money-easilyhia.buzz/
200 OK 7.5 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1229)
Hash 45fe581dfe36fdca47560cfd74b89210
57b4f81ff589475f61a045ec0961f0ededca852f
4a4ebd8eb1f61d26660390f9819a0ba31c4db1f71a5322c5be46f6e26af0df7d
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET / HTTP/1.1
Host: money-easilyhia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 15:49:23 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: loclang=en; expires=Wed, 01-Feb-2023 15:49:23 GMT; Max-Age=259200; path=/
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Q4AIFw5PaoxdNt06iQGZFVu2MrUnBAT7f2VuyZN4E92I0cMe7XJWWgiyoVFg1vND84I5V5qDb3YRqMXjNMeRYxj0WBUOrJ81RmXQD05Fkph3%2BMvLVI3D82uiNnxx4FIxiS8FqQUJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79131e153e030afa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 81dd5c5cc5b3278876cb44dcb520a60f
c0511a59e9eccdcdda98717b87c89c5d59974808
41736c303afdb3d31e48724b107dcb22883cae02f3562308eb52d9164001a2de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "41736C303AFDB3D31E48724B107DCB22883CAE02F3562308EB52D9164001A2DE"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16891
Expires: Sun, 29 Jan 2023 20:30:54 GMT
Date: Sun, 29 Jan 2023 15:49:23 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2825
Expires: Sun, 29 Jan 2023 16:36:28 GMT
Date: Sun, 29 Jan 2023 15:49:23 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 302c7548412192add063ad6c8b99cf3b
e5d178931a27db036ce8daae302594d3ff7050b8
fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18683
Expires: Sun, 29 Jan 2023 21:00:46 GMT
Date: Sun, 29 Jan 2023 15:49:23 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 29 Jan 2023 15:43:08 GMT
content-type: application/json
age: 375
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: JbrREEAYBxMZu0zN0yApErkecdQt8jqBZcjFGPp4WH9X5LhC9DOxuKtA+cH1PaGucrXc8zY8ypk=
x-amz-request-id: 6DWCWYW0FBSCRH1T
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 29 Jan 2023 14:50:21 GMT
age: 3542
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 15:49:23 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
money-easilyhia.buzz/assets/slick.css?88888888
200 OK 508 B URL HTTP/1.1 money-easilyhia.buzz/assets/slick.css?88888888
IP
File type ASCII text, with very long lines (1293), with no line terminators
Hash 36c4181556d368c2297ef54ef3585b06
21a507a2a32aef43220509827cbbd41e50350420
e5055a28e16f534da536a52e634826756a937511c49efb808d3d9117032dd52c
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/slick.css?88888888 HTTP/1.1
Host: money-easilyhia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilyhia.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 15:49:23 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-50d"
Expires: Mon, 30 Jan 2023 03:49:23 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pC4VeurHUfI4iemMv7w5AGbQvLumdSlS0EKhnEpP5b7hKqzIWfHo59eb69vKprBWsl%2FB1K%2F%2F8Q%2FIN%2Fr1gSzyoB1Mz3g4NgwqDojZVvo5KsQAnv5rQMoU%2FppdsYh9XqCl9t%2BA5OMIlw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79131e17d943b509-OSL
alt-svc: h2=":443"; ma=60
money-easilyhia.buzz/assets/feature-s.css?88888888
200 OK 2.4 kB URL HTTP/1.1 money-easilyhia.buzz/assets/feature-s.css?88888888
IP
Hash 1f1176aeeb3d24606f0d421e63380356
1fe454504f971049fb8521ffa7058519090f670b
02069319cb3f5401d6480f12abcfdd2e2c59a5593a40078f131b09414d0e0e22
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/feature-s.css?88888888 HTTP/1.1
Host: money-easilyhia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilyhia.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 15:49:23 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-3891"
Expires: Mon, 30 Jan 2023 03:49:23 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pn5CEMPe%2B4K6qx%2BzYYvZCRR7Y2KWV9celDdy4SbAsOxCMy1QZhFFcSTBuCtEIPoq9WSjU0S0ebzOZfybKF7I%2FNpW3KIOej%2BnMJ7Uib96YLQIOyGZp8bLy96TwJ0nDJ8dpqj1ik18Mw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79131e17d9da0b59-OSL
alt-svc: h2=":443"; ma=60
money-easilyhia.buzz/assets/animation.css?88888888
200 OK 5.7 kB URL HTTP/1.1 money-easilyhia.buzz/assets/animation.css?88888888
IP
Hash 1cc3b03d0a4ee4e518a895137a81b88c
3fdd3c3c6c015a076f3f019506f7b4aba767b606
0e403703d1a87a9c7ba4145e78eba52110f7383cc88a1c5b5c4830f1dc235061
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/animation.css?88888888 HTTP/1.1
Host: money-easilyhia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilyhia.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 15:49:23 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-1159d"
Expires: Mon, 30 Jan 2023 03:49:23 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QDbdIFji6H3ZUM4y9YcBSx0uwmNe2C8E1y44IfhJEjUl9vPskf1cNe6BEdN2sbgw%2Fo3h8OCmWCC54fDdcMzEAy5gTdgQLJLXd9dLOw6PeFPEjq%2FtGGYMyVbnaNpRkHn4OOLhW7ldvg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79131e17d941b509-OSL
alt-svc: h2=":443"; ma=60
money-easilyhia.buzz/assets/slick-theme-s.css?88888888
200 OK 873 B URL HTTP/1.1 money-easilyhia.buzz/assets/slick-theme-s.css?88888888
IP
Hash 15d25297ad87dcd9d31b99f050983138
0b4320349b2078f3cd3b5633116451007870a146
789311973612cfb041549c885450da7336fa09136a9d1873dc1619c687a9a5ec
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/slick-theme-s.css?88888888 HTTP/1.1
Host: money-easilyhia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilyhia.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 15:49:23 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-bd8"
Expires: Mon, 30 Jan 2023 03:49:23 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FwyWEzfkjGXCEUToTO%2FTSiBU8ojchDyer6Ex2aQmvRtfmrVVswNVFZ%2FhCL4zVeTwzUvLq7N0tsU6pKNZczIcaLRDYP%2BDdsFmC0OETrt6gw4aTUH1Qd2zV5sHNvL6bHtX6K8pl%2Fj%2Fkw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79131e17ee65b4f9-OSL
alt-svc: h2=":443"; ma=60
money-easilyhia.buzz/assets/lightbox.css?88888888
200 OK 4.9 kB URL HTTP/1.1 money-easilyhia.buzz/assets/lightbox.css?88888888
IP
Hash 4138845c6491ac3fb55923958b4d0b29
81c43933cd63fbc8f73e527b65c0b61932f6594e
e48a7338ab4bb2f4e375c03cf2c0f0d7e5e3d58380c214b7c38699b6d742c71c
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/lightbox.css?88888888 HTTP/1.1
Host: money-easilyhia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilyhia.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 15:49:23 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-657c"
Expires: Mon, 30 Jan 2023 03:49:23 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8jYidkrJ5kdSiC6WKzTgPIm%2F4vNMIXiP3rLi4FE3RlNX1odBGooQLKw54sdle3%2FrpQIraqH7PU6Atag7cceBPV4kQvmPw013YCXA6qD6g9PGSs5tCtIWANSPIO84CrhY4AeBZKRTGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79131e17ea0f0b39-OSL
alt-svc: h2=":443"; ma=60
money-easilyhia.buzz/assets/bootstrap.min.css?88888888
200 OK 32 kB URL HTTP/1.1 money-easilyhia.buzz/assets/bootstrap.min.css?88888888
IP
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash ae12e3611d61769d9e3e6c24cf428cc3
551f716d4782b28c6dd92fa204057b5170c18205
c2369dbf06ea375f8fe7afd3a17e900951f62c9628250ccc3b5cec935e565682
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/bootstrap.min.css?88888888 HTTP/1.1
Host: money-easilyhia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilyhia.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 15:49:23 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-3332d"
Expires: Mon, 30 Jan 2023 03:49:23 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=femArc7fUkur4wMjk6cDyXWz%2FYVC60%2BHaym7%2FvnKiItI8zsxZqnEKf4AbxZ0b8P4%2BPXcNhnsxk1zNyiidIJ5bjWNhdpbgSfvmcy8d1DwvRUr%2FIIIbgC87crEZuggAl1bua2N3W8hNg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79131e17d8b40afa-OSL
alt-svc: h2=":443"; ma=60
money-easilyhia.buzz/assets/sweetalert2.min.js
200 OK 13 kB URL HTTP/1.1 money-easilyhia.buzz/assets/sweetalert2.min.js
IP
File type Unicode text, UTF-8 text, with very long lines (37599), with no line terminators
Hash 57818ed08c2a7da6d52e46e78f2e2e1c
88c636bfa3a201fec8fc3f18dbc472c9376a6a90
