Overview

URL rekisi.kimigaz.org/taihou/
IP67.227.226.240
ASNLIQUIDWEB
Location United States
Report completed2022-09-11 15:52:38 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-09-11 2 arkdcz.com Sinkholed


Files

No files detected



Passive DNS (26)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS landers.of-bo.com (1) 416367 2022-01-13 21:26:53 UTC 2022-09-11 00:52:11 UTC 104.21.90.96
mnemonic passive DNS ocsp2.globalsign.com (2) 1544 2012-05-21 07:12:19 UTC 2022-09-11 04:58:43 UTC 104.18.21.226
mnemonic passive DNS www.fst-ent-lnk.com (1) 0 2020-07-30 13:54:41 UTC 2022-09-11 00:52:11 UTC 35.161.146.8 Unknown ranking
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-11 04:58:07 UTC 34.117.237.239
mnemonic passive DNS rekisi.kimigaz.org (2) 0 2019-12-10 06:47:17 UTC 2021-10-15 03:33:34 UTC 67.227.226.240 Unknown ranking
mnemonic passive DNS gaut-hil.com (3) 342928 2020-07-09 20:17:47 UTC 2022-09-11 09:21:20 UTC 34.194.66.161
mnemonic passive DNS cartining-specute.com (1) 0 2021-01-31 23:37:43 UTC 2022-09-11 12:01:24 UTC 18.197.36.77 Unknown ranking
mnemonic passive DNS img-getpocket.cdn.mozilla.net (7) 1631 2017-09-01 03:40:57 UTC 2022-09-11 04:57:20 UTC 34.120.237.76
mnemonic passive DNS go.cyberslut2069.com (14) 0 2021-04-25 00:45:34 UTC 2022-09-11 15:31:43 UTC 54.230.111.59 Unknown ranking
mnemonic passive DNS ka-p.fontawesome.com (2) 4489 2019-12-16 20:35:53 UTC 2022-09-11 07:25:37 UTC 104.18.22.52
mnemonic passive DNS geoip.enlistsecureup.com (1) 269993 2021-12-22 01:39:03 UTC 2022-09-11 08:40:26 UTC 163.171.128.172
mnemonic passive DNS ocsp.digicert.com (3) 86 2012-05-21 07:02:23 UTC 2022-09-11 12:16:56 UTC 93.184.220.29
mnemonic passive DNS kit.fontawesome.com (1) 1868 2019-03-29 02:12:52 UTC 2022-09-11 07:25:36 UTC 104.18.22.52
mnemonic passive DNS ocsp.pki.goog (4) 175 2017-06-14 07:23:31 UTC 2022-09-11 04:58:08 UTC 142.250.74.3
mnemonic passive DNS dngsnl.com (7) 0 2022-02-10 12:26:02 UTC 2022-09-11 09:01:20 UTC 207.120.33.12 Unknown ranking
mnemonic passive DNS flirtyhoookup.com (1) 0 2020-03-26 11:26:33 UTC 2022-09-11 05:46:39 UTC 172.67.201.85 Unknown ranking
mnemonic passive DNS ocsp.starfieldtech.com (2) 6616 2012-06-22 18:08:50 UTC 2022-09-11 05:15:49 UTC 192.124.249.36
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-11 11:58:38 UTC 143.204.55.36
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-11 04:57:17 UTC 143.204.55.49
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-11 04:57:50 UTC 44.237.163.41
mnemonic passive DNS ocsp.sca1b.amazontrust.com (3) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.165
mnemonic passive DNS www.arkdcz.com (1) 767397 2021-10-26 21:03:57 UTC 2022-09-11 00:52:10 UTC 34.149.6.227
mnemonic passive DNS ajax.aspnetcdn.com (2) 693 2012-05-24 13:35:31 UTC 2022-09-11 05:03:30 UTC 152.199.19.160
mnemonic passive DNS fonts.googleapis.com (2) 8877 2014-07-21 13:19:55 UTC 2022-09-11 12:21:46 UTC 142.250.74.10
mnemonic passive DNS r3.o.lencr.org (5) 344 2020-12-02 08:52:13 UTC 2022-09-11 04:57:04 UTC 23.33.119.27
mnemonic passive DNS bam.nr-data.net (2) 630 2015-02-10 00:06:27 UTC 2022-09-11 04:57:53 UTC 162.247.241.14


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 67.227.226.240

Date UQ / IDS / BL URL IP
2022-12-05 19:22:14 +0000
0 - 0 - 4 www.cyberonthewire.com/resources/ 67.227.226.240
2022-12-05 04:54:55 +0000
0 - 0 - 1 phimsex.nangcuc.net/quoc-gia/dai-loan.html 67.227.226.240
2022-12-05 04:44:10 +0000
0 - 0 - 1 www.taiphanmem24h.com/?p=12607 67.227.226.240
2022-12-05 03:12:12 +0000
0 - 0 - 5 patio.brandonrfriedman.com/ 67.227.226.240
2022-12-05 00:02:56 +0000
0 - 0 - 8 www.tipsygypsyclothing.com/ 67.227.226.240

Last 5 reports on ASN: LIQUIDWEB

Date UQ / IDS / BL URL IP
2022-12-05 20:30:48 +0000
0 - 0 - 1 loopplanet.com/fonts/library.bin 67.227.214.170
2022-12-05 20:23:49 +0000
0 - 0 - 7 pharmaseek.co.za/ 67.225.140.30
2022-12-05 20:15:51 +0000
12 - 0 - 13 hakirasilimali.or.tz/public/oydlfu5k2HDtDTime (...) 67.227.213.152
2022-12-05 20:11:30 +0000
11 - 0 - 12 hakirasilimali.or.tz/public/k4fUHvn8g7knW1S9b (...) 67.227.213.152
2022-12-05 19:39:42 +0000
0 - 0 - 5 handyproperty.com.ng/nus/index.php?QBOT.zip 192.138.21.198

Last 1 reports on domain: kimigaz.org

Date UQ / IDS / BL URL IP
2022-09-11 15:52:38 +0000
0 - 0 - 1 rekisi.kimigaz.org/taihou/ 67.227.226.240

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-12-05 03:12:12 +0000
0 - 0 - 5 patio.brandonrfriedman.com/ 67.227.226.240
2022-12-05 01:15:05 +0000
0 - 0 - 5 mvyj.yy.wy5532.com/ 185.107.56.197
2022-12-04 02:34:47 +0000
0 - 0 - 4 deoseasr.org/acc/acc0unt/acc0unt/news/1474430 (...) 67.227.226.240
2022-12-04 01:00:03 +0000
0 - 0 - 5 indianbrachytherapy.org/ 67.227.226.240
2022-12-03 02:54:31 +0000
0 - 0 - 5 jhwwqsud.gov.wy5532.com/ 185.107.56.197


JavaScript

Executed Scripts (28)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (72)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5754
Expires: Sun, 11 Sep 2022 17:28:21 GMT
Date: Sun, 11 Sep 2022 15:52:27 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 11 Sep 2022 15:07:40 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Eq1ZwRFLgowCU48IeOS_Ts-8fRhAWbbil4iTdv3ZzXtnuFYX1WDJpQ==
Age: 2687


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    99b7d23c1748d0526782b9ff9ea45f09
Sha1:   eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
Sha256: 48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.49
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 11 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: p5FOlyY9dJiBcGnXHhHyQGVOnp4ESJCa7SNX2eJTSERZ7imEwxbD-A==
age: 30915
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    742edb4038f38bc533514982f3d2e861
Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 11 Sep 2022 15:52:27 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sun, 11 Sep 2022 14:56:07 GMT
Expires: Sun, 11 Sep 2022 15:17:59 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: TpFL40QU0URSh_F3K9CKSh1yJPdzR-OCeiXGK8E428I_DZW5rO82cw==
Age: 3380


