:26:28 GMT
ETag: W/"54cfc154-1b0d"
Expires: Thu, 10 Nov 2022 14:06:41 GMT
Cache-Control: max-age=604800
X-Content-Type-Options: nosniff, nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 233150
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Y8dcPoCUAdchvFiTuLv6CooQX7wV1tz4H3vfgOmXKshuNRGGC%2Fggm3hhNXT0TP0iUkRnbacfZq3EGwzy5byHXyYwUkvptEH7sTQOBYHhRHc3bB3MrGuWhgNJR%2BY"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 765be82699fbb500-OSL
alt-svc: h2=":443"; ma=60
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash 45566439701732e49ab911109ef66d16
7783af21ccca4456a6334ac9ef2e3ff22c3ce100
4171459340ae89677b9c574bd98e63236cc81558634a58afa38993852e0e0fcc
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "4171459340AE89677B9C574BD98E63236CC81558634A58AFA38993852E0E0FCC"
Last-Modified: Thu, 03 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18736
Expires: Sun, 06 Nov 2022 12:04:47 GMT
Date: Sun, 06 Nov 2022 06:52:31 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash 45566439701732e49ab911109ef66d16
7783af21ccca4456a6334ac9ef2e3ff22c3ce100
4171459340ae89677b9c574bd98e63236cc81558634a58afa38993852e0e0fcc
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "4171459340AE89677B9C574BD98E63236CC81558634A58AFA38993852E0E0FCC"
Last-Modified: Thu, 03 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18714
Expires: Sun, 06 Nov 2022 12:04:25 GMT
Date: Sun, 06 Nov 2022 06:52:31 GMT
Connection: keep-alive
aubergearise.com/rweNkk6G8335Mmz/53608
200 OK 25 B URL HTTP/1.1 aubergearise.com/rweNkk6G8335Mmz/53608
IP
File type ASCII text, with no line terminators
Hash d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
GET /rweNkk6G8335Mmz/53608 HTTP/1.1
Host: aubergearise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myviid.com/
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 06:52:31 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://myviid.com
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Mon, 07-Nov-2022 06:52:31 GMT; Max-Age=86400; path=/
GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D; expires=Mon, 07-Nov-2022 06:52:31 GMT; Max-Age=86400; path=/
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EY8G8yvfJn%2FwSVPLccRUpsYI1suOT2KTxvY7BrYblXdKChsyXou8dcKjdRfsPecY8B%2BxcnUhm%2FMg1wKJMTMPQEwrd2juy3CIcavlY%2BsdohUL%2BZ2lWsczz7bx%2FDWLUotgWHMs"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 765be826cce2fac4-OSL
alt-svc: h2=":443"; ma=60
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash 45566439701732e49ab911109ef66d16
7783af21ccca4456a6334ac9ef2e3ff22c3ce100
4171459340ae89677b9c574bd98e63236cc81558634a58afa38993852e0e0fcc
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "4171459340AE89677B9C574BD98E63236CC81558634A58AFA38993852E0E0FCC"
Last-Modified: Thu, 03 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18736
Expires: Sun, 06 Nov 2022 12:04:47 GMT
Date: Sun, 06 Nov 2022 06:52:31 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash 45566439701732e49ab911109ef66d16
7783af21ccca4456a6334ac9ef2e3ff22c3ce100
4171459340ae89677b9c574bd98e63236cc81558634a58afa38993852e0e0fcc
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "4171459340AE89677B9C574BD98E63236CC81558634A58AFA38993852E0E0FCC"
Last-Modified: Thu, 03 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18851
Expires: Sun, 06 Nov 2022 12:06:42 GMT
Date: Sun, 06 Nov 2022 06:52:31 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash efaefdbe694381110b87d95d7b19754c
8d47cf8675e1cb27db542491b1f2642a86eb0d18
30dfc85a584724b02659fb115a38378442916d6cbe496c5949fb7e0bb4b7b98d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "30DFC85A584724B02659FB115A38378442916D6CBE496C5949FB7E0BB4B7B98D"
Last-Modified: Thu, 03 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18945
Expires: Sun, 06 Nov 2022 12:08:16 GMT
Date: Sun, 06 Nov 2022 06:52:31 GMT
Connection: keep-alive
myviid.com/images/logo.png
200 OK 2.4 kB URL HTTP/1.1 myviid.com/images/logo.png