22036697dde58e72d2ade78ae9d18509c90c39f2a5a889adca1d39c39a6dbf6f
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/sweetalert2.min.js HTTP/1.1
Host: money-easilyhia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilyhia.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 15:49:23 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-92e0"
Expires: Mon, 30 Jan 2023 03:49:23 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a4KW%2F5JJPBdpdS6Rc59Gu%2BqsHEaLSEWWpnutm329jzXzR5vuXm%2BoMZDX5ORE9Yane9VCO%2BMf0yg7GDBLYGZaXSHVtKKAkmdZravUZmD20TrW2x%2Bjb5uIRpLqoznyZX0xT0887ch%2FtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79131e187fd8b4f9-OSL
alt-svc: h2=":443"; ma=60
money-easilyhia.buzz/assets/sweetalert2.min.css
200 OK 5.1 kB URL HTTP/1.1 money-easilyhia.buzz/assets/sweetalert2.min.css
IP
File type ASCII text, with very long lines (27093), with no line terminators
Hash 9f590230d0450fc4bdd6c6293f9618e4
22416254ee00589116ee25ada147128de7eaa753
e4daec0f09a9064152f3fe4656da672be6806b2debe90c5bf9cff73f09582056
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/sweetalert2.min.css HTTP/1.1
Host: money-easilyhia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilyhia.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 15:49:24 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-69d5"
Expires: Mon, 30 Jan 2023 03:49:23 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9I%2Fho1G5UUoTf4gz9%2FkjNOIMIA3j9zizIci5oyhukogZcYdj85iRwZ7rue0%2FFEWPc%2FxZbj8TDG%2FaZdU4Mm2LCR7A8uRFpsPShiTSrJuptI1uVi1lzywO60ixDZfvpmK233Y%2F3ikYLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79131e187a28b509-OSL
alt-svc: h2=":443"; ma=60
money-easilyhia.buzz/assets/all-x.min.css?88888888
200 OK 25 kB URL HTTP/1.1 money-easilyhia.buzz/assets/all-x.min.css?88888888
IP
File type troff or preprocessor input, ASCII text
Hash e5dbfb6e80fb1348e8c38b3f010b1e80
bb34657cddac13147e2e0cff6acb550dd230e0a5
16b969791f5dcf2b1a9551cc002bf83ddbc5b18b12eed1673e16a785b5d0b69e
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/all-x.min.css?88888888 HTTP/1.1
Host: money-easilyhia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 15:49:24 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-1e1f7"
Expires: Mon, 30 Jan 2023 03:49:23 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OqdQFQFcQsgrsjZ2Fn9AX0UNB5Lm6k7tpu399TJx4Qahtfu9a6gCB%2FWOfA5j0lPbFz6KJHpVN%2FgSY2MDBIqFGXAnYISUADhyn2JYwatwHdDfo7yzbntU%2BGk7w3MgXy2huT3LJA9c3g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79131e187a5c0b59-OSL
alt-svc: h2=":443"; ma=60
money-easilyhia.buzz/assets/jquery-x.min.js?88888888
200 OK 34 kB URL HTTP/1.1 money-easilyhia.buzz/assets/jquery-x.min.js?88888888
IP
File type ASCII text, with very long lines (32065)
Hash 84a0c3e437d1d313d4cd3141d09d3874
2962981e5d98d0a90c304fc33289f6ddab802d77
0a09302dc6531ed82d1927469b4dd14e5137d9c21cb825adf85cf47f7389b2c9
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/jquery-x.min.js?88888888 HTTP/1.1
Host: money-easilyhia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilyhia.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 15:49:24 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-14e49"
Expires: Mon, 30 Jan 2023 03:49:23 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xj%2BWlbtr1K8LEoXOzldfK%2F8WlAtgiwfTgfD7g8paT3qckIXJNnaRRL92Rsph3m9THVtwqUV3u6RMUr3031wg4NeS%2FMVhxx%2BuamQug1nAClOaOgyQiUnpb1SWLjxSFVTE4oFDiDhjuw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79131e188ad80b39-OSL
alt-svc: h2=":443"; ma=60
money-easilyhia.buzz/assets/bootstrap-s.min.js
200 OK 19 kB URL HTTP/1.1 money-easilyhia.buzz/assets/bootstrap-s.min.js
IP
File type ASCII text, with very long lines (59810)
Hash 05cf97146d1c7c37791dd53ecddfdc7f
baddd653344068f918351421c43ed4ee84bb687a
27451008dc3714f442000aa4a89c75b24ecf9339013ef160321571b740b48310
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/bootstrap-s.min.js HTTP/1.1
Host: money-easilyhia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilyhia.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 15:49:24 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-ea90"
Expires: Mon, 30 Jan 2023 03:49:23 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lTIQcNrt8%2B2iKFzlTPuZuiq0F1t5P511LTwpZO38LKKwczhsEp5PbdAL2rR%2B1b2lVY36PrCDXcnwO%2FsO1to68AYyTVu%2FD9Y1iemYCxhrPxx3NNGbpiZZVJHEbeIQBSdelkE0kt3wKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79131e1899820afa-OSL
alt-svc: h2=":443"; ma=60
money-easilyhia.buzz/assets/style-s.css?88888888
200 OK 51 kB URL HTTP/1.1 money-easilyhia.buzz/assets/style-s.css?88888888
IP
Hash 54a4c76aa3e0415cf2b53c0b899fba29
a43ab96aa24f3d47dbe8436bc701d16e3deec4a0
8c1d4d78976f05f00e34eafa0777f8b85865233d4cc00f5daf933ce6f3afbcd0
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/style-s.css?88888888 HTTP/1.1
Host: money-easilyhia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilyhia.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 15:49:24 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-4e70a"
Expires: Mon, 30 Jan 2023 03:49:23 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rToP9Spvc6Zv677dKDyr30lXPnVXmtxz6OFBXxy3x4RYhqCpDFq213fatIi5ctHGbjZURWps6OzHG8JB5W7cRLbT%2FhzpVacelFNoQJlPr3WK5hgFOYTaKhEZgnEBoVmRlNOU7Q8kfA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79131e186a00b509-OSL
alt-svc: h2=":443"; ma=60
money-easilyhia.buzz/assets/popper.min.js
200 OK 7.2 kB URL HTTP/1.1 money-easilyhia.buzz/assets/popper.min.js
IP
File type ASCII text, with very long lines (18507)
Hash 6e5b24f414ada52a97a0d15b093a9941
81be552a260da7101d3a09ada7a5b19fcd071af5
044729e61dd1b45d0e7f187c08ca75284734423e1304228ddd0c7adf1c81518c
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/popper.min.js HTTP/1.1
Host: money-easilyhia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilyhia.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 15:49:24 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-487c"
Expires: Mon, 30 Jan 2023 03:49:24 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1cdELbsCEo8H1YeKCleN76vbF7iloU5lctipYAocDuplze4u3SCjUj%2FIfmRw7ICLGLpPE%2F7hfxpaxssxMOxBUD4SLkBdjKCiFWpMf5YNg7CT7sHJ2sEwgJC5eYcBLpdmMHhx8pVaWw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79131e190af4b509-OSL
alt-svc: h2=":443"; ma=60
money-easilyhia.buzz/assets/modernizr.min.js
200 OK 3.8 kB URL HTTP/1.1 money-easilyhia.buzz/assets/modernizr.min.js
IP
File type ASCII text, with very long lines (8321)
Hash 9a4e2e88b1efdea3118f90bb5c4b446c
3d2500896e40634fc3eca71833eedb3d5fa422eb
4941c58442c5bf1b79908e4a86d3415fa5412dd34d57c1b3cbc2fce7e8531753
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/modernizr.min.js HTTP/1.1
Host: money-easilyhia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilyhia.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 15:49:24 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-21be"
Expires: Mon, 30 Jan 2023 03:49:24 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MyxhfrpXjpMkg%2BqKlqMUCnPgjW%2BRner8U%2BMfeSIjgYNzlAIIJ98Y%2FPMDAwlfiQSFJ%2BRkVfTcsL2i0s8mUoxNAGSjsZYbQ64RPnx3FMpvJuM349XHNT%2BhcLtwXchHrABMxO86uEGzDw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79131e18f927b4f9-OSL
alt-svc: h2=":443"; ma=60
money-easilyhia.buzz/assets/counterup.min.js
200 OK 585 B URL HTTP/1.1 money-easilyhia.buzz/assets/counterup.min.js
IP
File type ASCII text, with very long lines (917)
Hash ea0a601b8f97764239f1a4f75db91b71
a3529bbefec847eae930cc529284f5dcef0caf89
08716acd48572be9d91c0441f6482ac0899bf642ff051c78d0b9ff7587aa1a42
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/counterup.min.js HTTP/1.1
Host: money-easilyhia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilyhia.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 15:49:24 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-42b"
Expires: Mon, 30 Jan 2023 03:49:24 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LtjO%2BeVdPebxN5hiWXZN89AVXkb3OXXstUrYvfFEq3Wjn2RVHNdCG2a2NZB45xJ8G7W%2B8NQ5Ni3oX%2B5Tak%2FrHinxPZPpmPGdngwqmyUtt4VBOy%2FsaMV6JJRqQUx8KYXTg3uiW4waHg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79131e195a990afa-OSL