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5756
Cache-Control: 'max-age=158059'
Date: Sun, 11 Sep 2022 15:52:28 GMT
Last-Modified: Sun, 11 Sep 2022 14:16:32 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /taihou/ HTTP/1.1 
Host: rekisi.kimigaz.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         67.227.226.240
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Sun, 11 Sep 2022 15:52:27 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (632)
Size:   2272
Md5:    d243ee9b692eacb33acea8d63f5137c9
Sha1:   a2277b3e85333a650241a7a6f71ab3e4b498be41
Sha256: 67987748fa41a270df2313972069990436b35c9df8a4fa33f933df500faf1ec2
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 72EbRA2rC77ug+ybfou0kA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         44.237.163.41
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: NASdbvAJtuqf8UlPcxvuNl0QuaQ=

                                        
                                            GET /page/bouncy.php?&bpae=GbhGdL0GvEx7j3O0K%2FSSTo8rLDZV4y2QZ8k1OkJks3YrpnbDB7frvlzfv4T%2B43ypRfds0Jt9PtQsrqPJgetpbe%2BiY30so4fcVEZPZC%2B83sXCLeeLGLURI1FBPV12GHqH8EGT9rlvMT%2FLvdzCG03tRXSCcUFE5ZCGfd4f1Jr0WXz1bjTlJW9GbmLWwpA25Dy1N8qCdYTsUP3PBShwsXsHgWjuKfdUttPwp6Yu3p5yrhI%2FFkLgAV2OFLtX%2BkG1dnAFWPOI3cYTW39zVxavgY5z%2B7oRoaS%2Fbl3QGivaRAKvyGt0YWs3eL8uoj8r2tHKd540ffw3wvDbk42Ka3xhWLIsV%2FmXDr%2BN1W4PW9CaONXFr%2FagtVPD0b%2F3%2F8LOptLgrNiROAQ4oZncF3bp3md%2Fcc%2B3Qd1IE2RaFtQ26LdQOc0mTQYZONqLq4ADF88YwMyYt4O03YeK%2FuMsU4diTw7t43LHBqC67Jas9keqsAkW1BrNZg9t2ttPNjcfkmno8deB&redirectType=js&inIframe=false&inPopUp=false HTTP/1.1 
Host: rekisi.kimigaz.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rekisi.kimigaz.org/taihou/
Upgrade-Insecure-Requests: 1

                                         
                                         67.227.226.240
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Sun, 11 Sep 2022 15:52:28 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   982
Md5:    1ee28dfcb5be9fad72aac2349c20d994
Sha1:   acd16a67243c2298e8a7728d136625892f9632ee
Sha256: fbc8348872b4e9ce6065fa362de02697dcbfab1d9cbd0adad7ac256a1d88239a
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.165
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 11 Sep 2022 15:52:28 GMT
Last-Modified: Sun, 11 Sep 2022 14:35:33 GMT
Server: ECS (dcb/7F39)
X-Cache: Miss from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 47R3a9wjbDkf9PxJfh3J0KMw1rcMvo4av-Bx8jgcepLGaKS5afMflg==
Age: 4615

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: gaut-hil.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaut-hil.com/zcredirect?visitid=bc59dbe0-31e9-11ed-a788-12800577dda5&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         34.194.66.161
HTTP/2 404 Not Found
content-type: text/html;charset=utf-8
                                        
date: Sun, 11 Sep 2022 15:52:29 GMT
content-length: 653
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
content-language: en
server: yVRZPWmb
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Size:   653
Md5:    ba2732b1b2fa2626ffaa15f62f9e7d66
Sha1:   203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
Sha256: 879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
                                        
                                            GET /zp-redirect?target=https%3A%2F%2Fflirtyhoookup.com%2F%3Futm_source%3Dn19ck4pSWjZsA%26s1%3D719fbd40-273d-47b8-882f-683d1074b172%26s2%3Dw6809rb7ub44ufvi20l4voga&caid=085bd64b-9381-4b3f-a170-3ece47b8393a&zpid=bc59dbe0-31e9-11ed-a788-12800577dda5&cid=w6809rb7ub44ufvi20l4voga&rt=R HTTP/1.1 
Host: cartining-specute.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaut-hil.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         18.197.36.77
HTTP/2 302 Found
                                        
server: nginx
date: Sun, 11 Sep 2022 15:52:29 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://flirtyhoookup.com/?utm_source=n19ck4pSWjZsA&s1=719fbd40-273d-47b8-882f-683d1074b172&s2=w6809rb7ub44ufvi20l4voga
pragma: no-cache
set-cookie: cc-v4=r%2B68pg7tBq8495wFnX%2FnP3ANgYy%2Fwda020PT4mdZwryAqiUHNuZ5h5ipv0b8bU9%2BFbUqM9fhi2hMhT18FdmVeGMMdspg0ZrjaqPeaVdvGlYlDcXZqeYujxlPNegBBBAHNRyKDKemwDiWy9Kg8wF%2FtA%3D%3D; Max-Age=31536000; Expires=Mon, 11-Sep-2023 15:52:29 GMT; Domain=cartining-specute.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Cache-Control: 'max-age=158059'
Date: Sun, 11 Sep 2022 15:52:29 GMT
Server: ECS (amb/6B9F)
Content-Length: 280

