Overview

URL ckk.ai/DDqyXJdt
IP104.21.83.50
ASNCLOUDFLARENET
Location
Report completed2022-09-11 05:26:08 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-11 2 upgulpinon.com/27/55dfd372293146a7ca113106d0d608dd Malware
2022-09-11 2 upgulpinon.com/1?z=5324394 Malware
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-09-11 2 trustbummler.com Sinkholed
2022-09-10 2 belickitungchan.com Sinkholed
2022-09-11 2 punoocke.com Sinkholed
2022-09-11 2 punoocke.com Sinkholed
2022-09-10 2 belickitungchan.com Sinkholed
2022-09-10 2 belickitungchan.com Sinkholed
2022-09-10 2 belickitungchan.com Sinkholed
2022-09-10 2 belickitungchan.com Sinkholed
2022-09-11 2 punoocke.com Sinkholed
2022-09-11 2 punoocke.com Sinkholed


Files

No files detected



Passive DNS (31)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS r3.o.lencr.org (14) 344 2020-12-02 08:52:13 UTC 2022-09-11 04:30:20 UTC 23.33.119.27
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-11 04:55:37 UTC 54.187.160.31
mnemonic passive DNS www.gstatic.com (1) 0 2016-07-26 09:37:06 UTC 2022-09-10 04:47:02 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS mediasama.com (14) 166244 2015-11-22 05:12:08 UTC 2022-09-11 05:00:46 UTC 144.217.67.42
mnemonic passive DNS iclickcdn.com (1) 45415 2020-03-25 19:06:34 UTC 2022-09-11 01:34:15 UTC 104.26.12.118
mnemonic passive DNS ckk.ai (2) 0 2019-04-22 20:44:42 UTC 2022-09-11 03:31:48 UTC 104.21.83.50 Unknown ranking
mnemonic passive DNS ocsp.sectigo.com (3) 487 2018-12-17 11:31:55 UTC 2022-09-11 04:06:17 UTC 104.18.32.68
mnemonic passive DNS my.rtmark.net (1) 9054 2017-08-22 14:11:49 UTC 2022-09-11 04:33:22 UTC 139.45.195.8
mnemonic passive DNS www.recaptcha.net (1) 2060 2017-06-22 10:23:09 UTC 2022-09-10 05:06:17 UTC 142.250.74.131
mnemonic passive DNS ajax.googleapis.com (1) 12905 2019-10-15 17:52:08 UTC 2022-09-11 00:12:21 UTC 172.217.21.170
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-10 04:30:10 UTC 34.120.237.76
mnemonic passive DNS punoocke.com (4) 0 2022-05-04 17:25:56 UTC 2022-09-06 23:03:07 UTC 139.45.197.236 Unknown ranking
mnemonic passive DNS ckk.ai (2) 0 2019-04-22 20:44:42 UTC 2022-09-11 03:31:48 UTC 172.67.214.204 Unknown ranking
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-09-10 23:54:45 UTC 93.184.220.29
mnemonic passive DNS cdn.uponelectabuzzor.club (1) 0 2022-03-10 06:30:29 UTC 2022-09-10 17:59:16 UTC 139.45.197.239 Unknown ranking
mnemonic passive DNS tzegilo.com (1) 0 2022-01-14 15:27:15 UTC 2022-09-10 21:46:55 UTC 104.21.22.169 Unknown ranking
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-10 04:48:42 UTC 34.117.237.239
mnemonic passive DNS www.googletagmanager.com (1) 75 2012-12-25 14:52:06 UTC 2022-09-10 04:57:55 UTC 142.250.74.72
mnemonic passive DNS cdn.itskiddoan.club (2) 24539 2021-09-23 10:55:49 UTC 2022-09-10 17:59:16 UTC 139.45.197.236
mnemonic passive DNS forfrogadiertor.com (3) 179003 2021-08-10 02:57:34 UTC 2022-09-05 19:16:26 UTC 139.45.197.239
mnemonic passive DNS fonts.googleapis.com (1) 8877 2014-07-21 13:19:55 UTC 2022-09-11 00:21:41 UTC 142.250.74.10
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-11 00:34:13 UTC 143.204.55.27
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-11 04:40:13 UTC 143.204.55.110
mnemonic passive DNS trustbummler.com (1) 0 2022-05-26 23:39:55 UTC 2022-09-10 23:05:11 UTC 142.91.159.133 Unknown ranking
mnemonic passive DNS onmarshtompor.com (1) 24517 2020-10-19 12:36:32 UTC 2022-09-10 20:18:25 UTC 139.45.197.243
mnemonic passive DNS ocsp.pki.goog (7) 175 2017-06-14 07:23:31 UTC 2022-09-10 04:46:29 UTC 142.250.74.3
mnemonic passive DNS bedrapiona.com (1) 34930 2020-05-08 13:43:48 UTC 2022-09-11 03:19:27 UTC 139.45.197.234
mnemonic passive DNS belickitungchan.com (5) 813914 2021-11-04 02:18:32 UTC 2022-09-10 17:59:28 UTC 139.45.197.239
mnemonic passive DNS upgulpinon.com (8) 83187 2020-06-05 12:59:18 UTC 2022-09-11 01:11:29 UTC 139.45.197.242
mnemonic passive DNS offerimage.com (2) 304078 2019-06-10 11:11:53 UTC 2022-09-10 21:46:55 UTC 104.22.33.172
mnemonic passive DNS fonts.gstatic.com (1) 0 2014-08-29 13:43:22 UTC 2022-09-10 04:46:45 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 104.21.83.50

Date UQ / IDS / BL URL IP
2022-11-27 15:48:05 +0000
0 - 0 - 11 ckk.ai/nebeefe 104.21.83.50
2022-11-27 04:28:36 +0000
0 - 0 - 10 ckk.ai/rj3oFb 104.21.83.50
2022-11-21 09:01:49 +0000
0 - 0 - 9 ckk.ai/dAO33 104.21.83.50
2022-11-20 14:31:03 +0000
0 - 0 - 7 ckk.ai/Vi2eyGx 104.21.83.50
2022-11-19 14:36:36 +0000
0 - 0 - 9 ckk.ai/Myroom120 104.21.83.50

Last 5 reports on ASN: CLOUDFLARENET

Date UQ / IDS / BL URL IP
2022-11-27 15:48:20 +0000
0 - 0 - 3 uop.stravaganz.com/rc/d967a20b58 172.67.198.198
2022-11-27 15:48:05 +0000
0 - 0 - 11 ckk.ai/nebeefe 104.21.83.50
2022-11-27 15:47:39 +0000
0 - 0 - 1 iaduubeipicarrrfprsjjoumaecpoucf.pw/ 104.21.54.124
2022-11-27 15:46:51 +0000
0 - 0 - 12 exee.app/o1cC 104.21.48.127
2022-11-27 15:45:25 +0000
0 - 0 - 2 tinyurl4.ru/a657299612 172.67.194.142