alt-svc: h2=":443"; ma=60
money-easilyhia.buzz/assets/wow.min.js
200 OK 3.0 kB URL HTTP/1.1 money-easilyhia.buzz/assets/wow.min.js
IP
File type ASCII text, with very long lines (8099)
Hash 841cab5cb0e19c936289a69708b4645f
72baac3e47877f1bcb275c26341a1564a875fbdb
d5988ca7709f698712b65bdccbce11ce4fd5b2cc6337dce830a5bd32ee53533d
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/wow.min.js HTTP/1.1
Host: money-easilyhia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilyhia.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 15:49:24 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-1fdb"
Expires: Mon, 30 Jan 2023 03:49:24 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KYlEpJgtYpWSfgkuAkZcwReBnyXT9aE7vpo7qNa%2FFW0TT19KMB5CpD9npC%2FR07%2BDbSGYQ4nf9eS0XVn1RgMes5Hg2dB5m61hBZvqBd5VrNX71mkPLmjf5KDS2BJo9IgA7Bdz02lWKw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79131e193ba50b39-OSL
alt-svc: h2=":443"; ma=60
money-easilyhia.buzz/assets/waypoint.min.js
200 OK 2.9 kB URL HTTP/1.1 money-easilyhia.buzz/assets/waypoint.min.js
IP
File type ASCII text, with very long lines (7808)
Hash ea79ab9178211ffc391e74f46b341d65
d94e16f16f5cae7c2826627f501c21f67b3e1b76
becdd9f5aa9671cb12a8fa844a30b208c67de473614c052bc269632ec7fc93c5
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/waypoint.min.js HTTP/1.1
Host: money-easilyhia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilyhia.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 15:49:24 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-1fbc"
Expires: Mon, 30 Jan 2023 03:49:24 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ro21Mukjdmi329WlkSjlBUqpPg4CCZ6x%2FOo2rKtbbMWehl1hJQIt%2BYAC27tVChr9a3xPwEQoqFf5HXD9%2FWMCMUqThIIj2s%2BLdF70mAeImEMfS96hQE5KmrjVyzJhthKpVqJ2B2onbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79131e192b150b59-OSL
alt-svc: h2=":443"; ma=60
money-easilyhia.buzz/assets/masonry.js
200 OK 12 kB URL HTTP/1.1 money-easilyhia.buzz/assets/masonry.js
IP
File type ASCII text, with very long lines (32057)
Hash a368ae034ac81b3412e3dc0ba0f28647
7bccf472749035553d6eb7490fd43e17e8b5e258
d814a73b281891edba62399fe026e3560e55fefef6ab3931d3de775200bb1c14
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/masonry.js HTTP/1.1
Host: money-easilyhia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilyhia.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 15:49:24 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-9c2a"
Expires: Mon, 30 Jan 2023 03:49:24 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lwTY7%2FwdXOBleCQCttn5SH0cSl5TU3OQf2EIFXzBj7r6S3s9hYdCZmQ%2BzRd2NJuFTtySYXfiuxUR5SQPhkPowmMs35rxn1FUmPxdZ2lhFTJ7QZPhpI%2B3rI5AWWvy7y4ZQyWKBjtWlw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79131e198a54b4f9-OSL
alt-svc: h2=":443"; ma=60
money-easilyhia.buzz/assets/feather.min.js
200 OK 24 kB URL HTTP/1.1 money-easilyhia.buzz/assets/feather.min.js
IP
File type Unicode text, UTF-8 text, with very long lines (61392)
Hash cffc999a0e9383e024d48b8ccae08f57
6e6c4a7fc856de515053573fac5af0ce32c4a8de
0564d222e0f0b854142fd4c4f5423ec461463d4d78ee5f20c22163e30a715f0e
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/feather.min.js HTTP/1.1
Host: money-easilyhia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilyhia.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 15:49:24 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-12550"
Expires: Mon, 30 Jan 2023 03:49:24 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZemfQoCMGrq1blHVXL7awFwP67w4UUm%2BEjgfLamCRoOVWLzq%2FNohhyZbP8HEqIWCC%2F2BaOUu8WO%2F6AjF83CeaqeFQEuIN1noVW%2BCOqDxISO2yJGQ3PNkQoqTCstYU9ILPFNnRSPq5A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79131e197b89b509-OSL
alt-svc: h2=":443"; ma=60
money-easilyhia.buzz/assets/sal.min.js
200 OK 1.3 kB URL HTTP/1.1 money-easilyhia.buzz/assets/sal.min.js
IP
File type ASCII text, with very long lines (3154)
Hash 2166635fcdf17a2c5736232ffff1234e
43ddf34acd9784a83ab71bf0b27c719abd39aa83
2044add5ec4e18486453908bd9565d7bcb27b4bf2f64d145dd8aa9a37fcb9650
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/sal.min.js HTTP/1.1
Host: money-easilyhia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilyhia.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 15:49:24 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-c53"
Expires: Mon, 30 Jan 2023 03:49:24 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lh1HLKS8lgrQ73kbmEEgtGK55JBKarKg%2F0peI94ZTl0OzTxyEyikdDtvBF01wYEUAF4zVVzKupKLYUx2Vgb2imyMW%2B6MuVaPAtJu6Gv3wvzXaFz6N%2Fjl3EzJQ%2FofYW8YhNK0L%2BNqyw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79131e198ba3b509-OSL
alt-svc: h2=":443"; ma=60
money-easilyhia.buzz/assets/imageloaded.js
200 OK 2.0 kB URL HTTP/1.1 money-easilyhia.buzz/assets/imageloaded.js
IP
File type ASCII text, with very long lines (5477)
Hash f9edebd800ad4053d4039cc6b7142373
12e96a1ba59bb4ae159d94c2d0cdcb4da29d6193
06b187c469498f65678c398cab9a81ed1bccbdcf205e629cbecfeac0f255ca59
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/imageloaded.js HTTP/1.1
Host: money-easilyhia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilyhia.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 15:49:24 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-15da"
Expires: Mon, 30 Jan 2023 03:49:24 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=soMVaKWE%2FqVXRROaadNNVVuqoJiq6FDQ5RAeM09kmpI7heIxMwKD1q4AeMiOHekByIBCE77xH1Zlw2w5%2FwaKatcajMqrBYZTNMoYjdUqyyaEwWDNRvQPFsX7X6WNYlvlDFhzcbLeNg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79131e199ae70afa-OSL
alt-svc: h2=":443"; ma=60
money-easilyhia.buzz/assets/text-type.js
200 OK 1.7 kB URL HTTP/1.1 money-easilyhia.buzz/assets/text-type.js
IP
Hash 7aad140a767a1c07bf8981f8fb7afe74
49dc597904ca8393e6207736cc87b1eb9f03ad71
0c24fa9a2bed2db6a59c09d68607a82ad92fba8a4d00f7bc6c07da1cfe4bbd74
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/text-type.js HTTP/1.1
Host: money-easilyhia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilyhia.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 15:49:24 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-1b4d"
Expires: Mon, 30 Jan 2023 03:49:24 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oSLZoaKip3wLpXs5hY4I0APmUH4gtIaYCq%2FO7DWNyEzfqILgCz%2Bj1nmD5lOOFM323NSXWumj44VIzW6nnkb0rCaWi6l%2FcT3fiudkY%2F84Q79lQ92i6pcVHMZlFanr1CpMh3Ybxn3lYA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79131e19fc5db509-OSL
alt-svc: h2=":443"; ma=60
money-easilyhia.buzz/assets/lightbox.js
200 OK 7.7 kB URL HTTP/1.1 money-easilyhia.buzz/assets/lightbox.js
IP
File type ASCII text, with very long lines (24591)
Hash 71410dd0a2d4a7faeadc620565ae03c5
8cdd718552fb6bf1b33f9007674e5be9633a5549
c19fbaa70a7249d4c3a77c6835d7f4b26daeec4581a30325fa393db48ec2870f
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/lightbox.js HTTP/1.1
Host: money-easilyhia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilyhia.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 15:49:24 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-6103"
Expires: Mon, 30 Jan 2023 03:49:24 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HWjUk4R9kdZ8BMAV6eJF0vfun8B2RnmPW5Hmf2Ih65jBf1Ls1hSEABUDAkJTl6VRGDhKa%2FD%2FyjRwaDgyFJzUj2gg9DS9eNgMZssm6KWRIXNye0L4W7oCyfyMHFkkmSES1TZ9KeN0eA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79131e19bc280b39-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 15:49:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
money-easilyhia.buzz/assets/slick.min.js?88888888
200 OK 13 kB URL HTTP/1.1 money-easilyhia.buzz/assets/slick.min.js?88888888
IP
File type ASCII text, with very long lines (3201)
Hash d6900ef724d0c46d25e12f20eade1899
5cb31fd820a8f181b7b20f613b3bfacb3c81380e
bd9fe09fb850b18a690e61899014ad18297d165eee517a832aefd1878437090b
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/slick.min.js?88888888 HTTP/1.1