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8086
Expires: Sun, 11 Sep 2022 18:07:15 GMT
Date: Sun, 11 Sep 2022 15:52:29 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8086
Expires: Sun, 11 Sep 2022 18:07:15 GMT
Date: Sun, 11 Sep 2022 15:52:29 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8086
Expires: Sun, 11 Sep 2022 18:07:15 GMT
Date: Sun, 11 Sep 2022 15:52:29 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ba7347-38d8-40e3-9b29-41a380f99ed5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6109
x-amzn-requestid: 271b006e-9d17-46ba-9eed-22fd638c4e9e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ2AhHZgIAMFlSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d039c-444e7d6b22f2a08f7215a986;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:37:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Z1ZoYLM2Mj7teQm-1Dz80IZxKGqzuzAoEiT85R3RldbJwO6iJR-JJA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:44:01 GMT
etag: "c5b82c9d77851820b8d206573d5c03cd36d27a20"
age: 65308
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6109
Md5:    8c35b7f5f8e1b0b24570a41b7d18533a
Sha1:   c5b82c9d77851820b8d206573d5c03cd36d27a20
Sha256: bb2456b31c48e6ebc9595c2bb9972b74531e93dd02ec4571d5af614f2d116ec7
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8485
x-amzn-requestid: a56c9282-2786-4ae7-9fc2-0468bcc820a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ1k_FM1oAMFZ2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d02ec-753cc4f121c9b77d22bb82b5;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:34:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Mfmj40aUc8l5RPk56M-pbqTwhde_HzYcmN5MDrfv-WFPhbpoShWYNw==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 22:14:30 GMT
age: 63479
etag: "166741631fb93d109b18dde6d316b3fa3276aa8f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8485
Md5:    e407da4d97d497925b1ab523fd416787
Sha1:   166741631fb93d109b18dde6d316b3fa3276aa8f
Sha256: 707460c02438da6114e35e0b6569d42c0f3fb747f8cb51002f4d52bedbcffa61
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e82f3ab-3fe6-43bc-932c-936ec582e5cf.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7017
x-amzn-requestid: df5e57d7-e54c-4b5a-aa1b-a9aee889842e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ1k_Et0oAMFSjQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d02ec-50d15bba03579a935342e22f;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:34:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LsqH-LbjMGWrhYB93Qkvq2qVhqNs-3MWgrrOFzC8qPcY3fF5ujSD_g==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:54:44 GMT
age: 64665
etag: "c893d7475856809a59486e0bcebd6d662d1fc56f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7017
Md5:    fea5dfc4a6a5093fd81899ee4a79d446
Sha1:   c893d7475856809a59486e0bcebd6d662d1fc56f
Sha256: 915fb97690be97d97cb298fc60ceb4cf7c3ed8fb437836beb2d590a8e238363c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc91b46a1-040b-46aa-a7a1-af67f0058b83.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7519
x-amzn-requestid: 8d8a8df6-abf5-45dd-8d78-de5ae715a9d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YE_UNEoWoAMFRLw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631845b4-0101ca7a09e432f305aa7066;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 07:18:12 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: Z0Z4IozbbythqWA7mNaqtO4NWbLi1zL2G6HmMGP0c9VqIzMugvVh_Q==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 00:00:49 GMT
age: 57100
etag: "b3491a6f12c97c8e1848a206a185fae29213c1e5"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7519
Md5:    bb1a86dcf94db0a29a6ebe21866766d4
Sha1:   b3491a6f12c97c8e1848a206a185fae29213c1e5
Sha256: d05619e519fed6c0b6c0616cf540908006a68f127b25e38fb9d041dfe2546df4
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d72ce1b-951e-4f1f-97b1-db99c399d5f9.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8171
x-amzn-requestid: a3eb931f-cd71-4738-acb1-4398fc09f453
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YOa7QGqoIAMFwlw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631c0b7b-2a6ed8ca00a0a0640110cf5d;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 03:58:51 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: QuUPVSWCQk9z9xI03trHifaWzOi5TqBZHLena93lrxhjlAG1PICKKA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 12:19:15 GMT
age: 12794
etag: "6c728c56797ba921e8001919df4d36e56dd37e54"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8171
Md5:    eee5b4d617dab6f10d7053f5c4f4e98e
Sha1:   6c728c56797ba921e8001919df4d36e56dd37e54
Sha256: 76a53e2c81ec8da2bc469760b2c57098d587c6a36fa70e5b7c743a224a47d362
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66c0f84d-aba2-4ce6-9e03-ee51e1c347be.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6889
x-amzn-requestid: c82ac543-90cd-4aeb-a65b-7e1bbbacc407
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ2UEE-3IAMFYBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d0419-427a29067c9c92ec0db6567f;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:39:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: mNvNO0HJjZ1zwPKcjfqiVOnCL0CYXc8BPDSFbV6MXVW71IVt-2K3mQ==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:46:54 GMT
age: 65135
etag: "7aa14fcd982a5cee38d58fc3c89edc4a8daf4c97"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6889
Md5:    57d797a1c3f6589746a1135bdb19f54f
Sha1:   7aa14fcd982a5cee38d58fc3c89edc4a8daf4c97
Sha256: ff8855ca951f53ed5f3886cc81a7f28384d41288edeca4fdc621250e4d01c6fe
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 0
Cache-Control: 'max-age=158059'
Date: Sun, 11 Sep 2022 15:52:29 GMT
Last-Modified: Sun, 11 Sep 2022 15:52:29 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 280

                                        
                                            POST / HTTP/1.1 
Host: ocsp.starfieldtech.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         192.124.249.36
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Sun, 11 Sep 2022 15:52:29 GMT
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 11 Sep 2022 15:28:02 GMT
Expires: Mon, 12 Sep 2022 15:28:02 GMT
ETag: "c02a24a729c7997f36adcf7cfa875d52ffab6706"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1845
Md5:    eb7a4c8e8595c519b245e7b398987775
Sha1:   c02a24a729c7997f36adcf7cfa875d52ffab6706
Sha256: e8c05afb625c7ca389fa512cf34ad242e43669204b2a45cecc5a9a9e582ae673
                                        
                                            GET /MSJ7L4/HX6G2NF/?sub1=418543&sub2=xwULsmaWHvzRuxTQQgZlvrGGMdQipPWCpR HTTP/1.1 
Host: www.arkdcz.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gaut-hil.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         34.149.6.227
HTTP/2 302 Found
content-type: text/html; charset=utf-8
                                        
server: nginx
date: Sun, 11 Sep 2022 15:52:29 GMT
content-length: 169
location: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=a409e1a98de346fbbd483743bd75999c&tk=MSJ7L4
set-cookie: uniqueClick_HX6G2NF=5f322154-b3a3-49c0-a5e8-e23f3e359b74:1662911549; Path=/; Expires=Mon, 12 Sep 2022 15:52:29 GMT; Secure; SameSite=None transaction_id=a409e1a98de346fbbd483743bd75999c; Path=/; Expires=Sat, 10 Dec 2022 15:52:29 GMT; Secure; SameSite=None
vary: Origin
x-eflow-request-id: 74047796-3349-4125-a395-5d63aa973b21
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   169
Md5:    a99dc18459239e7788b495f561fa8a9d
Sha1:   f298f88dfb2a8b3de9a9a485d56d1f19df28107f
Sha256: c1639a76b6ef382b349b4f5578523f895ac0d9d3a79344c7d4cf981ced1cd708

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.starfieldtech.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         192.124.249.36
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Sun, 11 Sep 2022 15:52:29 GMT
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 11 Sep 2022 15:28:02 GMT
Expires: Mon, 12 Sep 2022 15:28:02 GMT
ETag: "c02a24a729c7997f36adcf7cfa875d52ffab6706"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1845
Md5:    eb7a4c8e8595c519b245e7b398987775
Sha1:   c02a24a729c7997f36adcf7cfa875d52ffab6706
Sha256: e8c05afb625c7ca389fa512cf34ad242e43669204b2a45cecc5a9a9e582ae673
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.165
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 11 Sep 2022 15:52:29 GMT
Last-Modified: Sun, 11 Sep 2022 14:32:27 GMT
Server: ECS (nyb/1D07)
X-Cache: Miss from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: dAZKmPOVFQtBZ-ETo-eW8d-fdIr0DUTQS-GcQH9VQVxDefPEii7MRQ==
Age: 4802

                                        
                                            GET /vrfttcyber/assets/images/themes/cyber/logo/logo.png HTTP/1.1 
Host: go.cyberslut2069.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=a409e1a98de346fbbd483743bd75999c&tk=MSJ7L4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.59
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 16420
last-modified: Thu, 02 Dec 2021 15:26:11 GMT
server: AmazonS3
date: Sun, 11 Sep 2022 01:39:41 GMT
etag: "4673cfc8d2708f4ebe2f821483548ccc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: saIfeRbmjcnx5NCsxAVdyTjShyaZN9qPb1PXJxVlgoOX7QUCoJn3_A==
age: 51169
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 637 x 156, 8-bit/color RGBA, non-interlaced\012- data
Size:   16420
Md5:    4673cfc8d2708f4ebe2f821483548ccc
Sha1:   815322d33fb4298771be6a43e14b821d365766d7
Sha256: f2cd404c754d24e0721a08f4b203d5b9853c4bd229c62f339edf1f46195b2154
                                        