IP
File type PNG image data, 161 x 27, 8-bit/color RGBA, non-interlaced\012- data
Hash 96880fc5e953e9370539156da9896f77
dc5591c465cf83f17274bc5ca17bf167a1e17feb
74ffe48e0f61e34bce1e73707436a3a488e40893bca7a8bb1cba81d274694313
GET /images/logo.png HTTP/1.1
Host: myviid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myviid.com/rw1f7bimo6pt.html
Cookie: lang=1
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 06:52:31 GMT
Content-Type: image/png
Content-Length: 2429
Connection: keep-alive
Last-Modified: Mon, 02 Feb 2015 18:26:26 GMT
ETag: "54cfc152-97d"
Expires: Mon, 07 Nov 2022 17:48:27 GMT
Cache-Control: max-age=604800
X-Content-Type-Options: nosniff, nosniff
X-XSS-Protection: 1; mode=block
CF-Cache-Status: HIT
Age: 479044
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k3KWw45sD%2BwvrN7x%2FlyHjZXI5NU73NbCYohVpMTqjzn18p3U07Z%2FqxIyhR1Bv%2FJxjKRwEKjI5%2F5S4%2BPK7JVab5osf7AZcawU%2Fm9Np6dERN0vXSqBk2rIUMiQhaaQ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 765be827c975b511-OSL
alt-svc: h2=":443"; ma=60
w.myviid.com/js/jquery.min.js
200 OK 32 kB URL HTTP/2 w.myviid.com/js/jquery.min.js
IP
File type ASCII text, with very long lines (65451)
Hash 72706cb13887cf8d3141be383efae100
525853de723e3d7353075bdc92522edafa84d965
f3efb90c5c711669b0568552452c78f75c168878e1579e1f6d8a571a5aa722d0
GET /js/jquery.min.js HTTP/1.1
Host: w.myviid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myviid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 06:52:31 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 05 May 2020 04:02:38 GMT
etag: W/"5eb0e55e-15d84"
expires: Tue, 08 Nov 2022 09:39:42 GMT
cache-control: max-age=604800
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 421969
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9bsBQOMAO43EJE8BQVreiKnpiKC6G%2BLJkB2XRlKdzN0CK%2FUtRUGQ%2BCC1l%2FIve1f8joDRzVTt6SoMG%2Frl%2FrMig8TxayN1%2FCpIUPei35ZxVP2I78z0gTqGKi7HnO4j3GA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 765be8273afab512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
thaudray.com/5/4617457/?oo=1&aab=1
200 OK 1.4 kB URL HTTP/1.1 thaudray.com/5/4617457/?oo=1&aab=1
IP
File type JSON data\012- , ASCII text, with very long lines (2777), with no line terminators
Hash 7e461b03fc8f4c75e8b2188d7a2387c1
39f0519588afccf5995ee0b647589bd876b0512d
6ce03b252f836a4cb2db5c75af9064072495c4e143665b0d63d88ddad6c2d195
GET /5/4617457/?oo=1&aab=1 HTTP/1.1
Host: thaudray.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://myviid.com
Connection: keep-alive
Referer: http://myviid.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 06:52:31 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 4c294b019f910125972eaff3e19f6d1c
Link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Access-Control-Allow-Origin: http://myviid.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Set-Cookie: OAID=81692a6b2e0c47ceb42be4a2bf6f38e8; expires=Mon, 06 Nov 2023 06:52:31 GMT; path=/
oaidts=1667717551; expires=Mon, 06 Nov 2023 06:52:31 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Pragma: no-cache, no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
Content-Encoding: gzip
thaudray.com/tag.min.js
200 OK 25 kB IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash c72710ed5e4bf83aa4d1f3b1aa96ca92
03a7e692922f9350c12152ccac5e135918ee2889
e21247d0138c4633466199858b47d6f38008f15fa4aba54cd8e445bdd7f0e187
Analyzer Verdict Alert fortinet Malware
GET /tag.min.js HTTP/1.1
Host: thaudray.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myviid.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 06:52:31 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 24901
Connection: keep-alive
Content-Encoding: gzip
X-Trace-Id: 94e8368dda58475c99a3337538c5410a
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Accept-Ranges: bytes
Last-Modified: Thu, 03 Nov 2022 15:01:27 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
myviid.com/rw1f7bimo6pt.html