Host: money-easilyhia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilyhia.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 15:49:24 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-c31e"
Expires: Mon, 30 Jan 2023 03:49:24 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U4ruN3WvADvfCngfIEA39yBeOwVHl9sP%2FFE52HYLPGVbsvH8qrFUF5iFoUqoFP90eXNimnnchS7%2Ff%2Bqvydo1rs6yky4pQVnGL2lMVliRdhc84JVh4HYrJK1J3f%2F7YWb1RaPYY56vNg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79131e19cb950b59-OSL
alt-svc: h2=":443"; ma=60
money-easilyhia.buzz/assets/easypie.js
200 OK 4.8 kB URL HTTP/1.1 money-easilyhia.buzz/assets/easypie.js
IP
File type ASCII text, with very long lines (3766)
Hash 305c6b09fc511e04949bd5e262414633
b7bdb7b86c44e902995b6c5f7976c0eda39aebbe
f5b1d145b5f592a14a3279da4db9d525c876eb5b91cb80fc99f2f9eca5a9d3eb
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/easypie.js HTTP/1.1
Host: money-easilyhia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilyhia.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 15:49:24 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-390b"
Expires: Mon, 30 Jan 2023 03:49:24 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pZacZUX2Q7wouinyzKo3hX26nzfq0SvoiEKZUwF7McXUdGPPejJlxMj4JKeuUPHyyi4dQbKtDf%2BigZfxtPuNBXY59TgyJt%2FQeMX5u7aBVRsvWahh5ammHhcW9fWZmk8uwRElRobSPw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79131e19db35b4f9-OSL
alt-svc: h2=":443"; ma=60
money-easilyhia.buzz/assets/fetch.css?cc
200 OK 612 B URL HTTP/1.1 money-easilyhia.buzz/assets/fetch.css?cc
IP
Hash a137de18c3d3d4c3b12d266e69eed750
e3987c47fd92a6ef4fb4f819c511ba71f3504bcc
ae3a7d7f6effeee7c360e623a2a2cecb3940978b568030dba49d97c2a64fe86a
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/fetch.css?cc HTTP/1.1
Host: money-easilyhia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilyhia.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 15:49:24 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 18 Nov 2022 08:29:50 GMT
Vary: Accept-Encoding
ETag: W/"6377427e-5eb"
Expires: Mon, 30 Jan 2023 03:49:24 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VVqmYJu5yULHCoYYfoeynJdmfuA65HD47EbkrWs2e8jLZfpc60yiyTlsdCQ5KaMouD0zeNKxY4MxYkZALyDLmmQyz%2BGgivLXO%2F%2FXqeuSXgHdkUI9ErXS3tI%2B5HcTWvhCSX2Xh%2F4PdA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79131e1a3cf70b39-OSL
alt-svc: h2=":443"; ma=60
money-easilyhia.buzz/assets/js.cookie.js
200 OK 1.5 kB URL HTTP/1.1 money-easilyhia.buzz/assets/js.cookie.js
IP
Hash b7646d958932db8b5a9c82dede819300
dd168c3ed448248071712594275583d5585853a7
64fc83e301678afb8f0d808a969772d175c070d6448a126d5129f40fcedb6745
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/js.cookie.js HTTP/1.1
Host: money-easilyhia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilyhia.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 15:49:24 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-e5c"
Expires: Mon, 30 Jan 2023 03:49:24 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i5BE8kWF8WRxnZ2FdxQ93ORVokx6jJlHqtT0hsxWKa9QA5JVUfr3Zz1CfBeFV9MwuIFx3CjmtJsPOaZi28Xs474SVMPuR2U7hGB%2BfB1Tk%2BIdmbU7VBX65J6x%2B1WswdJWwYX9zCVU9A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79131e1a1c9cb509-OSL
alt-svc: h2=":443"; ma=60
money-easilyhia.buzz/assets/fetch.js?xx
200 OK 669 B URL HTTP/1.1 money-easilyhia.buzz/assets/fetch.js?xx
IP
Hash 7b7c25b066c7cba5d8538919f1a006ad
65d38cf2cf17fa8e43a040bb53305d159e7a6b30
fbbaedfd0ff0abecfa91848fc447111928639e55ce69fc6e9eec1ba6f7415bea
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/fetch.js?xx HTTP/1.1
Host: money-easilyhia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilyhia.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 15:49:24 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 18 Nov 2022 07:59:09 GMT
Vary: Accept-Encoding
ETag: W/"63773b4d-7bd"
Expires: Mon, 30 Jan 2023 03:49:24 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sCmPN6xdLbr6SdEHJuzD0cs8SUUP4SlbMTKg34FcRvf3arS0B7RDLJzUoCwvt69l10OEo8XZjPc2a4dzhwBOq2Nqge3qddhc7ynCqPQnin9RlR%2BBW%2BE8SWhfm65sfgI8FaPIXPCr6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79131e1a5c88b4f9-OSL
alt-svc: h2=":443"; ma=60
money-easilyhia.buzz/assets/jquery-one-page-nav.js
200 OK 2.0 kB URL HTTP/1.1 money-easilyhia.buzz/assets/jquery-one-page-nav.js
IP
Hash cfe0bb2fcc6bc84b34b43e445c464372
cf3021d04288125793302c41ff6397d259213750
2b22a7820f39406ad520ee3d00b18eddc6019968c6af2b2dc9b7a04efe9c9e1c
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/jquery-one-page-nav.js HTTP/1.1
Host: money-easilyhia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilyhia.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 15:49:24 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-1417"
Expires: Mon, 30 Jan 2023 03:49:24 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ob7pdM1pz3mRsVCuwnNrCCGKk8wO7wz11jpq5TWqbIJY1%2F3mOrUpzIUFOLa%2FMD8P%2BSVk8rtomYRT0tTx3HTrZP%2FFwX%2BCHiPkr6zd0UVcl2Q9sf%2FYJclcaCCOuplUd6IFBsnzTUOkuw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79131e1a3b7c0afa-OSL
alt-svc: h2=":443"; ma=60
money-easilyhia.buzz/assets/main.js
200 OK 2.8 kB URL HTTP/1.1 money-easilyhia.buzz/assets/main.js
IP
File type ASCII text, with very long lines (385)
Hash 3e580993bc767aa97cebcec15473e47e
fd634d1e42f791acfa368de45e64f1a24d9a15b1
1b42d467db3799267aed5c19e95665e6b8eadfd1a2b701915584067721a4ac29
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/main.js HTTP/1.1
Host: money-easilyhia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilyhia.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 15:49:24 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
Vary: Accept-Encoding
ETag: W/"632acf41-3616"
Expires: Mon, 30 Jan 2023 03:49:24 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dw5TjDLNzSR9QGCjCxeoLLyTebpvb97pFk9s14Xl4mmOyhfHyBcVbbiWepJD%2Fc2CJyLsXJb4MhvMbAFTUz2EYM6ynIC%2FGz%2FGbVtZ0tUYHiSJ7CHkFJvlPvYmT1eIuIx3oOxvLnFMxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79131e1a3ce4b509-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 75bf326700e29b1b06e57fb96ee2b064
4f979f28905b65637a058cd44be6c25bb51a42e4
385f7a9c4112c4d674264d02229719e7f82e7039e681db8aaa6685ebab2be0c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 15:49:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
money-easilyhia.buzz/assets/axios.min.js
200 OK 6.6 kB URL HTTP/1.1 money-easilyhia.buzz/assets/axios.min.js
IP
File type ASCII text, with very long lines (17808), with no line terminators
Hash 9734bde640c9a5b4071f83af8bebf299
ebb92c16f406f81e49dca95ca4329a6aeed5bd9e
c78c7141edea5aaf285fc4338015994e1541b8e29c11459ac4daecc31fb25899
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/axios.min.js HTTP/1.1
Host: money-easilyhia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilyhia.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 15:49:24 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 16 Nov 2022 14:05:23 GMT
Vary: Accept-Encoding
ETag: W/"6374ee23-4590"
Expires: Mon, 30 Jan 2023 03:49:24 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=amc00p7m0HiL7v%2BrOOxMTLcEO5QYegeE9L5HHEvQJdfcZejMCwcW%2FZkxETify5ByFaQUq%2BOuk4SWM2w9e83aMNNRo2h68psY507Rv%2Fz1YglGT80IJXusx1P81rrF7Zi0e%2B1SOc8YwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79131e1a5c2b0b59-OSL
alt-svc: h2=":443"; ma=60
money-easilyhia.buzz/assets/icon-01.png
200 OK 15 kB URL HTTP/1.1 money-easilyhia.buzz/assets/icon-01.png
IP
File type PNG image data, 250 x 268, 8-bit colormap, non-interlaced\012- data
Hash ca131b67563fa32cda29db2eb1aac047
abdd633761ae4979cb067fb020a535596d495447
6e4656830fee5d5c7def4b0b61f5fb5ce325d220be632adf6e85a80ac80f9b84
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/icon-01.png HTTP/1.1
Host: money-easilyhia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilyhia.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 15:49:24 GMT
Content-Type: image/png
Content-Length: 14714