                                            GET /vrfttcyber/assets/images/flags/us.png HTTP/1.1 
Host: go.cyberslut2069.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=a409e1a98de346fbbd483743bd75999c&tk=MSJ7L4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.59
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 2375
last-modified: Thu, 02 Dec 2021 15:25:52 GMT
server: AmazonS3
date: Sun, 11 Sep 2022 02:57:53 GMT
etag: "a2080b2d193dbbd3cb34b32ad919da62"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JxCL4SesiFJu0Nh1YmYPHxBIWWppYEv95nt3gGLAhrze_LApcKe96Q==
age: 46477
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 250 x 132, 8-bit colormap, non-interlaced\012- data
Size:   2375
Md5:    a2080b2d193dbbd3cb34b32ad919da62
Sha1:   f822886642e0388d79c8f5917b41f27efbdec94b
Sha256: 5b38ab13f52bc95184012a4b6afafa3eca7a6ac03c762515b4550b4337548ca7
                                        
                                            GET /vrfttcyber/assets/images/girls/hair01_tits01_tattoo01.png HTTP/1.1 
Host: go.cyberslut2069.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=a409e1a98de346fbbd483743bd75999c&tk=MSJ7L4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.59
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 330574
last-modified: Thu, 02 Dec 2021 15:25:53 GMT
server: AmazonS3
date: Sun, 11 Sep 2022 01:33:06 GMT
etag: "8d7069ee14a82c9f9139a5d08882497a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Y7heTNGrq4Omat1n2O0AYoOetHgd_Enpa0ecxfYFyOr0WiV_6HTbpg==
age: 51564
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 790 x 1600, 8-bit colormap, non-interlaced\012- data
Size:   330574
Md5:    8d7069ee14a82c9f9139a5d08882497a
Sha1:   0310dd9990c5888f8d51b4defa3ca78ce820b3e2
Sha256: 933adcdf66e29312523119f0f868488a25e92a5b05e0443c961ca80aaeb42a9f
                                        
                                            GET /vrfttcyber/assets/images/beyblade.gif HTTP/1.1 
Host: go.cyberslut2069.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=a409e1a98de346fbbd483743bd75999c&tk=MSJ7L4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.59
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 36298
last-modified: Thu, 02 Dec 2021 15:25:35 GMT
server: AmazonS3
date: Sun, 11 Sep 2022 05:53:33 GMT
etag: "93a41ee339dd621452c6aa4054e8eca8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NcBlzzeY6EOFm1c--IjSj7KPpEm1mP3ZJXYzy3O1kucvhZifNFz6fw==
age: 35937
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 200 x 200\012- data
Size:   36298
Md5:    93a41ee339dd621452c6aa4054e8eca8
Sha1:   a1f75cc251cbe7291cefd06fd91b4c35b6c93612
Sha256: 0ea3f03b9e168629659c281ec66fd5a82d36d7b6fd644381c18ecad41e62a5a3
                                        
                                            GET /bundle.js HTTP/1.1 
Host: landers.of-bo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.cyberslut2069.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.90.96
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 11 Sep 2022 15:52:30 GMT
x-amz-id-2: E1iZQsAhGg3SjYuTzzcBGkhQtszxLD0aCyYnpV0H/N6wLcUlGLBdyO4Sc6M4P/KQrNMAcRotfEA=
x-amz-request-id: YGXAS2QERW7Z6X0K
last-modified: Tue, 09 Aug 2022 22:05:52 GMT
etag: W/"2f68fb7cd74453a748e232155e853e64"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3983
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WLwB%2FY%2FoPI9%2B5BOLHhMCH5e%2F6%2FO1VVVMj4fb35%2FFC0XzyxTpaDtUow2WDfnADccEkCerZ8JfLkw%2FE82DTfJkvxpWcu8alkP4NQNQhwc2ugFKSJXUAis%2FtiS%2FLPU7pNS0dUY5jQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 749192238870b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (2014)
Size:   17504
Md5:    3ef943545aaed2008fd34e638b5c2441
Sha1:   79c4126c28f6110ff0228d2c2c7e0587fb63e30c
Sha256: 105f2530768f657f2553e67cff218d9a7452772ac4735243bb74cd75decb141d
                                        
                                            GET /vrfttcyber/assets/images/themes/cyber/background/bkg.jpg HTTP/1.1 
Host: go.cyberslut2069.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=a409e1a98de346fbbd483743bd75999c&tk=MSJ7L4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.59
HTTP/2 200 OK
content-type: image/jpeg
                                        
content-length: 13989
last-modified: Thu, 02 Dec 2021 15:26:08 GMT
server: AmazonS3
date: Sun, 11 Sep 2022 04:45:58 GMT
etag: "d5dabdf9d18c947ea72fe90f8c39e31e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Pv8plXTM1Rsdt7dP3yt7pBYD4QUutAkto_rks8Qnt9yolG7qwFy87Q==
age: 39993
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 1920x1081, components 3\012- data
Size:   13989
Md5:    d5dabdf9d18c947ea72fe90f8c39e31e
Sha1:   33a5e90f4a59072ab4b3d73204fff01d6a08a0f8
Sha256: d940cab6f0a1fe6a425596757ac2a10b89fb4311acfd34aba2f075c0e2338f09
                                        
                                            GET /vrfttcyber/assets/images/box.png HTTP/1.1 
Host: go.cyberslut2069.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=a409e1a98de346fbbd483743bd75999c&tk=MSJ7L4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.59
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 13243
last-modified: Thu, 02 Dec 2021 15:25:35 GMT
server: AmazonS3
date: Sun, 11 Sep 2022 04:03:24 GMT
etag: "0fcc2772acc897c48dae5c6f52093388"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pqX7zEk9veSZmOkHQmTS2S3-3-kQTlNEY2bmf4vwVhkbSg3hBIZYXQ==
age: 42547
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 747 x 644, 8-bit/color RGBA, non-interlaced\012- data
Size:   13243
Md5:    0fcc2772acc897c48dae5c6f52093388
Sha1:   c8a80e850168e1fd7b761327dd460054e7451d8e
Sha256: e73f3a488ee9e68ff4484df002b38a200aee2170617bb0746e05c7f992135805
                                        
                                            GET /vrfttcyber/assets/images/btn.png HTTP/1.1 
Host: go.cyberslut2069.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=a409e1a98de346fbbd483743bd75999c&tk=MSJ7L4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.59
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 1968
last-modified: Thu, 02 Dec 2021 15:25:35 GMT
server: AmazonS3
date: Sun, 11 Sep 2022 04:07:42 GMT
etag: "08913323d52eadb319526e6fbe2e677b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0WgC95caGiCxduZhGo45fqQUk0drCJEg79hW5yGGEb2S_OT9hWSblw==
age: 42289
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 343 x 79, 8-bit/color RGBA, non-interlaced\012- data
Size:   1968
Md5:    08913323d52eadb319526e6fbe2e677b
Sha1:   eff7964b7f5ed2ef285593fab5ed7b89e358b401
Sha256: f0a7b6d7c1ed46c5056a52e6ab470959a0671cf03b5ae22e97a37591ba14aa03
                                        
                                            GET /vrfttcyber/assets/images/themes/cyber/favicon/favicon.png HTTP/1.1 
Host: go.cyberslut2069.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=a409e1a98de346fbbd483743bd75999c&tk=MSJ7L4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.59
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 1421
last-modified: Thu, 02 Dec 2021 15:26:08 GMT
server: AmazonS3
date: Sun, 11 Sep 2022 04:45:52 GMT
etag: "93a7efbb00d5e8f3bd556d7b9efb658e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7nkpdDXbwMWYGBAvGIcrqWlKTvttdEW7YzmJX-w3-UiHuMQGrgt4CQ==
age: 39999
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Size:   1421
Md5:    93a7efbb00d5e8f3bd556d7b9efb658e
Sha1:   fd6578509d9557cebe3e37fee5ae16dc25b09711
Sha256: 3274036fdc55ac82651c2146f211e508703e5ae97875c722e8b3694df636cd9d
                                        