Last 5 reports on domain: ckk.ai

Date UQ / IDS / BL URL IP
2022-11-27 15:48:05 +0000
0 - 0 - 11 ckk.ai/nebeefe 104.21.83.50
2022-11-27 04:28:36 +0000
0 - 0 - 10 ckk.ai/rj3oFb 104.21.83.50
2022-11-26 20:38:23 +0000
0 - 0 - 7 ckk.ai/m4Yau42qj 172.67.214.204
2022-11-21 09:01:49 +0000
0 - 0 - 9 ckk.ai/dAO33 104.21.83.50
2022-11-20 14:31:03 +0000
0 - 0 - 7 ckk.ai/Vi2eyGx 104.21.83.50

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-11-27 12:32:59 +0000
0 - 0 - 7 tushlar.ru/axlat-tushda/ 87.236.16.24
2022-11-23 18:48:13 +0000
0 - 0 - 30 souqsky.net/lK7Z 104.21.78.206
2022-10-07 22:57:39 +0000
0 - 0 - 10 souqsky.net/i166 104.21.78.206
2022-09-13 05:24:52 +0000
0 - 0 - 11 ckk.ai/VXEm8 104.21.83.50
2022-09-12 18:14:28 +0000
0 - 0 - 9 ier.ai/Jk2uKZ 172.67.189.117


JavaScript

Executed Scripts (25)


Executed Evals (1)

#1 JavaScript::Eval (size: 9, repeated: 1) - SHA256: 9312a1adbbf0a4c05fc296d158ec3bd39acfe50e9e98ff02688139aad6fc3351

                                        debugger;
                                    

Executed Writes (1)

#1 JavaScript::Write (size: 7, repeated: 1) - SHA256: 2f26233595d165e6868c5bb9e5e835506039e72c61a36a1bafb0827abfe746a5

                                        Firefox
                                    


HTTP Transactions (89)


Request Response
                                        
                                            GET /DDqyXJdt HTTP/1.1 
Host: ckk.ai
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         172.67.214.204
HTTP/1.1 301 Moved Permanently
                                        
Date: Sun, 11 Sep 2022 05:25:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 11 Sep 2022 06:25:56 GMT
Location: https://ckk.ai/DDqyXJdt
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0HZqIBxbvin4I%2FwI%2BpPf19A0cCWVITX4CgP7tQM81c3TzvGDeXVgppHTYH%2FGYtyyER0Py73LEEBmo0BwKVYztDh4P%2FuoZadiogexsWVOLEmE%2BI0djXrtc74%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748dfc51f9a80b39-OSL
alt-svc: h2=":443"; ma=60

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 11 Sep 2022 05:07:18 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: DTexTQsECbnVCgqszdAueh0jenBhNKuHXXdwyCLs0km3wxH_h5WmXA==
Age: 1118


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20016
Expires: Sun, 11 Sep 2022 10:59:32 GMT
Date: Sun, 11 Sep 2022 05:25:56 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.110
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 10 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HJcShnm0QkBpA_wl6bk1H--mwBaJRhV8jvaTthaQKlSJbLFqJ7F-EQ==
age: 79724
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    742edb4038f38bc533514982f3d2e861
Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 11 Sep 2022 05:25:56 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sun, 11 Sep 2022 04:56:07 GMT
Expires: Sun, 11 Sep 2022 05:04:20 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: D_6mLkUYIjDtwo5hE0N9tdC_5UyvLyrWvqb9g1O64jsqoqLbCRljKw==
Age: 1789


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3600
Cache-Control: 'max-age=158059'
Date: Sun, 11 Sep 2022 05:25:57 GMT
Last-Modified: Sun, 11 Sep 2022 04:25:57 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /DDqyXJdt HTTP/1.1 
Host: ckk.ai
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         104.21.83.50
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Sun, 11 Sep 2022 05:25:57 GMT
set-cookie: AppSession=e5a67b0a13cf2591a24385bb46f20902; path=/; HttpOnly; secure refDDqyXJdt=OWQ3ZDA5NDgzMWIyM2FhMGY4NThhMGVjNmMyMDM4OTA5YTliODdlMjY0ZWQ2OTQyNDU1NzZkOTEwZDBlNDg3OYDPkKjmyK0bfgIeZlkKetNuY2L6fbpswq59jNEE%2F%2BRw; expires=Sun, 11-Sep-2022 05:30:55 GMT; Max-Age=300; path=/; HttpOnly; secure csrfToken=bca83b9d25bce6e7c046f48a949f43a1561affa3814d37ba4ad9c31e639274de14c613defec235c8a41d942ef7fda25370d59925b3153f32f18188afea7f16af; path=/; HttpOnly; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN,SAMEORIGIN
x-robots-tag: noindex, nofollow
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rkYDp9PW6AdtTQBkQEsht8K4ZV8D15ruNsFwizq%2B1YOmpvONq2cgOI3IvFOGMZZH%2BxiFMNX2yYa8tXd2nmGgnxui2xKhD8c2oaEnHWGCd%2FOezDZm8TetULA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 748dfc539b9dfac4-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63089), with CRLF, LF line terminators
Size:   109558
Md5:    8ebf87ab3d9f3faca451a2b50e20ced7
Sha1:   9f5136f09a08680e59075f6df5e11530146ae4f0
Sha256: a8f9e4ec1903a81df1eb44189ecfe4ae95eccdaeb1d5ac4ede1fb0ecf949722d
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 05:25:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   36644
Md5:    19461ebd69804c2d7f38c0a2af7c9789
Sha1:   52eb37c3654541f05c83db8bd574590a5ad8baaf
Sha256: 3af368c40d6048a1cef5c7d8c56bf31c70ad173eaece10d93e2769a2833bb3b5
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "59CC43A489F1C22B36DF11777B04CEB226FA8AA4B2263954950B01B5FC0B1503"
Last-Modified: Sat, 10 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15550
Expires: Sun, 11 Sep 2022 09:45:07 GMT
Date: Sun, 11 Sep 2022 05:25:57 GMT
Connection: keep-alive