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
ETag: "632acf41-397a"
Expires: Tue, 28 Feb 2023 15:49:24 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cOU9PEFKTi3c2L53ODV145uUIZAfIZS4yNm5%2FN9pjmjOqODbpHXIq1dI55z8rrk9Nk3zf1nZ4JobBd8msxZy0v7l6V3gv0kR3PbVGoF1fnxI85OVHPwX4lPqzu4MvIe1PBiWMu7J9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79131e1abdb3b509-OSL
alt-svc: h2=":443"; ma=60
money-easilyhia.buzz/assets/custom-s.js?88888888
200 OK 239 B URL HTTP/1.1 money-easilyhia.buzz/assets/custom-s.js?88888888
IP
Hash 5dca6f83ae611c0d3adceb4efef1c028
b90e63354a526dd398fea75adc50da0363e0bf2c
0288a31f1c72f048f2671958727dcbd834433170febc3f64e08aadb31661d878
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/custom-s.js?88888888 HTTP/1.1
Host: money-easilyhia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilyhia.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 15:49:24 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
ETag: W/"632acf41-2e0"
Expires: Mon, 30 Jan 2023 03:49:24 GMT
Cache-Control: max-age=43200
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2cNy0q8pcYJovRO2pKp2wjbz0Dp6A5UaYC2tME2ZWnqclyh1D8ljnoqMYdw0abcs%2FosDRc939Bw5Z%2FdpCo9LkbMYfTkTyjr%2BUFXdyisZg7uSotVwJJsMJ245ArNNLluag%2BVkHmlqxA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79131e1a9d400b39-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
money-easilyhia.buzz/assets/logo.svg
200 OK 20 kB URL HTTP/1.1 money-easilyhia.buzz/assets/logo.svg
IP
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document, ASCII text
Hash b702ea6d1e64d02640da350f1be013d3
d56759285f2dc057e45f03ac62e900658345ab8b
4c1fd3f0c4f7acfdcf696c7d1e45645c35341a3d3eab9abdebacbe07735cc5a0
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/logo.svg HTTP/1.1
Host: money-easilyhia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilyhia.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 15:49:24 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
ETag: W/"632acf41-673e"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ptBTrO0w%2BHiMvbxLmhuWveIknA31tPvawuDkWH2IR0U%2B%2BFVS8nt42vV%2BoOg2DVnjD2UOdzzYqjJjkDlIYMEBZgkm0h3mygjF481IuNEqrsaJRsClXfOs7M7VOIX1flktg01G1QKVtg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79131e1a9d77b509-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
money-easilyhia.buzz/assets/SJunkie_Payment_2.jpg
200 OK 21 kB URL HTTP/1.1 money-easilyhia.buzz/assets/SJunkie_Payment_2.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=412, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=321], progressive, precision 8, 321x412, components 3\012- data
Hash f026163d6ee7afe1602dc4dcc506c0d1
3e542dff204e7ee564c3d1e2b7aa433a7dcd3f16
6449b3cf2957598551749e07067d22837defaece10ac136b96e44fe93e320cfe
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/SJunkie_Payment_2.jpg HTTP/1.1
Host: money-easilyhia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilyhia.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 15:49:24 GMT
Content-Type: image/jpeg
Content-Length: 21127
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
ETag: "632acf41-5287"
Expires: Tue, 28 Feb 2023 15:49:24 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SrEHNdVzshntg0Ib8P9n7H21e7OkJcZsvoMOjaPNOF6SkMIWAZ6ZI6EOpq2QyLUF7Zha4wiokaoR0lutfRYuNkO%2BX1vLTl5Jr4WvJJRMP7fqNYKoD9GzUoJFTZmyR74vTRscHB3Aqg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79131e1b0dc30b39-OSL
alt-svc: h2=":443"; ma=60
money-easilyhia.buzz/assets/logo.png
200 OK 20 kB URL HTTP/1.1 money-easilyhia.buzz/assets/logo.png
IP
File type PNG image data, 356 x 287, 8-bit/color RGBA, non-interlaced\012- data
Hash 9d2163e9639434de6d03ae5115f67d62
0e70313507bbd6a18b944d26ab340af0df757222
7db6b714f8a20eab44186b2705cd7a250fb2874281f634965762dd94b7c81d2b
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/logo.png HTTP/1.1
Host: money-easilyhia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilyhia.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 15:49:24 GMT
Content-Type: image/png
Content-Length: 19515
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
ETag: "632acf41-4c3b"
Expires: Tue, 28 Feb 2023 15:49:24 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dox5AzOiPBUIlWu5ED8elt5uIqi3xaEm3iioD8uOrtIj7NBhiIWiespTkDd7Jhh5A31bs7EAJW1qALJk%2BIx%2FWL8iavQpg9lUlLZ%2Fw1a68wO6kKAvEc4vpPpOVUpxiMB08BHPnzxCFA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79131e1aad6fb4f9-OSL
alt-svc: h2=":443"; ma=60
money-easilyhia.buzz/assets/icon-02.png
200 OK 16 kB URL HTTP/1.1 money-easilyhia.buzz/assets/icon-02.png
IP
File type PNG image data, 250 x 277, 8-bit colormap, non-interlaced\012- data
Hash 82c445709d7c6a242c04cac492268ba5
eaabcf235aa528d1b5abfe37dd769c6716999da8
cc24ad6710369019dbe636dfb79b403b49b0bca03f3dafc1d7a087ed97380ead
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/icon-02.png HTTP/1.1
Host: money-easilyhia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilyhia.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 15:49:24 GMT
Content-Type: image/png
Content-Length: 16354
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
ETag: "632acf41-3fe2"
Expires: Tue, 28 Feb 2023 15:49:24 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zqO7X5cPGRHtXpDil6js%2BAn4pIYXrIdHKI8NpTpHNRO1Nx42f5HMujvuEIvKnEi%2BH3eg8npzZkfQROLRi%2BSoakmUUWuuKd3qQJR2Ma%2BwVOuwRoqhY5NZPlnEyp0zZ57Q%2BW7wv0fEyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79131e1afccf0b59-OSL
alt-svc: h2=":443"; ma=60
money-easilyhia.buzz/assets/icon-03.png
200 OK 13 kB URL HTTP/1.1 money-easilyhia.buzz/assets/icon-03.png
IP
File type PNG image data, 342 x 240, 8-bit colormap, non-interlaced\012- data
Hash 0af0181a412eadd39b9d35db6b534731
c8a7c1c6461ffceb12e17022fdfba1dce1ea5481
684200126fabbd319302af54284909e60261f4d90904b0e972d1cd77c9d7a9c2
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/icon-03.png HTTP/1.1
Host: money-easilyhia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilyhia.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 15:49:24 GMT
Content-Type: image/png
Content-Length: 12558
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
ETag: "632acf41-310e"
Expires: Tue, 28 Feb 2023 15:49:24 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FLjiQdg2lGWmLZHGu3MmE9Cz2GZa%2FPGlButo4GekoU2TaayANwX0L41%2BGpEnAfkQkQPmTiRww5pTYuDuez2cJLiUM1zefJBOEBbhC67h0dTFQMnxbIL%2Fr7hKWyc6hjBqNzKZfcUHcA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79131e1b0e33b509-OSL
alt-svc: h2=":443"; ma=60
money-easilyhia.buzz/assets/SJunkie_Payment_3.jpg
200 OK 17 kB URL HTTP/1.1 money-easilyhia.buzz/assets/SJunkie_Payment_3.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=509, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=301], progressive, precision 8, 301x509, components 3\012- data
Hash dc70c0ab87afc96fef3379df310b40c6
3c33560efbf899a2e5adc9fd9c6e4482c3a4f66b
fa9d0eb1ca1f954e47c8b73d531f2f96c86e7e4a657196d159895ca546442b18
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/SJunkie_Payment_3.jpg HTTP/1.1
Host: money-easilyhia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilyhia.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 15:49:24 GMT
Content-Type: image/jpeg
Content-Length: 17118
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
ETag: "632acf41-42de"
Expires: Tue, 28 Feb 2023 15:49:24 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vP29vNkMaTFNHyy1fkf%2FqwXzV%2B3zO0QWo9J9H7dCkOPtopnRSmLpfxVjmhr1tRnj6PInqevr8oLhvXg%2F7wGCkl1dGYBeiCWJlCyAsUrmNYqeCtGAPe0S%2FqNWHsbgKUnnMUoMXrtaYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79131e1b5e8fb509-OSL
alt-svc: h2=":443"; ma=60
money-easilyhia.buzz/assets/home.png
200 OK 64 kB URL HTTP/1.1 money-easilyhia.buzz/assets/home.png
IP
File type PNG image data, 1000 x 563, 8-bit colormap, non-interlaced\012- data
Hash 91a12b6f4fcb82e9f812e6ef706be0f9
183861bd6196c5a442f2b0b8e79d098a4c535411
b6260bdca58deb46027a76c8395b47d864f38b63a84b2ba0e1d5e186c9f015d4
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/home.png HTTP/1.1