                                            GET /vrfttcyber/assets/sounds/general/click1.mp3 HTTP/1.1 
Host: go.cyberslut2069.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=a409e1a98de346fbbd483743bd75999c&tk=MSJ7L4
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.59
HTTP/2 206 Partial Content
content-type: application/octet-stream
                                        
content-length: 16635
last-modified: Thu, 02 Dec 2021 15:26:03 GMT
server: AmazonS3
date: Sun, 11 Sep 2022 01:43:41 GMT
etag: "4838176bcd52d9b69d6d48c1870ca579"
vary: Accept-Encoding
content-range: bytes 0-16634/16635
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Qea45bXjLK8ogimgCh5icSbVQtx_jdMeGXVJRBR8rW3TEtSU3yhmtA==
age: 50930
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Audio file with ID3 version 2.2.0, contains: MPEG ADTS, layer III, v1, 160 kbps, 44.1 kHz, JntStereo\012- data
Size:   16635
Md5:    4838176bcd52d9b69d6d48c1870ca579
Sha1:   5a0892ccae91806a9695c5be1f2752e122608d8e
Sha256: 781bb8d577f6448612e8fa861dfa39d64a2e5961c17a58c79ef4bcdf4131847b
                                        
                                            GET /vrfttcyber/assets/sounds/general/click2.mp3 HTTP/1.1 
Host: go.cyberslut2069.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=a409e1a98de346fbbd483743bd75999c&tk=MSJ7L4
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.59
HTTP/2 206 Partial Content
content-type: application/octet-stream
                                        
content-length: 15590
last-modified: Thu, 02 Dec 2021 15:26:03 GMT
server: AmazonS3
date: Sat, 10 Sep 2022 20:20:06 GMT
etag: "2694fd6fc680f77dcf1ae58d9b8ba926"
vary: Accept-Encoding
content-range: bytes 0-15589/15590
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: L7mMCbaEMx0pnN8CyLYpmTsuUeUGlTnVaOr2OArO4l_Fz7hvEkeVVw==
age: 70345
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Audio file with ID3 version 2.2.0, contains: MPEG ADTS, layer III, v1, 160 kbps, 44.1 kHz, JntStereo\012- data
Size:   15590
Md5:    2694fd6fc680f77dcf1ae58d9b8ba926
Sha1:   6016e8fb7136ec769fbe6d120c7c97d390922564
Sha256: 4266071bbd14949a438e1d9a958cac2f0b128963b6f6e9fa96b005ed8e718f9e
                                        
                                            GET /vrfttcyber/assets/images/browsers/firefox.png HTTP/1.1 
Host: go.cyberslut2069.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=a409e1a98de346fbbd483743bd75999c&tk=MSJ7L4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.59
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 127454
last-modified: Thu, 02 Dec 2021 15:25:36 GMT
server: AmazonS3
date: Sun, 11 Sep 2022 15:52:30 GMT
etag: "ff5982c71adc3b6a987a2192b6008949"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: grIlWBC3czwuo3OiGa820vivaLgWlHl-39qALb6lXdQe3OBy-QzWcQ==
age: 27971
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Size:   127454
Md5:    ff5982c71adc3b6a987a2192b6008949
Sha1:   c2819962300bfa4db9dd7ee6f22e35ea910a3808
Sha256: 612ec2b0a5a9d4b3841189d8c4af98509df5ac48eeea5ab1945dfd0e1eab78b3
                                        
                                            GET /vrfttcyber/assets/sounds/general/music.mp3 HTTP/1.1 
Host: go.cyberslut2069.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=a409e1a98de346fbbd483743bd75999c&tk=MSJ7L4
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.59
HTTP/2 206 Partial Content
content-type: application/octet-stream
                                        
content-length: 3165435
last-modified: Thu, 02 Dec 2021 15:26:05 GMT
server: AmazonS3
date: Sun, 11 Sep 2022 03:47:19 GMT
etag: "8482f7c1977139c5f5bbb2af66e88e01"
vary: Accept-Encoding
content-range: bytes 0-3165434/3165435
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CywSb08MwRezh68BZ_BxusFqrLXk3UDAlZNBV1XzKBKPbjie2KhQJA==
age: 43512
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Audio file with ID3 version 2.2.0, contains: MPEG ADTS, layer III, v1, 160 kbps, 44.1 kHz, JntStereo\012- data
Size:   3165435
Md5:    8482f7c1977139c5f5bbb2af66e88e01
Sha1:   0a7325177e7b98d2809f05beb496a301fb8a1d3b
Sha256: 6cb796e9dc70bd32aca90e420a8e7b3cc548569f42d876e384e0d073d3b4c7a1
                                        
                                            GET /zcredirect?visitid=bc59dbe0-31e9-11ed-a788-12800577dda5&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false HTTP/1.1 
Host: gaut-hil.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaut-hil.com/zcvisitor/bc59dbe0-31e9-11ed-a788-12800577dda5/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=37c9e6c0-26dd-11ed-b69b-12beee04f19b
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         34.194.66.161
HTTP/2 200 OK
content-type: text/html;charset=UTF-8
                                        
date: Sun, 11 Sep 2022 15:52:28 GMT
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
server: GHqAUoeV
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1208
Md5:    a2683ea3a76c6de8a58e6985ef8bf38e
Sha1:   df4f7cbd4dcee37f08f73ea783c2df1413175b99
Sha256: bb942723907bc45ea1ae95dad6649fd56659a86426eb3d47288571aedd513f78
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.165
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 11 Sep 2022 15:52:30 GMT
Last-Modified: Sun, 11 Sep 2022 15:27:11 GMT
Server: ECS (dcb/7EA3)
X-Cache: Miss from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: PEHjjHF13MgQCTkMBNRd7jo9gyj443yW4s2GqSdAOhtcBXtUuxIzDQ==
Age: 1519

                                        
                                            POST /gsalphasha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 15:52:31 GMT
Content-Length: 1423
Connection: keep-alive
Expires: Thu, 15 Sep 2022 14:52:42 GMT
ETag: "1b7a1448488bae4ae314b6b1ef95c05b5e90e935"
Last-Modified: Sun, 11 Sep 2022 14:52:43 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7491922a1fc6b509-OSL


--- Additional Info ---
Magic:  data
Size:   1423
Md5:    f1da4658772356111900e6a4ea1e4980
Sha1:   1b7a1448488bae4ae314b6b1ef95c05b5e90e935
Sha256: d27993fed4590888a2177bf0f6200fad63f70a30458bb75a7f5a1f2b12b8cecf
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "664BD1B31B16F81B6A042A0141309C581D70B7FF0699CCB19CCAFF513AABA88E"
Last-Modified: Sat, 10 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4621
Expires: Sun, 11 Sep 2022 17:09:32 GMT
Date: Sun, 11 Sep 2022 15:52:31 GMT
Connection: keep-alive

                                        
                                            GET /ajax/bootstrap/3.3.7/bootstrap.min.js HTTP/1.1 
Host: ajax.aspnetcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dngsnl.com
Connection: keep-alive
Referer: https://dngsnl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         152.199.19.160
HTTP/2 200 OK
content-type: application/javascript
                                        