                                        
                                            GET /gtag/js?id=UA-113561579-8 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 11 Sep 2022 05:25:57 GMT
expires: Sun, 11 Sep 2022 05:25:57 GMT
cache-control: private, max-age=900
last-modified: Sun, 11 Sep 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41924
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1615)
Size:   41924
Md5:    dba1862b4652fc785a36e48e132d7c22
Sha1:   96bde660828c016ba26fdaa92817209d9d34e702
Sha256: e80505efafcca0bc17f3d89708287f3a08af45d17bc4e9629a229a10671bc90e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 05:25:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   51038
Md5:    dc83a74a95e69bc12439d3ea5c262249
Sha1:   95d8c75104ab8cdbe9d644b9c2b6ef461942e72d
Sha256: 0115395c82f7ffd8611ba98d119a3ac4087a24c877cdfe9b80e8fd900d2aa8ca
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1191D0AF8A76E1867837FC51BD40521AD9337140A4F59D412ADC5440661D5A63"
Last-Modified: Sat, 10 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18055
Expires: Sun, 11 Sep 2022 10:26:52 GMT
Date: Sun, 11 Sep 2022 05:25:57 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C150471BD3F1816159DE8479A12A4BE74D1C35ACD275AE30916F186AF7395BD4"
Last-Modified: Sat, 10 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15532
Expires: Sun, 11 Sep 2022 09:44:49 GMT
Date: Sun, 11 Sep 2022 05:25:57 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: iTinB+eWB2uXwlA3ACjmQQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         54.187.160.31
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: /sF9gD3QYq5Pjk/jvRsRq2MsPNE=

                                        
                                            GET /tSXyF1oQpqC/14504 HTTP/1.1 
Host: trustbummler.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.91.159.133
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Sun, 11 Sep 2022 05:25:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ckk.ai
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Mon, 12-Sep-2022 05:25:57 GMT; Max-Age=86400; path=/; secure; SameSite=None GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Mon, 12-Sep-2022 05:25:57 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   25
Md5:    d488addc5df5fc9b9ff4135bb4e3a823
Sha1:   6ce56f48e851df4d562b43d3bc1269a504ae83fc
Sha256: d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /42/38?z=5324394 HTTP/1.1 
Host: upgulpinon.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: scm=1; OAID=f3fc1d952e0d4a548c306c87804c84fb; oaidts=1662873957
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.242
HTTP/2 200 OK
                                        
server: nginx
date: Sun, 11 Sep 2022 05:25:57 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 12aa16b0babc766299a6e30c0d53215f
access-control-expose-headers: X-Sc
set-cookie: OAID=f3fc1d952e0d4a548c306c87804c84fb; expires=Mon, 11 Sep 2023 05:25:57 GMT; secure; SameSite=None oaidts=1662873957; expires=Mon, 11 Sep 2023 05:25:57 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C26F4B84732DF6359F7CAA0227F99100EDAAF5FFA0F2A4A267D5931AAF7C2B9F"
Last-Modified: Sat, 10 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3069
Expires: Sun, 11 Sep 2022 06:17:06 GMT
Date: Sun, 11 Sep 2022 05:25:57 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 05:25:57 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2022 18:25:21 GMT
Expires: Thu, 15 Sep 2022 18:25:20 GMT
Etag: "a653f55ef7e337bd259cd76d14fe2adc91c11603"
Cache-Control: max-age=391762,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 748dfc5bcd890b45-OSL

                                        
                                            GET /gid.js HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.195.8
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Sun, 11 Sep 2022 05:25:57 GMT
content-length: 65
access-control-allow-origin: https://ckk.ai
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=269f7bf030b74658a67bff176b2ef6a3; expires=Mon, 11 Sep 2023 05:25:57 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   65
Md5:    88a9ee0f50e7de91372b218e112b4404
Sha1:   37961630d79b78754b8523689c99a6d22eac8d96
Sha256: 52a24f7935b8a0a0f4bf417e1f784f320d6722e6f65b94eb64a0c28f0316d985
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 05:25:57 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 09 Sep 2022 03:02:17 GMT
Expires: Fri, 16 Sep 2022 03:02:16 GMT
Etag: "7e3edc42b5335cdc558d694b3fd5a610532fa66d"
Cache-Control: max-age=422778,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 748dfc5b19dc1bfe-OSL

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7141212B147E753B73ED80DDE317941BD35EF26637700918BC36CE22E08109FF"
Last-Modified: Fri, 09 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3089
Expires: Sun, 11 Sep 2022 06:17:26 GMT
Date: Sun, 11 Sep 2022 05:25:57 GMT
Connection: keep-alive

                                        
                                            OPTIONS /9?z=5324394&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FDDqyXJdt&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=269f7bf030b74658a67bff176b2ef6a3 HTTP/1.1 
Host: upgulpinon.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ckk.ai/
Origin: https://ckk.ai
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.242
HTTP/2 204 No Content
                                        
server: nginx
date: Sun, 11 Sep 2022 05:25:57 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://ckk.ai
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "19DFD3BD4746B5E6E431D257A3450730A066EFDC64EEF4387CFAF425DF6E9A78"
Last-Modified: Fri, 09 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10143
Expires: Sun, 11 Sep 2022 08:15:01 GMT
Date: Sun, 11 Sep 2022 05:25:58 GMT
Connection: keep-alive

                                        
                                            GET /1?z=5251403 HTTP/1.1 
Host: cdn.uponelectabuzzor.club
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.239
HTTP/2 404 Not Found
content-type: text/plain; charset=utf-8
                                        
server: nginx
date: Sun, 11 Sep 2022 05:25:58 GMT
content-length: 7
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: a81f391f4226c788a6c09e8f8de224cd
access-control-expose-headers: X-Sc
x-sc: 4KdnrdofxFOHMlcU
set-cookie: scm=1; expires=Mon, 11 Sep 2023 05:25:58 GMT; secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   7
Md5:    3b66fb7a307f3ca29bd59b2f354055bd
Sha1:   d6ae6ccb37eb272d94d4a5191fa50372f4d06bba
Sha256: de68e8f959bc131328db7581860711517d6ae1eb03aa047043dc7f826906e5a4
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1CCE2CCE3F4A823B6572C28B329E30E3CE1184DE5E42275924E94FC42C1302D8"
Last-Modified: Sat, 10 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19952
Expires: Sun, 11 Sep 2022 10:58:30 GMT
Date: Sun, 11 Sep 2022 05:25:58 GMT
Connection: keep-alive

                                        
                                            GET /27/55dfd372293146a7ca113106d0d608dd HTTP/1.1 
Host: upgulpinon.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: scm=1; OAID=f3fc1d952e0d4a548c306c87804c84fb; oaidts=1662873957
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.242
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 11 Sep 2022 05:25:57 GMT
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Wed, 07 Sep 2022 05:02:06 GMT
expires: Wed, 07 Oct 2082 05:02:06 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   131662
Md5:    f7a54a982ae80ac6c12003a14d78a5a0
Sha1:   8764bcf437ff925fae9178c23222ac160f48148c
Sha256: 927dce498fbf78cf3648042fae2784d98a3275213f6fc302579fb904c0611461