200 OK 0 B URL HTTP/1.1 myviid.com/rw1f7bimo6pt.html
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /rw1f7bimo6pt.html HTTP/1.1
Host: myviid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myviid.com/rw1f7bimo6pt.html
Cookie: lang=1; file_id=275154; aff=30
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 06:52:31 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Expires: Sat, 05 Nov 2022 06:52:31 GMT
X-Content-Type-Options: nosniff, nosniff
X-XSS-Protection: 1; mode=block
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tkUGqW2tikBsKdxVmUj%2BFuhQF6fYu8Li%2BI4KPcng%2BfILKUVoGO2WLfqJXfQgn70t5HDjzRWfhU9nmxVKNgsEIxyKGBcAV%2BR3hhbknpFEOS0C8%2B1o0Gp%2FPkg9unkr"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 765be82869e0b511-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
myviid.com/favicon.ico
200 OK 376 B IP
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 352fa212f2705ee0b270746a7fe14e51
0550062705cba6718d8674dc878c137796ae7f0a
a7059727c013d6581c70acbc573eba7b4972069d13ab808a89d6a7644161be80
GET /favicon.ico HTTP/1.1
Host: myviid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myviid.com/rw1f7bimo6pt.html
Cookie: lang=1; file_id=275154; aff=30
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 06:52:31 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 02 Feb 2015 18:26:28 GMT
ETag: W/"54cfc154-47e"
Expires: Wed, 09 Nov 2022 17:28:42 GMT
Cache-Control: max-age=604800
X-Content-Type-Options: nosniff, nosniff
X-XSS-Protection: 1; mode=block
CF-Cache-Status: HIT
Age: 307429
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MuPS5AOs0ULB3v3VqLOonGMFFN8PF%2BFvVAz3htEYXklVSoE3V5pznK6AfcvdMEcC0QZVNSVdkafrcEEEvOknDI8G%2B5i0utOLF5w4nK2wpAboFKajOriN2dCERLSR"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 765be8293a55b511-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
200 OK 278 B IP
Hash 34352e233023821559959951162834a8
f825f0ffeb726f63b915d6ef73c59a175228a909
58fb8387566053cc885bf39dc7e0d8ecb996612e6558ad25ec8f9439a4c8545d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5661
Cache-Control: max-age=93642
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 06:52:31 GMT
Etag: "63660e5d-116"
Expires: Mon, 07 Nov 2022 08:53:13 GMT
Last-Modified: Sat, 05 Nov 2022 07:18:53 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 278
tzegilo.com/stattag.js
200 OK 5.5 kB IP
File type ASCII text, with very long lines (13017), with no line terminators
Hash 696676b5658d3d0f320371e35da1697e
37ec92b963d55da4c760245b1b6bf64b6f82c3d3
376c2f58349145748834e98275f65f994c88a8d7caa3b9305291bd09e35e2cf5
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myviid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 06:52:31 GMT
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 14:05:58 GMT
etag: W/"634eb2c6-32d9"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 5380
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wYE76x1V9j6kF885K7Aak4zpuMAFnyRw9U3G675mu0NTgiYaZyif1vDrUZxGij5XPo9%2BVrnZA2UpyoIJ8AQSgSHT5ZdQ4Of34PYuPQxBC5NMV%2FGBJSNQ6Mz3Lm%2B3hQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 765be82a7b29b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nanouwho.com/1?z=4923637
200 OK 3.5 kB IP
File type ASCII text, with very long lines (7782)
Hash 629f46cdf0de0423be844e636c18bfa8
469754e032e6c2673a32cb0c4c46ff46f9c306d1
3d94f785f5724919231bf47eceb3fd69d3d42b6afdc23abeb774bf5b18075ce8
Analyzer Verdict Alert quad9 Sinkholed
GET /1?z=4923637 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myviid.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 06:52:31 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin:
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
X-Trace-Id: 7b7a92356d474e736c972ec2be36ee7a
Access-Control-Expose-Headers: X-Sc
X-Sc: kvrc6B5VdsvKHZqxkxFvt4aorJC9m14YFGL3xEUvuK08CQVyCYIYd9OcSDSSf5_v14bBSykEzGLGp1_vp0v0Un18b40=
Set-Cookie: scm=1; expires=Mon, 06 Nov 2023 06:52:31 GMT; secure; SameSite=None