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 4544097
cache-control: public,max-age=31536000
date: Sun, 11 Sep 2022 15:52:32 GMT
etag: "80bdc1e6cb33d21:0"
last-modified: Mon, 31 Oct 2016 23:09:59 GMT
server: ECAcc (ska/F6C5)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 9839
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32033)
Size:   9839
Md5:    432ca07a1a844dbb27f9e0ab0d468be5
Sha1:   7fdaf858d702f84536a515c675b4028ce2eb0cfa
Sha256: 12732099d21835fabf83a93eec52f7cf1847cd64a0572d18917b2e13b06d5cf0
                                        
                                            GET /ajax/bootstrap/3.3.7/css/bootstrap.min.css HTTP/1.1 
Host: ajax.aspnetcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dngsnl.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         152.199.19.160
HTTP/2 200 OK
content-type: text/css
                                        
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 7638288
cache-control: public,max-age=31536000
date: Sun, 11 Sep 2022 15:52:32 GMT
etag: "0e914f2cb33d21:0"
last-modified: Mon, 31 Oct 2016 23:10:18 GMT
server: ECAcc (ska/F740)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 19629
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65371)
Size:   19629
Md5:    7e2bb6028f0b19917a1a2d1944fc72b1
Sha1:   e1837fc75ee2ddd24c6e1df6b309ea212b57e681
Sha256: cc6093bd7162882fd34252fb5d3e8e7d07247e3b70fad894320bf2a960abeda5
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 15:52:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 15:52:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 15:52:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /zcvisitor/bc59dbe0-31e9-11ed-a788-12800577dda5/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=37c9e6c0-26dd-11ed-b69b-12beee04f19b HTTP/1.1 
Host: gaut-hil.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rekisi.kimigaz.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         34.194.66.161
HTTP/2 200 OK
content-type: text/html;charset=UTF-8
                                        
date: Sun, 11 Sep 2022 15:52:28 GMT
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
server: TpfXIBFX
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   31770
Md5:    341fae0fe5556f79956fd747d45f2bc6
Sha1:   6a1f80a6776c8d90d1497c511b61e91fb5f6b0b2
Sha256: 3cfff03e3c0ab2a20241f367c23fbf1574242534e70d1c3aad68b09de5589986
                                        
                                            GET /common_tpls/compactML/css/epcjfgacs2.css HTTP/1.1 
Host: dngsnl.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dngsnl.com/acct/epc68088/add/?epcVIP=48.1066.g90&lang=en&email=&password=&ci_qcksub=1&act=epc68088.47269-460979.415.a409e1a98de346fbbd483743bd75999c&epcCID=c6V9NcVbGeofGay1M8e044i89cCen8Pfg&rtid=7804830833
Cookie: PHPSESSID=0aa8163afda97289fcbc6fd9df318fa1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         207.120.33.12
HTTP/2 200 OK
content-type: text/css
                                        
date: Sun, 11 Sep 2022 15:52:32 GMT
content-length: 8861
last-modified: Thu, 15 Jul 2021 14:50:13 GMT
etag: W/"60f04b25-bac6"
content-encoding: gzip
section-io-cache-id: f1acfed0e073235f3a8fbfc889cc1fb2
vary: Accept-Encoding
x-varnish: 9309641 773730
age: 12825
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 00ab6ec8f55fa7cc07259cd6e4c972e9
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   8861
Md5:    8baefa9235356383901af17857ab60c7
Sha1:   6281517070ee798472613658703156ac35c07ae4
Sha256: 3f25245183ea47e8d4b9846dd1a0412b463ae4290f4dc9650723ba9219bd82e3
                                        
                                            GET /common_tpls/images/icons/password.png HTTP/1.1 
Host: dngsnl.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dngsnl.com/acct/epc68088/add/?epcVIP=48.1066.g90&lang=en&email=&password=&ci_qcksub=1&act=epc68088.47269-460979.415.a409e1a98de346fbbd483743bd75999c&epcCID=c6V9NcVbGeofGay1M8e044i89cCen8Pfg&rtid=7804830833
Cookie: PHPSESSID=0aa8163afda97289fcbc6fd9df318fa1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         207.120.33.12
HTTP/2 200 OK
content-type: image/png
                                        
date: Sun, 11 Sep 2022 15:52:32 GMT
content-length: 1452
last-modified: Tue, 16 Jun 2020 16:45:10 GMT
etag: "5ee8f716-5ac"
section-io-cache-id: d62bc91233f49705edd39451bbbb4a7c
x-varnish: 876721 3445986
age: 18520
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 81253705e7fa2222e53e3029b5fc4c76
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 26 x 26, 8-bit/color RGB, non-interlaced\012- data
Size:   1452
Md5:    6f100f1cdbdce928118ffa4c9293ca5b
Sha1:   6b1a3593e792d4c00187d60560dd03fb42df1156
Sha256: 8c1a6b9e0c63edc7fa86898148dc6493cd56113fabbf85d901f7af4c180fce74
                                        
                                            GET /common_tpls/images/icons/email.png HTTP/1.1 
Host: dngsnl.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dngsnl.com/acct/epc68088/add/?epcVIP=48.1066.g90&lang=en&email=&password=&ci_qcksub=1&act=epc68088.47269-460979.415.a409e1a98de346fbbd483743bd75999c&epcCID=c6V9NcVbGeofGay1M8e044i89cCen8Pfg&rtid=7804830833
Cookie: PHPSESSID=0aa8163afda97289fcbc6fd9df318fa1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         207.120.33.12
HTTP/2 200 OK
content-type: image/png
                                        
date: Sun, 11 Sep 2022 15:52:32 GMT
content-length: 1254
last-modified: Mon, 21 Aug 2017 19:32:08 GMT
etag: "599b3538-4e6"
section-io-cache-id: 9a5bbf743d7e53a2d4383aae2617dad4
x-varnish: 9184736 7448115
age: 13776
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 95337a4435ebe6360917b33a16301fd9
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 26 x 26, 8-bit/color RGB, non-interlaced\012- data
Size:   1254
Md5:    a86d99b9176d82a211cfa29b2f0b353f
Sha1:   62947ddfd87e3a21869818885e4bfa4e55ad0c11
Sha256: f8e82194c97e2a11a8c77fcd55d1ded51a1943b78eefac8475890f665dc620f1
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 15:52:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /common_tpls/js/validate_form_v2.js?jsv=25 HTTP/1.1 
Host: dngsnl.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dngsnl.com/acct/epc68088/add/?epcVIP=48.1066.g90&lang=en&email=&password=&ci_qcksub=1&act=epc68088.47269-460979.415.a409e1a98de346fbbd483743bd75999c&epcCID=c6V9NcVbGeofGay1M8e044i89cCen8Pfg&rtid=7804830833
Cookie: PHPSESSID=0aa8163afda97289fcbc6fd9df318fa1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         207.120.33.12
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 11 Sep 2022 15:52:32 GMT
vary: Accept-Encoding
last-modified: Wed, 27 Jul 2022 20:38:46 GMT
etag: W/"62e1a256-5a7b"
section-io-cache-id: d9901792c2afcf406d6d0942b2529f95
x-varnish: 9309642 3267398
age: 13776
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Hit
content-encoding: gzip
section-io-id: 5c60c8594410121c292142ce908316e2
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   6088
Md5:    d30ec37b1d9a11b225c781b058109520
Sha1:   503b47a6b921aad7dfd8eab907a0eb95bbba8081
Sha256: 15b882347cfae7955c381a80dee2f0950f7226480af80ae4310a41592ac52fd4
                                        