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /5/3491150/?oo=1&js_build=iclick-v1.425.0 HTTP/1.1 
Host: bedrapiona.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.234
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 11 Sep 2022 05:25:57 GMT
x-trace-id: 015a39c4a9f206451f606d104ecbefcf
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://ckk.ai
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=468bcbcac9614948b0cb094dbbb9dba5; expires=Mon, 11 Sep 2023 05:25:57 GMT; path=/; secure; SameSite=None oaidts=1662873957; expires=Mon, 11 Sep 2023 05:25:57 GMT; path=/; secure; SameSite=None syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (2742), with no line terminators
Size:   1304
Md5:    0858c8d880fdaf0e6abcf8b3786610a7
Sha1:   622fdd86edabc5f4bebd3c0cb49feada0ebfcfa5
Sha256: 0998e04a8bc162320e36bb7f4067a037ffab0a25170d71748ed7c0235bdc1180
                                        
                                            GET /11?rnd=2731121218&z=5324394&b=14170811&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=TdMFOclU7K9cAt6MwM0PVrS21LsVJQ1LRNLM0j89E1Z1Gx_0UeaAMEUetucwdnnUZYIXO5JRJNavdU-Neny-k5XDY1gCmBFpReWZNzLQiI3lQoS1-_AK48NgnwMrw7-fZv-Qo1Gmdl3rE-_kJGrIdTXTIFFi5ZmuCF6-qrIXZoLzZw6UG9vzeyAxvFQE5N61CS7LkizlG3iWqq2SP904eiFFgD6HssEQAd1Bx2ALW0G4vIYnzmM2TC1n9slZLdZBLuGMy2Nh2XFIpb-h4eN20FzgTVnSAdk3ONXpisvgrLnco_-9O_whSrTJREmgGTOEVtjmJ2swNMDQKI-TPFFyx3_Q5NrTN1MrSYN6ftDq4cXvgis_1UPT-YHQArnmfo32qWm1C75Cx2fm_-GWMVEaqxMRi950Rx0fmBTzUDsdRTUONaCWRtNV1iABFz2_cAixPdg7GSNpazAXDieiJnLSokK3lq5kcGQiuD8CsilwWQKcLUebWGZe2Ed4ZO3MJV_kERfCLap7GDMfkJrvFuhdBkfVXJcIIeeaToVY0thcBV6-jwFRn_PXxhB5it89fUafasXqQA-8EmoJ_hqHxLRxuEsK58ur3HggB7eUcDVbzPLlQZ5Zuo-6t8GPHT97O78cVUzoW9br6CnJQ56E70fsduvZ3FlLz0ABrvc2OA5ERFsqHlJrzhoxQ7ObkJa_kiwHpk3q1NAVHwXcQIFs&ruid=310f9611-11ee-4418-b905-1ce6b367bc3c&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FDDqyXJdt&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=315 HTTP/1.1 
Host: upgulpinon.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: scm=1; OAID=269f7bf030b74658a67bff176b2ef6a3; oaidts=1662873957
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.242
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Sun, 11 Sep 2022 05:25:58 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://ckk.ai
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 13b27a718acead461b6129fb10aeedbc
access-control-expose-headers: X-Sc
set-cookie: OAID=269f7bf030b74658a67bff176b2ef6a3; expires=Mon, 11 Sep 2023 05:25:58 GMT; secure; SameSite=None oaidts=1662873957; expires=Mon, 11 Sep 2023 05:25:58 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /121?rnd=103024011&z=5324394&b=14170811&c=5908031&var=&d=https%3A%2F%2Fmediasama.com%2Fstarharem%2F01%2Fs%2Findex_rt.html&cln={CELL_NUMBER}&btp=7&rb=TdMFOclU7K9cAt6MwM0PVrS21LsVJQ1LRNLM0j89E1Z1Gx_0UeaAMEUetucwdnnUZYIXO5JRJNavdU-Neny-k5XDY1gCmBFpReWZNzLQiI3lQoS1-_AK48NgnwMrw7-fZv-Qo1Gmdl3rE-_kJGrIdTXTIFFi5ZmuCF6-qrIXZoLzZw6UG9vzeyAxvFQE5N61CS7LkizlG3iWqq2SP904eiFFgD6HssEQAd1Bx2ALW0G4vIYnzmM2TC1n9slZLdZBLuGMy2Nh2XFIpb-h4eN20FzgTVnSAdk3ONXpisvgrLnco_-9O_whSrTJREmgGTOEVtjmJ2swNMDQKI-TPFFyx3_Q5NrTN1MrSYN6ftDq4cXvgis_1UPT-YHQArnmfo32qWm1C75Cx2fm_-GWMVEaqxMRi950Rx0fmBTzUDsdRTUONaCWRtNV1iABFz2_cAixPdg7GSNpazAXDieiJnLSokK3lq5kcGQiuD8CsilwWQKcLUebWGZe2Ed4ZO3MJV_kERfCLap7GDMfkJrvFuhdBkfVXJcIIeeaToVY0thcBV6-jwFRn_PXxhB5it89fUafasXqQA-8EmoJ_hqHxLRxuEsK58ur3HggB7eUcDVbzPLlQZ5Zuo-6t8GPHT97O78cVUzoW9br6CnJQ56E70fsduvZ3FlLz0ABrvc2OA5ERFsqHlJrzhoxQ7ObkJa_kiwHpk3q1NAVHwXcQIFs&bag=YpQguAWl53i6aOlyjZ6GNFFcjsDW3IgL&ruid=310f9611-11ee-4418-b905-1ce6b367bc3c HTTP/1.1 
Host: upgulpinon.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: scm=1; OAID=269f7bf030b74658a67bff176b2ef6a3; oaidts=1662873957
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.242
HTTP/2 302 Found
                                        
server: nginx
date: Sun, 11 Sep 2022 05:25:58 GMT
content-length: 0
location: https://mediasama.com/starharem/01/s/index_rt.html
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: a4fd91986609cb33be32b13a8d80c048
access-control-expose-headers: X-Sc
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "276BA4CE07448C372B9A831507C754DD93A04C61DDCC7D327CC3A49651769F1F"
Last-Modified: Thu, 08 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18697
Expires: Sun, 11 Sep 2022 10:37:35 GMT
Date: Sun, 11 Sep 2022 05:25:58 GMT
Connection: keep-alive