Host: money-easilyhia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilyhia.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 15:49:24 GMT
Content-Type: image/png
Content-Length: 64392
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
ETag: "632acf41-fb88"
Expires: Tue, 28 Feb 2023 15:49:24 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ytul3r82mMMk3XxEni4FonjeKZ1Pd%2BTaz3Q698uy4W%2FZX%2FJ9E7hycNhkGzK9mdmRNjD5fg9LC0iiaqXn2UlUWlAL6rjTRleTj%2BOFCZz09Tbp2o3A7FSdsosKoYzyJtOfOgYkmdDyaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79131e1abbe30afa-OSL
alt-svc: h2=":443"; ma=60
money-easilyhia.buzz/assets/SJunkie_Payment_7.jpg
200 OK 19 kB URL HTTP/1.1 money-easilyhia.buzz/assets/SJunkie_Payment_7.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=555, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=321], progressive, precision 8, 321x555, components 3\012- data
Hash 56331043200e645f5fe1a480ba15955d
c1d1b9d2f9dafd7251cec9d734554662c7932493
009c07de69d08c3a66ff6cf1b4d17ff6227456e4ab66897dc7e70beb2bcd8c1b
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/SJunkie_Payment_7.jpg HTTP/1.1
Host: money-easilyhia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilyhia.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 15:49:24 GMT
Content-Type: image/jpeg
Content-Length: 19303
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
ETag: "632acf41-4b67"
Expires: Tue, 28 Feb 2023 15:49:24 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=94MN8op%2BkSQZhDVeB1TOldA1jn4zv%2F%2FOiwM2wlguEY1LzFgUr%2BDf0k0EBjYiVirbJ35x7mSPRMCQUnvNGh3to82kh7pAeuU9Z%2F%2B6wGa51kFXRdCL5qHzenGXoSl6LM9bxPjKtmlHGw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79131e1b5ee3b4f9-OSL
alt-svc: h2=":443"; ma=60
money-easilyhia.buzz/assets/stars-4.5.svg
200 OK 693 B URL HTTP/1.1 money-easilyhia.buzz/assets/stars-4.5.svg
IP
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fafdcb6f5df0e0058545c6f71f9d45b2
103a08f416d83f391d55d324c338b265879ee611
5c70d6c4212e73b73509b06142a6ad29f760e101dfa12c7c0734dfd45ad8b417
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/stars-4.5.svg HTTP/1.1
Host: money-easilyhia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilyhia.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 15:49:24 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
ETag: W/"632acf41-73c"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iAEuTds8GvesCP408aHxFHkN4xbIQ0u%2BwOFEq7KY3D5OqxV4%2FyC02unx6UhPcqCTxfIn004p88TMC8dRE88oUOHpAzasyZHEiwa5AIqbSGmBhj7Q43o0Ed72H17LkUgWe6PTRV05QQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79131e1baf94b4f9-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 15:49:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
money-easilyhia.buzz/assets/SJunkie_Payment_4.jpg
200 OK 28 kB URL HTTP/1.1 money-easilyhia.buzz/assets/SJunkie_Payment_4.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=577, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=321], progressive, precision 8, 321x577, components 3\012- data
Hash 9a62211fbd8551e713fc8c71e5768574
4fc9aa7db708976521fae295330a5931e47464e7
6deee19a5e39d986daff963d3a2462a0cee9dca95b550bcac0979f630031b45b
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/SJunkie_Payment_4.jpg HTTP/1.1
Host: money-easilyhia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilyhia.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 15:49:24 GMT
Content-Type: image/jpeg
Content-Length: 28541
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
ETag: "632acf41-6f7d"
Expires: Tue, 28 Feb 2023 15:49:24 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sBGFT8MjR756yVtXVoxr2Ir91JWFEzLDeyWEtM%2FcP63VqXAmX0NyDBHJWIyZi2KX9SABBHC2K8HgNXv%2F%2FfVpH8KdpUajPoEmTgBweQFE8YErdWSrEjN4AbIpwA8m3WcLykwTZmvgTA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79131e1b5e140b39-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 29 Jan 2023 15:41:41 GMT
age: 463
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
money-easilyhia.buzz/assets/trustpilot.svg
200 OK 1.7 kB URL HTTP/1.1 money-easilyhia.buzz/assets/trustpilot.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (4177), with no line terminators
Hash 483f3cdd882764c362ef0c26bb3a1d69
d5f98a419cc475be0544a9326c4a24a10d628eb1
a79fc487f090b2a0e956dded9a6be443fabdff5d2c9981da143111e79cb72922
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/trustpilot.svg HTTP/1.1
Host: money-easilyhia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilyhia.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 15:49:24 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
ETag: W/"632acf41-1051"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EFAEJ7MUmCtkAxD42V77UWyv38XnDJmootG8dbG2kuav2bUF29uyW8NR4BmFwoihJBjJawMnIvazYhmDnrtRXa6DOm5yHwpcIzPhBlND5XqQ%2FopgvilZF9ptxLKUo%2BRmzY1zuBHyNw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79131e1b9eebb509-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
200 OK 38 kB URL HTTP/2 fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 37924, version 1.0\012- data
Hash e08be6d5d433944f7ad52902e4d24db5
e2600c1d60d12d397b3ee44411a021231d71e974
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
GET /s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://money-easilyhia.buzz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 37924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 28 Jan 2023 09:44:08 GMT
expires: Sun, 28 Jan 2024 09:44:08 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
content-type: font/woff2
age: 108316
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 15:49:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 15:49:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 15:49:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 15:49:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
money-easilyhia.buzz/assets/sjunkie_way.png
200 OK 79 kB URL HTTP/1.1 money-easilyhia.buzz/assets/sjunkie_way.png
IP
File type PNG image data, 461 x 655, 8-bit/color RGBA, non-interlaced\012- data
Hash bf8a70c4a358d83c51b9ee64d923db2a
7c092ce1b53233000ba92a8138c6ec93166f271a
41f282c48e1b605641ce4a8c042de91c64777c0f3e13501ffc8eefed012f1a43
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/sjunkie_way.png HTTP/1.1
Host: money-easilyhia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilyhia.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 15:49:24 GMT
Content-Type: image/png
Content-Length: 78971
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
ETag: "632acf41-1347b"
Expires: Tue, 28 Feb 2023 15:49:24 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hp7DCtFvauPgn017swWca5bpXV7WDLn6xh3Y4NDj3QZS%2BLQDNObAbVA4cQ5tPWeAJ7SEMgoPiCb6oczmCu9Q9A7i2cp0W%2B0cpS%2FiUbaQIaHojvL%2FksjrhaOoYPUiAzdJTa2Wh5G4dQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79131e1b9eddb509-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 15:49:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
money-easilyhia.buzz/assets/fonts/Feather.ttf?sdxovp
200 OK 65 kB URL HTTP/1.1 money-easilyhia.buzz/assets/fonts/Feather.ttf?sdxovp
IP
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, Feather \012- data
Hash fe1594343a6aed9427c646993d06ea9c
18d0455f25678b44731eac73dc8654df1d2c314e
e103929dd758126ea4a090ff0e33b620f3ceb1b81ffad1345023c95661c84d8c
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/fonts/Feather.ttf?sdxovp HTTP/1.1
Host: money-easilyhia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilyhia.buzz/assets/feature-s.css?88888888
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 15:49:24 GMT
Content-Type: application/octet-stream
Content-Length: 65112
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
ETag: "632acf41-fe58"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ykDhWbBny%2BvuDseLfX2EE0bobYM9urfj5jLAuxHmLfq7UZdsLx8WBcFw20hfPDRHI1O9wr%2B9tyjVzT%2FLG3BJ%2FGXXN0eL3%2FZZGwGBdFymagLAlSiZFEi8kUY6ugvE29AThV%2FjLFe8Lw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79131e1be842b4f9-OSL