                                            GET /releases/v5.15.4/css/pro.min.css?token=b314bdf1b3 HTTP/1.1 
Host: ka-p.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dngsnl.com/
Origin: https://dngsnl.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.18.22.52
HTTP/2 200 OK
content-type: text/css
                                        
date: Sun, 11 Sep 2022 15:52:32 GMT
content-length: 54194
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-d3b2"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 855051
accept-ranges: bytes
server: cloudflare
cf-ray: 74919230ea91b518-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65397)
Size:   54194
Md5:    dc9270247a97f75913a5d8934c24de03
Sha1:   ed9b0fa01b552571f99d529ed355b2ba91cfc48d
Sha256: 847cc3ab1ea736cbbaac34833596335471fc7a888089b501b3c83a323566f0b8
                                        
                                            GET /css2?family=Poppins:wght@300;400;600&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dngsnl.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 11 Sep 2022 15:52:32 GMT
date: Sun, 11 Sep 2022 15:52:32 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (26366)
Size:   4677
Md5:    26ed8c45bd301357463fa59997d462b2
Sha1:   22f478d0e8b309a230dd77243f02d804bb991986
Sha256: d07dcfce9e0fcdc20441b038ef31bd0a8e69b5750f3cf6f9b19ec1eb2b62d48f
                                        
                                            GET /releases/v5.15.4/css/pro-v4-font-face.min.css?token=b314bdf1b3 HTTP/1.1 
Host: ka-p.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dngsnl.com/
Origin: https://dngsnl.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.18.22.52
HTTP/2 200 OK
content-type: text/css
                                        
date: Sun, 11 Sep 2022 15:52:32 GMT
content-length: 2603
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-a2b"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 855051
accept-ranges: bytes
server: cloudflare
cf-ray: 74919230ea94b518-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (27832)
Size:   2603
Md5:    eaaabd3f60063923cd5333eb1d7a20a1
Sha1:   0da69706105e28896a1f6eeaa91d5bec1b82f7f1
Sha256: f863309ec0ac675409167610ff9776fa9c7620d6ee3592cc0c19d0b883ff2f70
                                        
                                            POST /gsalphasha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 15:52:32 GMT
Content-Length: 1423
Connection: keep-alive
Expires: Thu, 15 Sep 2022 14:01:16 GMT
ETag: "c24a71871d110703917791427ff4fe8317e0a6d3"
Last-Modified: Sun, 11 Sep 2022 14:01:17 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749192310a97b509-OSL


--- Additional Info ---
Magic:  data
Size:   1423
Md5:    70e49bc67acc8a17a243a99c9b8009bc
Sha1:   c24a71871d110703917791427ff4fe8317e0a6d3
Sha256: eac92c5e80c48e672b2ac3d6b7e0cdda058342110757cce01f863e8a2efb6b23
                                        
                                            GET /?v=1 HTTP/1.1 
Host: geoip.enlistsecureup.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dngsnl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         163.171.128.172
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 11 Sep 2022 15:52:32 GMT
server: waf/4.31.15-0.el6
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-via: 1.1 PS-SJC-011UH181:4 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc200:14 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1je97:15 (Cdn Cache Server V2.0)
x-ws-request-id: 631e0440_PS-FRA-01lai110_43533-64455
set-cookie: HMF_CI=22abcf2de48bf4c5ac6f8aecd764ca45565be47929b4dd0494812135c192bc342d005bf5b859cc835da5e20e3eae77a88a705807f04086f7e638bb0bf70ccf8f01; Expires=Tue, 11-Oct-22 15:52:32 GMT; Path=/
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   18585
Md5:    9012dcf5c8246440b577efdb482b5173
Sha1:   ff7129e34d3838ec0e8dd24507d2c96bd9a6f873
Sha256: a8f5908c1f9a416e3d4516bfa3454e9f11a16310947b659ca645093f7a1b4902
                                        
                                            GET /acct/trk/?rtid=7804830833 HTTP/1.1 
Host: dngsnl.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: VwUCVFRWCBAJV1dSDwkPVV0=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMzNTUyNTAiLCJhcCI6IjExMDMwNzg4NDIiLCJpZCI6IjBjNjBjMzEwYjRlODBhM2IiLCJ0ciI6IjIyNGUxZTA5Y2UyNWRmOTg4NzdjNjhlNTY0NjNmZTEwIiwidGkiOjE2NjI5MTE1NDE0Nzd9fQ==
traceparent: 00-224e1e09ce25df98877c68e56463fe10-0c60c310b4e80a3b-01
tracestate: 3355250@nr=0-1-3355250-1103078842-0c60c310b4e80a3b----1662911541477
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://dngsnl.com/acct/epc68088/add/?epcVIP=48.1066.g90&lang=en&email=&password=&ci_qcksub=1&act=epc68088.47269-460979.415.a409e1a98de346fbbd483743bd75999c&epcCID=c6V9NcVbGeofGay1M8e044i89cCen8Pfg&rtid=7804830833
Cookie: PHPSESSID=0aa8163afda97289fcbc6fd9df318fa1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         207.120.33.12
HTTP/2 200 OK
content-type: text/json;charset=UTF-8
                                        
date: Sun, 11 Sep 2022 15:52:32 GMT
content-length: 21
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-varnish: 7207571
age: 0
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Miss
section-io-id: 5b41e216c989999573a3003c75c60d99
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   21
Md5:    c6ac7561751dd2fdac1cb071658bc201
Sha1:   0a91001f24deae3716813105c5314410bd7e1a88
Sha256: 44c8451a8e62006fb7746d695ef95ed8f6fecec44ce1090ce1d2531c7f5b4418
                                        
                                            GET /1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=2421&ck=1&ref=https://dngsnl.com/acct/epc68088/add/&ap=88&be=1919&fe=2347&dc=2343&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1662911539116,%22n%22:0,%22f%22:1219,%22dn%22:1221,%22dne%22:1225,%22c%22:1225,%22s%22:1329,%22ce%22:1543,%22rq%22:1543,%22rp%22:1811,%22rpe%22:1811,%22dl%22:1815,%22di%22:2331,%22ds%22:2343,%22de%22:2345,%22dc%22:2345,%22l%22:2345,%22le%22:2348%7D,%22navigation%22:%7B%7D%7D&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken HTTP/1.1 
Host: bam.nr-data.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dngsnl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         162.247.241.14
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Sun, 11 Sep 2022 15:52:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 74919233d8f9fac4-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=d61d7644ef472812; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   77
Md5:    f1442f5831dbbe0210da2d7a4180d6b8
Sha1:   2ade23c6c7a001c66f0c0a9a101ec152747b434e
Sha256: c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
                                        
                                            POST /events/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=2702&ck=1&ref=https://dngsnl.com/acct/epc68088/add/ HTTP/1.1 
Host: bam.nr-data.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 671
Origin: https://dngsnl.com
Connection: keep-alive
Referer: https://dngsnl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         162.247.241.14
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Sun, 11 Sep 2022 15:52:33 GMT
Content-Length: 24
Connection: keep-alive
CF-Ray: 74919234e9bdfac4-OSL
Access-Control-Allow-Origin: https://dngsnl.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   24
Md5:    bc32ed98d624acb4008f986349a20d26
Sha1:   2d3df8c11d2168ce2c27e0937421d11d85016361
Sha256: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8092dc3d-1f2d-4e22-b40a-bf1c53ea42e6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10298
x-amzn-requestid: f2e2d57b-1f6f-401a-bf0d-ca5c05dd5e59
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YE-nmHBKIAMFrZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63184496-52d1369463143fc94894e347;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 07:13:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: PRnDEhi5jnNROYiVXzfn4b_vf-OHnwO5RD38I1bLV8JEJb2gDYrqvg==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:40:34 GMT
age: 65522
etag: "a9f77626875d68e1aea2516f78d491eba9969e37"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10298
Md5:    99bd16c51d8e4853d6ee542d2ec9fb22
Sha1:   a9f77626875d68e1aea2516f78d491eba9969e37
Sha256: b360c3c9fa12dc4f57fdbfc88fe820ecee1c049f2d43f44cd38b740513d8e9f8
                                        