OAID=884452c24234459380b91dfe4d410073; expires=Mon, 06 Nov 2023 06:52:31 GMT; secure; SameSite=None
oaidts=1667717551; expires=Mon, 06 Nov 2023 06:52:31 GMT; secure; SameSite=None
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Content-Encoding: gzip
ocsp.sectigo.com/
200 OK 471 B IP
Hash 4410e0283900e769c122cfbcbdbed143
c5588f7f402a41c39405d7459367eadb893fafaf
c9943eb8c4b659d1f5adf76a2d36b70f4ab306c5831b469e07b0fa822056f2b5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 06:52:31 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 03 Nov 2022 18:25:20 GMT
Expires: Thu, 10 Nov 2022 18:25:19 GMT
Etag: "c5588f7f402a41c39405d7459367eadb893fafaf"
Cache-Control: max-age=386567,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 765be82ace14b4e8-OSL
ocsp.digicert.com/
200 OK 471 B IP
Hash db63d54b77502dd6c7bdc792d4fd093e
026ad8186833988279468829c004c6e2a2f2626f
eff89ef67baa622e8a196ffcadc44d29aafff009bb531da3e979a1f47c3b1c36
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4166
Cache-Control: max-age=95022
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 06:52:31 GMT
Etag: "63661997-1d7"
Expires: Mon, 07 Nov 2022 09:16:13 GMT
Last-Modified: Sat, 05 Nov 2022 08:06:47 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
my.rtmark.net/gid.js?userId=81692a6b2e0c47ceb42be4a2bf6f38e8
200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=81692a6b2e0c47ceb42be4a2bf6f38e8
IP
File type JSON data\012- , ASCII text
Hash fb2f1720f26633625379f5275d2b0fb1
42fa383c3cc67dd5f2e64cd6a519d7eb36121ae2
49dce6f8afbb292f8e017f0c38d38655e30b82f840fc76c54e2771cec2231c83
GET /gid.js?userId=81692a6b2e0c47ceb42be4a2bf6f38e8 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://myviid.com
Connection: keep-alive
Referer: http://myviid.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 06:52:31 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: http://myviid.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=81692a6b2e0c47ceb42be4a2bf6f38e8; expires=Mon, 06 Nov 2023 06:52:31 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c3e4b006b7d1b802e50f752c6b307478
381f891ba02032af92f545f871e0021d7a0b3328
6f2fee2fa39121115e2588e38139d01470718c3e88244f51906c739d6ada92f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6F2FEE2FA39121115E2588E38139D01470718C3E88244F51906C739D6ADA92F5"
Last-Modified: Sat, 05 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10338
Expires: Sun, 06 Nov 2022 09:44:49 GMT
Date: Sun, 06 Nov 2022 06:52:31 GMT
Connection: keep-alive
ocsp.sectigo.com/
200 OK 471 B IP
Hash 7f353273a2311052dae4195a7aa906a7
34b058d2aec290f7a178dcd6bd7e7ca26625939f
97fffc633d9461377f1b369e432773b2dc0e64e4e8b858e204ddaa17cfbe4249
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 06:52:31 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 04 Nov 2022 13:33:18 GMT
Expires: Fri, 11 Nov 2022 13:33:17 GMT
Etag: "34b058d2aec290f7a178dcd6bd7e7ca26625939f"
Cache-Control: max-age=455445,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 765be82b7e79b4e8-OSL
thaudray.com/?rb=wm59WVezq3juzuME9yx6EzvissQ2qt6fqhy32Dq-3U2LF4q0LowR_E71SrP8FWMHJoTbG0RYOxQL9BUUAYPaTkT1P-OIrNIza-LG-0NvttoilUVnpgd4F9_sL2c1DzMA99wq-v-r0GQpRDoBzhBi6xvGzK2bJ_eTHmi0cOFsEscTfuGH0VCDyxYWdCSgUJiUdbjMW56A5kNL2RFRZvEdjZAbKWQ5bgmsgHN56g%3D%3D&request_ab2=0&zoneid=4617457&js_build=iclick-v1.447.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=1&pl=http%3A%2F%2Fmyviid.com%2Frw1f7bimo6pt.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.447.0&bs=e33e5fc5-1da3-4a4f-a227-ffd3355fe4ec&userId=81692a6b2e0c47ceb42be4a2bf6f38e8&m=link
200 OK 1.7 kB URL HTTP/1.1 thaudray.com/?rb=wm59WVezq3juzuME9yx6EzvissQ2qt6fqhy32Dq-3U2LF4q0LowR_E71SrP8FWMHJoTbG0RYOxQL9BUUAYPaTkT1P-OIrNIza-LG-0NvttoilUVnpgd4F9_sL2c1DzMA99wq-v-r0GQpRDoBzhBi6xvGzK2bJ_eTHmi0cOFsEscTfuGH0VCDyxYWdCSgUJiUdbjMW56A5kNL2RFRZvEdjZAbKWQ5bgmsgHN56g%3D%3D&request_ab2=0&zoneid=4617457&js_build=iclick-v1.447.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=1&pl=http%3A%2F%2Fmyviid.com%2Frw1f7bimo6pt.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.447.0&bs=e33e5fc5-1da3-4a4f-a227-ffd3355fe4ec&userId=81692a6b2e0c47ceb42be4a2bf6f38e8&m=link