                                        
                                            GET /11?rnd=2731121218&z=5324394&b=14170811&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=TdMFOclU7K9cAt6MwM0PVrS21LsVJQ1LRNLM0j89E1Z1Gx_0UeaAMEUetucwdnnUZYIXO5JRJNavdU-Neny-k5XDY1gCmBFpReWZNzLQiI3lQoS1-_AK48NgnwMrw7-fZv-Qo1Gmdl3rE-_kJGrIdTXTIFFi5ZmuCF6-qrIXZoLzZw6UG9vzeyAxvFQE5N61CS7LkizlG3iWqq2SP904eiFFgD6HssEQAd1Bx2ALW0G4vIYnzmM2TC1n9slZLdZBLuGMy2Nh2XFIpb-h4eN20FzgTVnSAdk3ONXpisvgrLnco_-9O_whSrTJREmgGTOEVtjmJ2swNMDQKI-TPFFyx3_Q5NrTN1MrSYN6ftDq4cXvgis_1UPT-YHQArnmfo32qWm1C75Cx2fm_-GWMVEaqxMRi950Rx0fmBTzUDsdRTUONaCWRtNV1iABFz2_cAixPdg7GSNpazAXDieiJnLSokK3lq5kcGQiuD8CsilwWQKcLUebWGZe2Ed4ZO3MJV_kERfCLap7GDMfkJrvFuhdBkfVXJcIIeeaToVY0thcBV6-jwFRn_PXxhB5it89fUafasXqQA-8EmoJ_hqHxLRxuEsK58ur3HggB7eUcDVbzPLlQZ5Zuo-6t8GPHT97O78cVUzoW9br6CnJQ56E70fsduvZ3FlLz0ABrvc2OA5ERFsqHlJrzhoxQ7ObkJa_kiwHpk3q1NAVHwXcQIFs&ruid=310f9611-11ee-4418-b905-1ce6b367bc3c&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FDDqyXJdt&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 HTTP/1.1 
Host: upgulpinon.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: scm=1; OAID=269f7bf030b74658a67bff176b2ef6a3; oaidts=1662873957
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.242
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Sun, 11 Sep 2022 05:25:58 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://ckk.ai
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 12dfede90b5874e86449a3a0cd295977
access-control-expose-headers: X-Sc
set-cookie: OAID=269f7bf030b74658a67bff176b2ef6a3; expires=Mon, 11 Sep 2023 05:25:58 GMT; secure; SameSite=None oaidts=1662873957; expires=Mon, 11 Sep 2023 05:25:58 GMT; secure; SameSite=None oaidvc=1; expires=Mon, 11 Sep 2023 05:25:58 GMT; secure; SameSite=None CNT=1_v1_uzrYAAEAAAAuS_8A; expires=Sun, 11 Sep 2022 06:25:58 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 05:25:58 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2022 12:52:23 GMT
Expires: Thu, 15 Sep 2022 12:52:22 GMT
Etag: "e4b0ac57e7c2d6d00e508cd99231b0f8d58942af"
Cache-Control: max-age=371783,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 748dfc5f5c0f1bfe-OSL

                                        
                                            GET /apu.php?zoneid=5225632 HTTP/1.1 
Host: cdn.itskiddoan.club
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.236
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 11 Sep 2022 05:25:57 GMT
x-trace-id: f10b9664afb539cd2d10fb3afb6a753c
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=9ab7dddda8f34ed8b34cbb855ee220b8; expires=Mon, 11 Sep 2023 05:25:57 GMT; path=/; secure; SameSite=None oaidts=1662873957; expires=Mon, 11 Sep 2023 05:25:57 GMT; path=/; secure; SameSite=None syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   30615
Md5:    94a980773b952660d3c90c083543b473
Sha1:   fb0fda0264e57788d891b642033cc829370aa4b7
Sha256: eae52059099002b216103d980ad46819ae2f07624bc981ca9cbc8797a5b13e51
                                        
                                            GET /401/5292343?oo=1&oaid=269f7bf030b74658a67bff176b2ef6a3 HTTP/1.1 
Host: belickitungchan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: OAID=5aade69874ba43c2957e09b92340edbd
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 11 Sep 2022 05:25:58 GMT
x-trace-id: 605a39a84908a2e69066a520d88914ba
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://ckk.ai
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=269f7bf030b74658a67bff176b2ef6a3; expires=Mon, 11 Sep 2023 05:25:58 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1067
Md5:    fb4fd92fa85ddfaeb02fe780f5586b25
Sha1:   a97b497c562e6fdd36fd71609dd446f2e6ff8b85
Sha256: edc80132e2062dcd04324be7da51116043dcaee561f3341a89216a58312258bf

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /www/images/e737027d1376f9277c99e68048d441cc.png HTTP/1.1 
Host: offerimage.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.22.33.172
HTTP/2 200 OK
content-type: image/png
                                        
date: Sun, 11 Sep 2022 05:25:58 GMT
content-length: 49738
last-modified: Thu, 10 Dec 2020 12:34:30 GMT
etag: "5fd215d6-c24a"
expires: Sun, 11 Sep 2022 07:06:09 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 80389
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 748dfc602b7d9938-ARN
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size:   49738
Md5:    e737027d1376f9277c99e68048d441cc
Sha1:   d102eda710502202134c74eaa576c6e8a76a23a3
Sha256: a83162955bfc853f1d09d18a704fbe8400169a71e6f2e212b65c146d766bf6bc
                                        
                                            GET /401/5292343 HTTP/1.1 
Host: punoocke.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.236
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 11 Sep 2022 05:25:58 GMT
x-trace-id: 06e6ecf49285c7a3d1a608e70f271e2c
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=70a84b62e490493eba73ac985334e547; expires=Mon, 11 Sep 2023 05:25:58 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   45357
Md5:    bfe6ef5533f490f49e527f12dc953b6c
Sha1:   887e5003a5552a9294db50ce002ccc54452b9990
Sha256: 1849fa518e3e4c086e7248409d9673fdf6b0c4ca72679f9c09c9060aa8e5abc1

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /401/5292343?oo=1&oaid=269f7bf030b74658a67bff176b2ef6a3 HTTP/1.1 
Host: punoocke.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: OAID=70a84b62e490493eba73ac985334e547
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.236
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 11 Sep 2022 05:25:58 GMT
x-trace-id: dd1a6611be5870625f56bd2f4cbe359e
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://ckk.ai
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=269f7bf030b74658a67bff176b2ef6a3; expires=Mon, 11 Sep 2023 05:25:58 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (2052)
Size:   20787
Md5:    61540a7fa58afd74979b70ca92ca2adb
Sha1:   34b920505e508172065f826bd829db13c8a54914
Sha256: 37df61685e5fae6a3bf5d27d1a9cebb68cd582d9d56e46d87cdfeb752a92eff6