alt-svc: h2=":443"; ma=60
money-easilyhia.buzz/assets/fonts/fa-solid-900.woff2
200 OK 154 kB URL HTTP/1.1 money-easilyhia.buzz/assets/fonts/fa-solid-900.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 154228, version 769.768\012- data
Size 154 kB (154228 bytes)
Hash 55b416a8df21f9f987aa352f10d1343b
2717f3f58271f2f2e6120d9937c7227002656d34
d76fb4e841748a3f6bc63efa23156e02631c283bf41f84efcbdaf339ea3e1b73
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/fonts/fa-solid-900.woff2 HTTP/1.1
Host: money-easilyhia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://money-easilyhia.buzz/assets/all-x.min.css?88888888
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 15:49:24 GMT
Content-Type: font/woff2
Content-Length: 154228
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
ETag: "632acf41-25a74"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xt9T7%2FvaYmt%2F8Jt1jMPKbzggj%2Bk4MBxggnWUIKCNZHC%2BECm1uvxBQtMawFGhKq4g7X290WW%2BFcH1px7G17rUxfOcZShPsq5eDaDYQlgw3n6euEAbwjoVUbNwgCEThQmlqOphNZ%2Bp%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79131e1bad050afa-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15530
Expires: Sun, 29 Jan 2023 20:08:14 GMT
Date: Sun, 29 Jan 2023 15:49:24 GMT
Connection: keep-alive
money-easilyhia.buzz/assets/bonus.png
200 OK 298 kB URL HTTP/1.1 money-easilyhia.buzz/assets/bonus.png
IP
File type PNG image data, 900 x 800, 8-bit/color RGBA, non-interlaced\012- data
Size 298 kB (298415 bytes)
Hash 04b3b93e1ceca96c6e4ba3bd59c64174
893a2511b243a6c20ce134e11d62e3599345b210
ad2865044a414918424fe1d26cd2f8f82cc6c7233d823c4de12b4535f8d35b66
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/bonus.png HTTP/1.1
Host: money-easilyhia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilyhia.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 15:49:24 GMT
Content-Type: image/png
Content-Length: 298415
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
ETag: "632acf41-48daf"
Expires: Tue, 28 Feb 2023 15:49:24 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wUSuL5Crug6x0L18EVohFUnj%2FQO%2FADbarZE9DrUNf6P1yfAC1wdqrPeYl308d92EBt1AZBQhn24heqbfRcDsbQGPeHoucpc80OSC8fnmkn7SJMXBA%2BDuBW0Zx7GdmJE%2BJZNItor3cg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79131e1b6d280b59-OSL
alt-svc: h2=":443"; ma=60
money-easilyhia.buzz/fetch.php?act=fetch
200 OK 355 B URL HTTP/1.1 money-easilyhia.buzz/fetch.php?act=fetch
IP
File type JSON data\012- , ASCII text, with very long lines (810), with no line terminators
Hash ce2b419a0feb0f58444519d3e945034d
d55652a1a8e7a911c5ea4793b26cf4c7953f61e9
1b3bcccdf05cc8f53051802e79f681f074ed411a6722147b1793775c74ef62ab
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /fetch.php?act=fetch HTTP/1.1
Host: money-easilyhia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilyhia.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 15:49:24 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vK2HPtHuirE7oi7uu1JDiRacJjaYwAenBSyT1ivbYWKakKmQc%2BykO%2FMRqhbYXKlstvg5EVGJJuUrpeW1h4Nj%2FgPIr0fepnQ7w1lmve%2FQos%2FTaFH6KKcSaF%2F4YJz4n7KLvPoR114xNg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79131e1c885eb509-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
money-easilyhia.buzz/assets/bonus_3.png
200 OK 57 kB URL HTTP/1.1 money-easilyhia.buzz/assets/bonus_3.png
IP
File type PNG image data, 900 x 800, 8-bit colormap, non-interlaced\012- data
Hash 468e062edf16043c313e518667fda914
be97a8e929143c7c606183a6f2c8b9eeee88283a
dfef17acd62edbc98b1b0f5977ac7f3e4738a92bc1b7561fe7452b8f9f3293dd
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/bonus_3.png HTTP/1.1
Host: money-easilyhia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilyhia.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 15:49:24 GMT
Content-Type: image/png
Content-Length: 57266
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
ETag: "632acf41-dfb2"
Expires: Tue, 28 Feb 2023 15:49:24 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B7HWYEjMI%2FxLpqT7Eh%2BaLX3OKs8GGJ1hi0oOAQYRsavcgajGK6cvj25bjn3rbcNbSr0XgFpifPWn4rZ%2ByZ7JxCKNMI7H6DLEZy9n%2Bs9j%2BGysF6PYkk%2BsGE9XHyik5noffR8WUJP%2B8A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79131e1c2fa3b509-OSL
alt-svc: h2=":443"; ma=60
money-easilyhia.buzz/images/ajax-loader.gif
404 Not Found 109 B URL HTTP/1.1 money-easilyhia.buzz/images/ajax-loader.gif
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3bf8e5b194e806e33f65dfafeb99b824
e47321a5ce2bd7d63c3981c10dff614b0a449ba7
10dbaa1586440560d323e0d6aae3dd0d915e3be05b4975518b61190657827a3d
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /images/ajax-loader.gif HTTP/1.1
Host: money-easilyhia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilyhia.buzz/assets/slick-theme-s.css?88888888
Cookie: loclang=en; firstreg=1
HTTP/1.1 404 Not Found
Date: Sun, 29 Jan 2023 15:49:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=etCug60Rilz7ALJptWkM3Iapj54CX5sy4AdVVF7pGNTZZM%2FtC87a5nuxvjHk9LB1IPg7%2FMIJEXq%2BmxT%2FaQbkByC8IO5GTSY4vd3Xx8XrI0dav8cMd0nZUQbWYDpI1SRx2Nfchg%2Bplg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79131e1cea93b4f9-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
money-easilyhia.buzz/assets/bonus_2.png
200 OK 213 kB URL HTTP/1.1 money-easilyhia.buzz/assets/bonus_2.png
IP
File type PNG image data, 900 x 800, 8-bit/color RGBA, non-interlaced\012- data
Size 213 kB (213263 bytes)
Hash fec591d2c382a0c51227dd979441c991
f9aa92d1f72401d02daa7c0deaf2f2a3d97c8bd8
63fa7664b03e7acd2c77a5f54580757aab4060965264f381c7eb6e54613ac992
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/bonus_2.png HTTP/1.1
Host: money-easilyhia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilyhia.buzz/
Cookie: loclang=en
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 15:49:24 GMT
Content-Type: image/png
Content-Length: 213263
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
ETag: "632acf41-3410f"
Expires: Tue, 28 Feb 2023 15:49:24 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qMl8AUd2tdm2XzkyFBzh1SK9D5A8pQCfNJ5SlvN1iswKhUS081JW7DuGLpO%2Bq8Aw1hLCd9duf06jjMgN24632HtfU9o5oVeGOeUf8%2FmcziGByV6H8T39Ae8mkkpB5Z7VXiQ20p1iIw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79131e1c1edb0b39-OSL
alt-svc: h2=":443"; ma=60
money-easilyhia.buzz/assets/fonts/slick.woff
200 OK 1.4 kB URL HTTP/1.1 money-easilyhia.buzz/assets/fonts/slick.woff
IP
File type Web Open Font Format, CFF, length 1380, version 1.0\012- data
Hash b7c9e1e479de3b53f1e4e30ebac2403a
af91c12f0f406a4f801aeb3b398768fe41d8f864
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/fonts/slick.woff HTTP/1.1
Host: money-easilyhia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://money-easilyhia.buzz/assets/slick-theme-s.css?88888888
Cookie: loclang=en; firstreg=1
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 15:49:24 GMT
Content-Type: font/woff
Content-Length: 1380
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
ETag: "632acf41-564"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TIYCQnAH8%2BD9F1oUlEKwJOHwP23coGOqX%2FzP42lMR4XLgKeUlC8dMcDPqeUNqikxW4K8EIjCS8okrQUG8BaArbkwXm30J6PrN7%2By%2FIMLbfDpxQPk1hMC2aWf0J2wG4JE%2BNLY%2BiXxTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79131e1cfe5a0afa-OSL
alt-svc: h2=":443"; ma=60
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash 8cd7da86d7d5cd24355394e5e4c86016
2e4c38bf91289ab3731b8be01e5fb76537a90d82
60266378a1d4c34b570ae2ec26f56f80471ca1db5f0a6e030a59054cd14a46e5
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 15:49:24 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 02 Feb 2023 14:41:43 GMT
ETag: "2e4c38bf91289ab3731b8be01e5fb76537a90d82"
Last-Modified: Sun, 29 Jan 2023 14:41:44 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1039
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79131e1e2edbb515-OSL
money-easilyhia.buzz/assets/favicon.ico
200 OK 2.1 kB URL HTTP/1.1 money-easilyhia.buzz/assets/favicon.ico
IP
File type MS Windows icon resource - 1 icon, 48x48, 32 bits/pixel\012- data