IP
File type JSON data\012- , ASCII text, with very long lines (2197), with no line terminators
Hash be655c99bb0147fab1540cbfdcf65ae5
1569ad72d18b796949a83c223447a28be4dcd704
3ecdbbbab9e412a3ccfa4552e1bc5e72e5332097c18c8ea309f4b831653f7370
GET /?rb=wm59WVezq3juzuME9yx6EzvissQ2qt6fqhy32Dq-3U2LF4q0LowR_E71SrP8FWMHJoTbG0RYOxQL9BUUAYPaTkT1P-OIrNIza-LG-0NvttoilUVnpgd4F9_sL2c1DzMA99wq-v-r0GQpRDoBzhBi6xvGzK2bJ_eTHmi0cOFsEscTfuGH0VCDyxYWdCSgUJiUdbjMW56A5kNL2RFRZvEdjZAbKWQ5bgmsgHN56g%3D%3D&request_ab2=0&zoneid=4617457&js_build=iclick-v1.447.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=1&pl=http%3A%2F%2Fmyviid.com%2Frw1f7bimo6pt.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.447.0&bs=e33e5fc5-1da3-4a4f-a227-ffd3355fe4ec&userId=81692a6b2e0c47ceb42be4a2bf6f38e8&m=link HTTP/1.1
Host: thaudray.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://myviid.com/
Origin: http://myviid.com
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 06:52:31 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: c926d4cdfaebeeb92f0d5e68b1224a35
Access-Control-Allow-Origin: http://myviid.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Set-Cookie: OAID=81692a6b2e0c47ceb42be4a2bf6f38e8; expires=Mon, 06 Nov 2023 06:52:31 GMT; path=/
oaidts=1667717551; expires=Mon, 06 Nov 2023 06:52:31 GMT; path=/
syncedCookie=true; expires=Sun, 13 Nov 2022 06:52:31 GMT; path=/
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip
datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
200 OK 12 B URL HTTP/1.1 datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 898
Origin: http://myviid.com
Connection: keep-alive
Referer: http://myviid.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sun, 06 Nov 2022 06:52:31 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: http://myviid.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9Ax/D6ur8VD4YL9dMR0UUg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: wSvoOdokFvQLnTEHK2H2hMK2+1E=
nanouwho.com/9?z=4923637&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fmyviid.com%2Frw1f7bimo6pt.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=81692a6b2e0c47ceb42be4a2bf6f38e8
204 No Content 0 B URL HTTP/2 nanouwho.com/9?z=4923637&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fmyviid.com%2Frw1f7bimo6pt.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=81692a6b2e0c47ceb42be4a2bf6f38e8
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /9?z=4923637&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fmyviid.com%2Frw1f7bimo6pt.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=81692a6b2e0c47ceb42be4a2bf6f38e8 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://myviid.com/
Origin: http://myviid.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sun, 06 Nov 2022 06:52:32 GMT
access-control-allow-credentials: true
access-control-allow-origin: http://myviid.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
nanouwho.com/9?z=4923637&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fmyviid.com%2Frw1f7bimo6pt.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=81692a6b2e0c47ceb42be4a2bf6f38e8
200 OK 7 B URL HTTP/2 nanouwho.com/9?z=4923637&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fmyviid.com%2Frw1f7bimo6pt.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=81692a6b2e0c47ceb42be4a2bf6f38e8
IP
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
Analyzer Verdict Alert quad9 Sinkholed
POST /9?z=4923637&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fmyviid.com%2Frw1f7bimo6pt.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=81692a6b2e0c47ceb42be4a2bf6f38e8 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 115
Origin: http://myviid.com
Connection: keep-alive