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 05:25:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit HTTP/1.1 
Host: www.recaptcha.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.131
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
expires: Sun, 11 Sep 2022 05:25:58 GMT
date: Sun, 11 Sep 2022 05:25:58 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 589
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (921), with no line terminators
Size:   589
Md5:    ccc21d0d49199fd4bd9459478d13cb73
Sha1:   133ae31908d06b58ddd61e1db51c277fd4cba47a
Sha256: 208faf9933968aa2e7d8ef5b5080d54e87d06c08c70824487213b0785fc8e0b6
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "72091528600D4A22313AF10AF5ADC9B58F612F12232F7D83F905021EAB0A05FF"
Last-Modified: Fri, 09 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=920
Expires: Sun, 11 Sep 2022 05:41:18 GMT
Date: Sun, 11 Sep 2022 05:25:58 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 05:25:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 05:25:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__en.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 157166
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 17:23:20 GMT
expires: Wed, 06 Sep 2023 17:23:20 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 06 Sep 2022 00:04:24 GMT
age: 388958
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (539)
Size:   157166
Md5:    026df0dfed2314af108e700900288961
Sha1:   51c2a55bca7d65c549ef138d1294cac2aa98dd96
Sha256: 24eefc59f5d298ce40bdd33c8157ad14631984159fca8e5980037366c44c2b34
                                        
                                            GET /apu.php?zoneid=5225632 HTTP/1.1 
Host: cdn.itskiddoan.club
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: OAID=9ab7dddda8f34ed8b34cbb855ee220b8; oaidts=1662873957
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.236
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 11 Sep 2022 05:25:58 GMT
x-trace-id: 5e4fc36887e2225755ce06871f774047
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=9ab7dddda8f34ed8b34cbb855ee220b8; expires=Mon, 11 Sep 2023 05:25:58 GMT; path=/; secure; SameSite=None oaidts=1662873957; expires=Mon, 11 Sep 2023 05:25:58 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   29356
Md5:    36273dc9bad88244f15c3407acc6c1da
Sha1:   62a06e6d89cd4e9694b6bc20d4c96f00487376db
Sha256: 2b8d15c7e6e672e5e937b1aacfa2e843b10f16681a84972663ff927de8f27481
                                        
                                            GET /starharem/01/s/index_rt.html HTTP/1.1 
Host: mediasama.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Sun, 11 Sep 2022 05:25:58 GMT
Server: Apache
Last-Modified: Wed, 20 Jul 2022 09:11:51 GMT
ETag: "17a0-5e438fdce23c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1525


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1525
Md5:    30597b59f3cb1eadf603fcfb21952340
Sha1:   baca3a552764959edd4fc56947acc9a4f33822de
Sha256: 6ac92da5b37d94c53f231a18bb88be006ae20f1724a63151a97ed918d86cb25d
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 05:25:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.217.21.170
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Sep 2022 05:04:26 GMT
expires: Sat, 09 Sep 2023 05:04:26 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 174092
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   30399
Md5:    0f83cadc148d2ad7e53c91f6c4ee05bb
Sha1:   90035c5fffedf4b0f099465f6b929a030b46c92b
Sha256: 3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17296
Expires: Sun, 11 Sep 2022 10:14:14 GMT
Date: Sun, 11 Sep 2022 05:25:58 GMT
Connection: keep-alive

                                        
                                            OPTIONS /500/5292343?excludes=&oaid=269f7bf030b74658a67bff176b2ef6a3&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fckk.ai%2FDDqyXJdt&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: belickitungchan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://ckk.ai/
Origin: https://ckk.ai
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
                                        
server: nginx
date: Sun, 11 Sep 2022 05:25:58 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://ckk.ai
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17296
Expires: Sun, 11 Sep 2022 10:14:14 GMT
Date: Sun, 11 Sep 2022 05:25:58 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17296
Expires: Sun, 11 Sep 2022 10:14:14 GMT
Date: Sun, 11 Sep 2022 05:25:58 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17296
Expires: Sun, 11 Sep 2022 10:14:14 GMT
Date: Sun, 11 Sep 2022 05:25:58 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e82f3ab-3fe6-43bc-932c-936ec582e5cf.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7017
x-amzn-requestid: df5e57d7-e54c-4b5a-aa1b-a9aee889842e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ1k_Et0oAMFSjQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d02ec-50d15bba03579a935342e22f;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:34:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LsqH-LbjMGWrhYB93Qkvq2qVhqNs-3MWgrrOFzC8qPcY3fF5ujSD_g==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:54:44 GMT
age: 27074
etag: "c893d7475856809a59486e0bcebd6d662d1fc56f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7017
Md5:    fea5dfc4a6a5093fd81899ee4a79d446
Sha1:   c893d7475856809a59486e0bcebd6d662d1fc56f
Sha256: 915fb97690be97d97cb298fc60ceb4cf7c3ed8fb437836beb2d590a8e238363c
                                        
                                            GET /starharem/01/s/styles.css HTTP/1.1 
Host: mediasama.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sun, 11 Sep 2022 05:25:58 GMT
Server: Apache
Last-Modified: Thu, 07 Apr 2022 08:02:29 GMT
ETag: "2638-5dc0be6400e82-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2406