                                            GET /ep.php/prmagms:71475/68088:415.a409e1a98de346fbbd483743bd75999c HTTP/1.1 
Host: www.fst-ent-lnk.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.cyberslut2069.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         35.161.146.8
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
date: Sun, 11 Sep 2022 15:52:30 GMT
location: https://fstlgin.com/signup/?epcVIP=48.1066.g90&lang=en&email=&password=&ci_qcksub=1&act=epc68088.47269-460979.415.a409e1a98de346fbbd483743bd75999c
set-cookie: AWSALB=/evN0xqQ730nXrZpHvvXuCwUb5CDt5ITbeL9HW57/+yBMpFPC2kUssHBJWdNL1Su5ikty16LBlyZGuhHmPiGX/qqJM0Lnn+g8DSjfD/5Nt2gFKAPAdbh3oCp+aN+; Expires=Sun, 18 Sep 2022 15:52:30 GMT; Path=/ AWSALBCORS=/evN0xqQ730nXrZpHvvXuCwUb5CDt5ITbeL9HW57/+yBMpFPC2kUssHBJWdNL1Su5ikty16LBlyZGuhHmPiGX/qqJM0Lnn+g8DSjfD/5Nt2gFKAPAdbh3oCp+aN+; Expires=Sun, 18 Sep 2022 15:52:30 GMT; Path=/; SameSite=None; Secure vip_id=68088.47269-460979; expires=Wed, 14-Sep-2022 15:52:30 GMT; Max-Age=259200; path=/
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /b314bdf1b3.js HTTP/1.1 
Host: kit.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dngsnl.com
Connection: keep-alive
Referer: https://dngsnl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.22.52
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Sun, 11 Sep 2022 15:52:32 GMT
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: FxDOkOaSbBI2tu8RsiEC
cf-cache-status: HIT
server: cloudflare
cf-ray: 7491923049a9b518-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /common_tpls/js/form_support.js?v=1516308712 HTTP/1.1 
Host: dngsnl.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dngsnl.com/acct/epc68088/add/?epcVIP=48.1066.g90&lang=en&email=&password=&ci_qcksub=1&act=epc68088.47269-460979.415.a409e1a98de346fbbd483743bd75999c&epcCID=c6V9NcVbGeofGay1M8e044i89cCen8Pfg&rtid=7804830833
Cookie: PHPSESSID=0aa8163afda97289fcbc6fd9df318fa1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         207.120.33.12
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 11 Sep 2022 15:52:32 GMT
vary: Accept-Encoding
last-modified: Tue, 19 Jan 2021 00:12:19 GMT
etag: W/"600623e3-3d1"
section-io-cache-id: aa0ddf096b50020ccd1b1862b27ad653
x-varnish: 9184735 6937745
age: 13766
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Hit
content-encoding: gzip
section-io-id: 2d68964d8745e2e14f932ebcc51eaf59
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /common_tpls/js/iframeResizer.contentWindow.min.js HTTP/1.1 
Host: dngsnl.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dngsnl.com/acct/epc68088/add/?epcVIP=48.1066.g90&lang=en&email=&password=&ci_qcksub=1&act=epc68088.47269-460979.415.a409e1a98de346fbbd483743bd75999c&epcCID=c6V9NcVbGeofGay1M8e044i89cCen8Pfg&rtid=7804830833
Cookie: PHPSESSID=0aa8163afda97289fcbc6fd9df318fa1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         207.120.33.12
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 11 Sep 2022 15:52:32 GMT
vary: Accept-Encoding
last-modified: Thu, 04 Feb 2016 15:05:04 GMT
etag: W/"56b368a0-3445"
section-io-cache-id: c6ca4231f999450c57567eb3bc608952
x-varnish: 9184737 7448154
age: 13760
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Hit
content-encoding: gzip
section-io-id: 0cf8d95a9cb45bbdd69cbf28446b209b
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /?utm_source=n19ck4pSWjZsA&s1=719fbd40-273d-47b8-882f-683d1074b172&s2=w6809rb7ub44ufvi20l4voga HTTP/1.1 
Host: flirtyhoookup.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gaut-hil.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         172.67.201.85
HTTP/2 302 Found
content-type: text/html; charset=utf-8
                                        
date: Sun, 11 Sep 2022 15:52:29 GMT
location: https://www.arkdcz.com/MSJ7L4/HX6G2NF/?sub1=418543&sub2=xwULsmaWHvzRuxTQQgZlvrGGMdQipPWCpR
cache-control: max-age=0, private, must-revalidate
cross-origin-window-policy: deny
set-cookie: k=SFMyNTY.g3QAAAAEbQAAAARhdW5xdAAAAAFtAAAABTMxNTQ4bQAAAApLTnZxYUFYT3pLbQAAAANoaWRtAAAAInh3VUxzbWFXSHZ6UnV4VFFRZ1psdnJHR01kUWlwUFdDcFJtAAAAAmhsZAADbmlsbQAAAAN1bnFtAAAADGVyaE16YXFyZVBjQg.o-4PDn_JZJwENW_qaV1J7RwocPSY-Z7GERxEKEZEDAY; path=/; expires=Mon, 11 Sep 2023 15:52:29 GMT; max-age=31536000
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uht9nlS37ESUc4%2FVwj5l5t%2F904AqL5sV3zjJ6XbDkGgIZnZ2uJ6OqOXKj8HJdsI8fPg4rOwlSzKRajKW6tYW%2Bt0zUFl3DRjE1Xoxlte8FGB7Hf0%2Bepw1kEUPGQ4YIV0YkZEH0g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7491921fcb8a0b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=a409e1a98de346fbbd483743bd75999c&tk=MSJ7L4 HTTP/1.1 
Host: go.cyberslut2069.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gaut-hil.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.59
HTTP/2 200 OK
content-type: text/html
                                        
last-modified: Thu, 23 Dec 2021 16:52:18 GMT
server: AmazonS3
content-encoding: gzip
date: Sat, 10 Sep 2022 20:12:25 GMT
etag: W/"0d1c30819e500f4f596aa3421773d64f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: btI3bAA8FCk9P9eUH_ouRLazgLAufMZIdC7Qsuy2jW-NzMEFn-ENiA==
age: 70804
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /vrfttcyber/assets/font/tomorrow.ttf HTTP/1.1 
Host: go.cyberslut2069.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=a409e1a98de346fbbd483743bd75999c&tk=MSJ7L4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.59
HTTP/2 200 OK
content-type: application/x-font-ttf
                                        
last-modified: Thu, 02 Dec 2021 15:25:35 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 11 Sep 2022 01:38:21 GMT
etag: W/"0a9ac70c15e2fc709830d2eccb2b8cff"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Y7y1vmuFOtfsLnIryu8YJOzCrUcO8zOHutO2vdnR7oyOjVgbuJyTBQ==
age: 51250
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /icon?family=Material+Icons HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dngsnl.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 11 Sep 2022 15:52:32 GMT
date: Sun, 11 Sep 2022 15:52:32 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---