Referer: http://myviid.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 06:52:32 GMT
content-type: application/javascript
content-length: 7
access-control-allow-credentials: true
access-control-allow-origin: http://myviid.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: f8366fb0f72fa7b72ce0ae5ddfa35714
access-control-expose-headers: X-Sc
x-sc: xJsVFJBihVjmxREygkdT3GjQPE-qnU1DxrqNdLk-GGktPW-oCo0EBC4UNLZWGzLKh8ToFTM2RIFB_CxGcPKqQkNfqR4=
set-cookie: scm=1; expires=Mon, 06 Nov 2023 06:52:32 GMT; secure; SameSite=None
OAID=81692a6b2e0c47ceb42be4a2bf6f38e8; expires=Mon, 06 Nov 2023 06:52:32 GMT; secure; SameSite=None
oaidts=1667717552; expires=Mon, 06 Nov 2023 06:52:32 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5534
Expires: Sun, 06 Nov 2022 08:24:47 GMT
Date: Sun, 06 Nov 2022 06:52:33 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5534
Expires: Sun, 06 Nov 2022 08:24:47 GMT
Date: Sun, 06 Nov 2022 06:52:33 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5534
Expires: Sun, 06 Nov 2022 08:24:47 GMT
Date: Sun, 06 Nov 2022 06:52:33 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78f88d98-b52b-4ad1-8cfc-e60fd17b46e0.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78f88d98-b52b-4ad1-8cfc-e60fd17b46e0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b370c4e3b01be9fbbc3e310e6958cd55
cc22e90a0b476215f2fd864d84c9b00dded100a6
f54d90c5854b6f140b63dad3aa92bd858b8f360b8c77d50fdf344e813e9385c5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78f88d98-b52b-4ad1-8cfc-e60fd17b46e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11535
x-amzn-requestid: 0a1d9895-e2e3-4070-921a-736d8c6f254e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJatPGwjoAMFx8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d7ee-101a7f3a2b834d0b411c9de0;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:38:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: gjEERXiPH4yDHtW87u7qRDYz1A2DKKlkYXKVC3F9VshnRvhh2wSaSQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 22:08:57 GMT
age: 31416
etag: "cc22e90a0b476215f2fd864d84c9b00dded100a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3420191-fa21-4db2-9043-c0adac7b0820.jpeg
200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3420191-fa21-4db2-9043-c0adac7b0820.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 39ac4f41f6bbdba85b2afeb7b011db5f
8e7a2be19b5c7682e86aec81907f6026d14d7313
fbd813af4eb335e1aefa6fb78b672bf89f8606ef688c98d3bd38ffdb77abfba3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3420191-fa21-4db2-9043-c0adac7b0820.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8160
x-amzn-requestid: 31cf0571-0ef2-4c99-a6be-afd806b7f449
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJaroFHhoAMF26g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d7e3-269b7bcc1bcb8bdc4aa51dc9;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:38:43 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: K34CTk465OjihLQjLdqM1DqCxBF3lOA1D0DUaHWBj38krob66WwMzA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 21:44:20 GMT
age: 32893
etag: "8e7a2be19b5c7682e86aec81907f6026d14d7313"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F739b1fef-6431-4b6d-bb9d-a3f01980224f.jpeg
200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F739b1fef-6431-4b6d-bb9d-a3f01980224f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 83c047f46d089a4bf3f8fc3268bd8d02
0c7e46d28854bc512252ada34ed2e347a18e5479
87578f25647d4b785b935806658aaafbc0df4b11d8720924326c2734581a40c4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F739b1fef-6431-4b6d-bb9d-a3f01980224f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6907
x-amzn-requestid: d9cc225c-f74e-431a-aad8-082b8ed86d46
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJabjFazIAMFYUg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d77c-1dd9396566c54c9e19e777e6;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:37:00 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: lG55AkOPLHq9S9MZyRA2V4DlgTNYl9OzJdfLdWVw9Uu2VZ4OzJLaSg==