--- Additional Info ---
Magic:  ASCII text, with very long lines (420)
Size:   2406
Md5:    8e7117f5f47cb6cde0a8e8eb38b16dbb
Sha1:   617fd3f0d3f420ee1967a20fb0b0af4ac34eca03
Sha256: 794f8aa66b6afcf9b7d9bfe5952860436dcfee6bf82e4368af6bc838ce89be98
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc91b46a1-040b-46aa-a7a1-af67f0058b83.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7519
x-amzn-requestid: 8d8a8df6-abf5-45dd-8d78-de5ae715a9d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YE_UNEoWoAMFRLw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631845b4-0101ca7a09e432f305aa7066;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 07:18:12 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: Z0Z4IozbbythqWA7mNaqtO4NWbLi1zL2G6HmMGP0c9VqIzMugvVh_Q==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 00:00:49 GMT
age: 19509
etag: "b3491a6f12c97c8e1848a206a185fae29213c1e5"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7519
Md5:    bb1a86dcf94db0a29a6ebe21866766d4
Sha1:   b3491a6f12c97c8e1848a206a185fae29213c1e5
Sha256: d05619e519fed6c0b6c0616cf540908006a68f127b25e38fb9d041dfe2546df4
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dd9e47f-6214-4e20-b9ff-3e738ad551e3.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6269
x-amzn-requestid: 8f3cabdd-78c3-47d2-841b-02b674a79123
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ1k_FSCoAMFywQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d02ec-4b44c935456026ba700a5759;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:34:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: cde3-P7vxpXDy-IwW-FDBju-dTmUGqfBlf5mRVDGg3yOCofj-Cxq7A==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:53:39 GMT
age: 27139
etag: "0c0c1f84d8693d0c150c97faed21204622d48132"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6269
Md5:    47ae5cf125ce99bad80c283de8a85cec
Sha1:   0c0c1f84d8693d0c150c97faed21204622d48132
Sha256: 95f5b8cddbfcdb2b6105ed5a0d5ff0dd86390839e5df7416d4f879d69fcf20c1
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8092dc3d-1f2d-4e22-b40a-bf1c53ea42e6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10298
x-amzn-requestid: f2e2d57b-1f6f-401a-bf0d-ca5c05dd5e59
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YE-nmHBKIAMFrZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63184496-52d1369463143fc94894e347;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 07:13:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: PRnDEhi5jnNROYiVXzfn4b_vf-OHnwO5RD38I1bLV8JEJb2gDYrqvg==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:40:34 GMT
age: 27924
etag: "a9f77626875d68e1aea2516f78d491eba9969e37"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10298
Md5:    99bd16c51d8e4853d6ee542d2ec9fb22
Sha1:   a9f77626875d68e1aea2516f78d491eba9969e37
Sha256: b360c3c9fa12dc4f57fdbfc88fe820ecee1c049f2d43f44cd38b740513d8e9f8
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66c0f84d-aba2-4ce6-9e03-ee51e1c347be.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6889
x-amzn-requestid: c82ac543-90cd-4aeb-a65b-7e1bbbacc407
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ2UEE-3IAMFYBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d0419-427a29067c9c92ec0db6567f;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:39:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: mNvNO0HJjZ1zwPKcjfqiVOnCL0CYXc8BPDSFbV6MXVW71IVt-2K3mQ==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:46:54 GMT
age: 27544
etag: "7aa14fcd982a5cee38d58fc3c89edc4a8daf4c97"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6889
Md5:    57d797a1c3f6589746a1135bdb19f54f
Sha1:   7aa14fcd982a5cee38d58fc3c89edc4a8daf4c97
Sha256: ff8855ca951f53ed5f3886cc81a7f28384d41288edeca4fdc621250e4d01c6fe
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7a9494e-0e8b-451b-806d-72da68860cab.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 16983
x-amzn-requestid: adf7a560-2f6c-41ba-97b2-860515511e5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YH-CxFp-oAMF9yg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631976de-5f4efe0a705012957cf8bbd4;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 05:00:14 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: uoEqiA2HIn5Nbw3RBIqKrCguG-0mLFNBtkB-r3RMitCoJE3fX6wq4w==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 d2575afea3774df33dcf5e5ff475025e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 05:31:56 GMT
age: 86042
etag: "5ce0bc5b075b97639453d67d4f3cea61289b7698"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   16983
Md5:    4c65d6ae04a64d9d01439fb4fca3f017
Sha1:   5ce0bc5b075b97639453d67d4f3cea61289b7698
Sha256: eb48687a5974542d11882f854a86ff083528957b0fbc61c797167d8f04e0ffa9
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 05:25:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /www/images/3d08aacb36c7474e0d13b60f8f4adc14.png HTTP/1.1 
Host: offerimage.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.22.33.172
HTTP/2 200 OK
content-type: image/png
                                        
date: Sun, 11 Sep 2022 05:25:59 GMT
content-length: 66121
last-modified: Mon, 12 Oct 2020 05:50:58 GMT
etag: "5f83eec2-10249"
expires: Sun, 11 Sep 2022 12:30:54 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 60905
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 748dfc63de889938-ARN
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size:   66121
Md5:    3d08aacb36c7474e0d13b60f8f4adc14
Sha1:   e4af2de372b5e3a2211579a5973ef7ed160e7be4
Sha256: 54b0569cf052e12dd373e86031009d0a54a893275a21c2ef863277a9a978ab1c
                                        
                                            GET /starharem/01/s/js/main.js HTTP/1.1 
Host: mediasama.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 11 Sep 2022 05:25:59 GMT
Server: Apache
Last-Modified: Thu, 07 Apr 2022 08:02:50 GMT
ETag: "516-5dc0be78000b5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 549


--- Additional Info ---
Magic:  ASCII text
Size:   549
Md5:    d8fa8e233a4db9fbce0c20d9a57a06fe
Sha1:   2366b2969771aa164bfdca6b5baf916806f6758a
Sha256: f496e19ead804367daa801860cd95a7ec6854965a7c5cf2c49dda71532c19932
                                        
                                            GET /s/luckiestguy/v18/_gP_1RrxsjcxVyin9l9n_j2hTd52.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mediasama.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17360
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Sep 2022 07:02:10 GMT
expires: Fri, 08 Sep 2023 07:02:10 GMT
cache-control: public, max-age=31536000
age: 253429
last-modified: Tue, 19 Apr 2022 18:58:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 17360, version 1.0\012- data
Size:   17360
Md5:    70322c317b1f4e2e17dbc6b672f95f5f
Sha1:   f3dff7c50e1aea33814c6aeeca177ae3ff900bfc
Sha256: 3877b522181765adf66ba89bd68d288ecb9f2483b441baab3424646b0c7aaa0a
                                        
                                            GET /tag.min.js HTTP/1.1 
Host: iclickcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.26.12.118
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
date: Sun, 11 Sep 2022 05:25:57 GMT
x-trace-id: 2dfb7a2813045b5f3695c0481b6b899b
cache-control: max-age=86400
last-modified: Thu, 08 Sep 2022 14:32:55 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Mon, 12 Sep 2022 00:09:06 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 19011
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v8vg4235IyKuZXv0BY2QS082P%2B3HPIFCTkSk1KTeOOwLOniGnnO975cKeno6P6S6tE1%2B51C%2BBNYVd0pcfiNJEVPkRW5M6CoFNbOi2ZaHr9XR1yWzH9pUVPHGOI45Dy4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748dfc59ec84b4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32065)
Size:   106676
Md5:    bc7377859f7cb8e50a150eacc4cb07af
Sha1:   d890cf551feeb3ec5a6e0c3f16af120de2bb3972
Sha256: be8d72f513adfc1c71e6138b92d8b49f905f96074541e6cd367f8ae1bac5572b
                                        
                                            GET /500/5292343?excludes=&oaid=269f7bf030b74658a67bff176b2ef6a3&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fckk.ai%2FDDqyXJdt&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: belickitungchan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: OAID=269f7bf030b74658a67bff176b2ef6a3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 11 Sep 2022 05:25:58 GMT
x-trace-id: 08ed3da4fddc1306b37b88896b93dce3
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://ckk.ai
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=269f7bf030b74658a67bff176b2ef6a3; expires=Mon, 11 Sep 2023 05:25:58 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   21462
Md5:    e42d29cd99a02ca3275af4c37331be43
Sha1:   7896cb6b2d0ae9811e403f6d45d5b77db313677e
Sha256: a74aa789138eaa2b5a473c1f0bf23c2e360917fe67014f0843cdb79541456815

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /starharem/01/s/img/1.jpg HTTP/1.1 
Host: mediasama.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 11 Sep 2022 05:25:59 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:39 GMT
ETag: "60f29-5dc622dfac0e8"
Accept-Ranges: bytes
Content-Length: 397097