Hash 94a425202351ffed86ba3ce74b400f3f
6f252a965dc311636496ebfee97deb77559289d8
9499d770110f9762dcab77728714493571be626ac44c27a8899d74604ba99879
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.buzz domain
GET /assets/favicon.ico HTTP/1.1
Host: money-easilyhia.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://money-easilyhia.buzz/
Cookie: loclang=en; firstreg=1
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 15:49:24 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:45:53 GMT
ETag: W/"632acf41-25be"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=57a8LFAWbh5ERtCxlduWm%2FxheK6I0n6UegQZ6kxQulF95jLxTJQxTXsnzdM2%2FWhBGgWgpSRDfKeixEwpkTmKb73rTnyxxJZ8GN6OqiYa%2FKpQj9BBLhsa%2FJntvizViFAR46%2FhyRLdLA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79131e1e1fb90b59-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700;800&display=swap
200 OK 743 B URL HTTP/2 fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700;800&display=swap
IP
Hash e8c6d00619e0cff89ae7b4b6fa01dc78
2963391aaa75cb2f0ce3b1b6979da0fd8f14aed0
ceffddbb802d05d1bb9e9c6c77f0a38241c6b429d2f2ab7a4432bf09cd238402
GET /css2?family=Inter:wght@300;400;500;600;700;800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://money-easilyhia.buzz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 29 Jan 2023 15:49:24 GMT
date: Sun, 29 Jan 2023 15:49:24 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?a711c146eb2a9ed4508f24c2f56c85b5
200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?a711c146eb2a9ed4508f24c2f56c85b5
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (625)
Hash 78e55ebece410422b9d6c8c5694b1378
fbc4fcaf0a90a681233f4f1a1de949a527454ec8
27e6b16f99e7978d9fc9fcbe923f3c4aba4bb0515fd24a63de81a9fac31edee2
GET /hm.js?a711c146eb2a9ed4508f24c2f56c85b5 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://money-easilyhia.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11263
Content-Type: application/javascript
Date: Sun, 29 Jan 2023 15:49:25 GMT
Etag: 1de98ec5ca1f7f70c2dc46f35c83c8a2
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=E392FED9D73AF0EA; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=877423941&si=a711c146eb2a9ed4508f24c2f56c85b5&v=1.3.0&lv=1&sn=63844&r=0&ww=1280&u=http%3A%2F%2Fmoney-easilyhia.buzz%2F&tt=MoneyEasily%20-%20Get%20Paid%20to%20Complete%20Task%20and%20Make%20Money%20Online
200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=877423941&si=a711c146eb2a9ed4508f24c2f56c85b5&v=1.3.0&lv=1&sn=63844&r=0&ww=1280&u=http%3A%2F%2Fmoney-easilyhia.buzz%2F&tt=MoneyEasily%20-%20Get%20Paid%20to%20Complete%20Task%20and%20Make%20Money%20Online
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=877423941&si=a711c146eb2a9ed4508f24c2f56c85b5&v=1.3.0&lv=1&sn=63844&r=0&ww=1280&u=http%3A%2F%2Fmoney-easilyhia.buzz%2F&tt=MoneyEasily%20-%20Get%20Paid%20to%20Complete%20Task%20and%20Make%20Money%20Online HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://money-easilyhia.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sun, 29 Jan 2023 15:49:26 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=18762A5B318E9142; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5435
Expires: Sun, 29 Jan 2023 17:20:01 GMT
Date: Sun, 29 Jan 2023 15:49:26 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5435
Expires: Sun, 29 Jan 2023 17:20:01 GMT
Date: Sun, 29 Jan 2023 15:49:26 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5435
Expires: Sun, 29 Jan 2023 17:20:01 GMT
Date: Sun, 29 Jan 2023 15:49:26 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5435
Expires: Sun, 29 Jan 2023 17:20:01 GMT
Date: Sun, 29 Jan 2023 15:49:26 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5435
Expires: Sun, 29 Jan 2023 17:20:01 GMT
Date: Sun, 29 Jan 2023 15:49:26 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: f644ca78-a07a-43d1-96e4-95bcdecff7fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPGLfFtOIAMFp7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf83e2-202ca7160544acd24259bd5d;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:08:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xRwqrWS66l4qJfg2HnGphN1dbrIUod9XKW3zTk_-Km9AQRPyV2UqWg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 20:46:16 GMT
age: 68590
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 10a6491e2c1dfde68c7cd7297e70700f
d0f195319825a6d3e5e50ad15b2fcab27cb65896
4d9353d5874e5ea03c25e1562db5f479c222a48db526fdd10ede7c2e6a4dd874
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11470
x-amzn-requestid: 62d61967-9380-4ca9-b11a-531425dbd2ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fIf6WFgAIAMF6gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cce042-6d9fe51029094b7f37c0a648;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 07:05:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rUIvvkZQ028ey3klplI-x9oZFugon5HsAWT-SN2GQo5hBeBJWqoMAg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 04:01:15 GMT
age: 42491
etag: "d0f195319825a6d3e5e50ad15b2fcab27cb65896"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hAzO-IMqc1CFpiBAlRl8seIYL9UonyrBMATibovyFq5kEuaweY_VyA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 21:56:46 GMT
age: 64360
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg
200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4c77437e3a7361861aed8bfecbfe6bd6
fefd238c13c0fdfb7d964c90fcc8a8cbbf953034
282d15c443cb6232ae0a30046a0dc24360617355a4651cdba59b11e6f7313d8a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5594
x-amzn-requestid: a13a8181-5783-42c1-9fda-1fcf8db4f0f9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVpetFv-oAMF_Kg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d222c4-68165b34525ca2a054f0b505;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 06:50:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rJbdYq3bZDatEVvC83VR5WiWOFwNwVZEB16ez21KdnQJJrgJ-yKPCg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 14:55:48 GMT
age: 3218
etag: "fefd238c13c0fdfb7d964c90fcc8a8cbbf953034"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5dcfee7f-f43c-4828-8113-8ba8eb26f727.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5dcfee7f-f43c-4828-8113-8ba8eb26f727.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d5ed99a9aed6f367efc5c9498ce87ff1
3123eb6f550c51fe17fc62eff943b3739e239a9b
536f45bf2eb41f7056df8b34964538005d6a0a4c6157def3fbdd9487f8c79027
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5dcfee7f-f43c-4828-8113-8ba8eb26f727.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10168
x-amzn-requestid: fe58fe3c-dd23-4614-b5a2-e91ef68c2ab7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fFOD7H-NIAMFcxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb907f-687fc51741d7ff97182d1955;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 07:13:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SORDxKQP-GudaCfRIbrmexyEeJXBExRipfF8sPHI-UkaYhR_RkDjvQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 00:55:27 GMT
age: 53639
etag: "3123eb6f550c51fe17fc62eff943b3739e239a9b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg
200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43c4a8e963936a8064dbd2bd3c67b905
8508727c97127c98b886833af28b3470306216c2
070c29fe7c0a227029483d675eac863904ab6b291467acdf62167f4845699c21
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8652
x-amzn-requestid: 21c734f0-cd73-4691-812e-7cd3908f8f89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fRbH4HtPIAMFUGA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d07232-291e20fb41c53db7664d04b2;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 00:05:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: j2zDtHz3pZLHJKG3-PaITyUzHOQBEELzuDIt7sbB8X_B10OxG394tg==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 06:49:29 GMT
age: 32397
etag: "8508727c97127c98b886833af28b3470306216c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
188.114.96.1
35.241.9.150
23.36.77.32
104.18.20.226
103.235.46.191