via: 1.1 1ec2938341958d70d56193d709c89dee.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 21:44:20 GMT
age: 32893
etag: "0c7e46d28854bc512252ada34ed2e347a18e5479"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 43480a38-fd89-4c47-b8c4-e6ba90b1321c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aMF6oEz_oAMF8Hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e5043-6617fd2e59cab00135301cdd;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 07:05:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: z6Lnru_eeTvRGdsz-q37-HGFgFfIT6fLSFcJBvT3oPjAPilszTWkDw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 09:11:34 GMT
age: 78059
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp
200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dcc79e66d1e21452efb26d26650f6739
1f727a7ea032082658944cf4041686446fb6b5f2
af1fe8de442a365a108d5c03f0d3ae8b0beb1abb4f267a46979f9c885ee026c6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8961
x-amzn-requestid: 3a50374d-d90e-452e-bb89-82ca14c94b52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJarpGtqIAMFkPg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d7e3-55c356475fb64e6625a338c7;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:38:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OR8zISm84Iz0FL3Km-aQOHSnjROX2-S_lKloAhMAThT17igEWRbxkA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 21:44:20 GMT
age: 32893
etag: "1f727a7ea032082658944cf4041686446fb6b5f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e2df91e-2f0b-4002-ac48-4266b47a731e.jpeg
200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e2df91e-2f0b-4002-ac48-4266b47a731e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a8423ab18c5c01b37008421d5f759d13
b285226d6b0bbd979fa2a9775be7cbb07c008aac
55a8c2181fe43644c158a466596218735693a89170454fc7e918a13fb93816db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e2df91e-2f0b-4002-ac48-4266b47a731e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5924
x-amzn-requestid: 0d34d489-9d9e-4fcb-835b-6ea0292ec429
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJabZFOPoAMFdvw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d77b-16a732a9498bfe3078ccf001;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:37:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: d4_ZqFNs0orcXlsijqAHrm00n8vIL_yzmLqfL0VlZHdEJLQDj-Pi2g==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 21:44:20 GMT
age: 32893
etag: "b285226d6b0bbd979fa2a9775be7cbb07c008aac"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
w.myviid.com/css/main.css?v=1
200 OK 0 B URL HTTP/2 w.myviid.com/css/main.css?v=1
IP
GET /css/main.css?v=1 HTTP/1.1
Host: w.myviid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myviid.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 06:52:31 GMT
content-type: text/css
last-modified: Thu, 03 Sep 2020 09:56:24 GMT
etag: W/"5f50bdc8-be6a"
expires: Thu, 10 Nov 2022 18:10:47 GMT
cache-control: max-age=604800
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 218504
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QJ4%2BL469%2FcyaQP%2FoDp85qNnrxHmayJL0HrS%2BIP8VXAtjYwOhrlyvnr6creqtSENCs8MZNCG2M7Os86Sf36WaUgkbjzDssyCOQos%2FuFxD0CNDOAI%2Flh9MayQPGI8GXIU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 765be8272af5b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nanouwho.com/27/b10314e887d309db18535b2593bd9514
200 OK 0 B URL HTTP/2 nanouwho.com/27/b10314e887d309db18535b2593bd9514
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /27/b10314e887d309db18535b2593bd9514 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myviid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 06:52:31 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Thu, 20 Oct 2022 04:50:21 GMT
expires: Thu, 19 Nov 2082 04:50:21 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
172.67.158.146
93.184.220.29
23.36.77.32
104.21.40.251
37.48.68.71