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size:   397097
Md5:    43c140ec16ce96d582782ea93eeaa4fe
Sha1:   3390bf8e8708620fc0a851455e4729cb4f0248a2
Sha256: 3e176a04debe08dd522e7f0fbc9f7530880a92fb9845afd7391bbaa764a4ad55
                                        
                                            GET /starharem/01/s/img/2.jpg HTTP/1.1 
Host: mediasama.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 11 Sep 2022 05:25:59 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:41 GMT
ETag: "5a257-5dc622e1424eb"
Accept-Ranges: bytes
Content-Length: 369239


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size:   369239
Md5:    b7d3bd4ae3d5f8477e040e6410517866
Sha1:   2b255c9583c47e5da4069d9c055d3430a0c1e03a
Sha256: 7bb68d5a9a92a500956397e156beb117a0ef605b6747800cacf9c9440b6fc7e4
                                        
                                            GET /starharem/01/s/img/7.jpg HTTP/1.1 
Host: mediasama.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 11 Sep 2022 05:25:59 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:45 GMT
ETag: "4fb99-5dc622e5033f2"
Accept-Ranges: bytes
Content-Length: 326553


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size:   326553
Md5:    c67c9fb0268eea7d188c4c9bc54a0bf4
Sha1:   216b83374ba6f011041b31dd381f22e99ea7a8c1
Sha256: 95ae6eba3fad2ff05cadc95b27fc79a198a9e873371ab5fb7bb97c1661cd4654
                                        
                                            GET /starharem/01/s/img/9.jpg HTTP/1.1 
Host: mediasama.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 11 Sep 2022 05:25:59 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:47 GMT
ETag: "536a9-5dc622e6fb276"
Accept-Ranges: bytes
Content-Length: 341673


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size:   341673
Md5:    a3a888cf217de9be2aa727dd1cc64757
Sha1:   b7bd361dfdceecfc5775d0ed32e5798abd271d5e
Sha256: 2fd4025336ad8a5edd704651a216cf6b9739089ad1c204bd1ea8e114d11770b9
                                        
                                            GET /starharem/01/s/img/8.jpg HTTP/1.1 
Host: mediasama.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 11 Sep 2022 05:25:59 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:47 GMT
ETag: "a6842-5dc622e757ed6"
Accept-Ranges: bytes
Content-Length: 682050


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 0-3584, spot sensor temperature 0.000000, unit celsius, color scheme 0, calibration: offset 0.000000, slope 211035008.000000\012- data
Size:   682050
Md5:    cedcd46e956dee6a28f87198962b0477
Sha1:   7b38f1de654971e436983fb6a34a71540ba526c9
Sha256: 08c08ef6f1ed9da65259719bbcc97e9aec700d3b486a9f0a741cb5800be34db5
                                        
                                            GET /starharem/01/s/img/6.jpg HTTP/1.1 
Host: mediasama.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 11 Sep 2022 05:25:59 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:44 GMT
ETag: "3fcf4-5dc622e471bd1"
Accept-Ranges: bytes
Content-Length: 261364


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size:   261364
Md5:    4b7cf78d93f3f009f850bedb6829d7f6
Sha1:   cc55cad898df47a2f089946aee9398fea7fa2ae6
Sha256: 44d0a6f8e7f7fe0354c05417445137070431686d671c51e9f3d3869867f2448f
                                        
                                            GET /starharem/01/s/img/3.jpg HTTP/1.1 
Host: mediasama.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 11 Sep 2022 05:25:59 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:41 GMT
ETag: "5b977-5dc622e17edac"
Accept-Ranges: bytes
Content-Length: 375159


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size:   375159
Md5:    84c5f704120f28ad7bcde2ebab7442a0
Sha1:   fd2745300ba7ad59ff8044c7e9f76b1326ddd120
Sha256: 6227de9cf2198a85639d3808c134b85dc1e6a5ee5ee5709189c5e58d1b91b7c2
                                        
                                            GET /starharem/01/s/img/4.jpg HTTP/1.1 
Host: mediasama.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 11 Sep 2022 05:25:59 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:43 GMT
ETag: "4f746-5dc622e2da82e"
Accept-Ranges: bytes
Content-Length: 325446


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size:   325446
Md5:    ec18d276822ab5772f3458da7dbedfbc
Sha1:   f7a38f944aaba3e6b848f496bf4b8fee50b58161
Sha256: da6b7082767f0ddffbec031c7f84b859c7a1f20624445bb26aa93895b75d7c09
                                        
                                            GET /starharem/01/s/img/10.jpg HTTP/1.1 
Host: mediasama.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 11 Sep 2022 05:25:59 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:39 GMT
ETag: "39dae-5dc622df755e8"
Accept-Ranges: bytes
Content-Length: 236974


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size:   236974
Md5:    e0046cc1f34ff0701ec4874a0a8c5d43
Sha1:   c6a46db14dfc50d67307a9855f4dd2688d576a01
Sha256: 8589d73053f4bb258d888488403564bdcc94fb2d87c7388f943bf06fb85865a1
                                        
                                            GET /starharem/01/s/img/5.jpg HTTP/1.1 
Host: mediasama.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 11 Sep 2022 05:25:59 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:43 GMT
ETag: "70a64-5dc622e35f52f"
Accept-Ranges: bytes
Content-Length: 461412


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size:   461412
Md5:    42ad3cffde2e4081df94ded8a30a1dc5
Sha1:   7b064f0fcb96e5b5c498c0c03bcbb9ab15e999b0
Sha256: be788428faee6157125228734e5510d4f49212766eff23a1a1b178e456f153d1
                                        
                                            GET /starharem/01/s/img/11.jpg HTTP/1.1 
Host: mediasama.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 11 Sep 2022 05:26:00 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 09:18:06 GMT
ETag: "62534-5dc5d6c134c3d"
Accept-Ranges: bytes
Content-Length: 402740


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Size:   402740
Md5:    c10654a068f849e614885c983ac9ab02
Sha1:   8d69da78045560f1c2de7bafc47b2c8a12e86424
Sha256: 3a864743d27da3ef1cea10d293532f84f9d564a98b34afef2a8f4b380472dfc2
                                        
                                            GET /impression/eS_FVFVCxxkEf_qGkUfWigiTrJT2djHw0BNgFfCupjOC9suaUwiQjAi6enihrcWpfJ4cAUy8B3Uiyq1T0ZUXKjgXpUTkr2Rk5XctZBnaBFNe1b74L54JovNF1sRtpemzoK-3yE66f9RSFrTqGZe7P2IX6hUG0vf-fXWQVfWKAsO2u2Tm38A5Iy-y-tf0VT1TI-iMQi6ISS26OOzWTZWUYEaZbqkXEhXaCRThq9lHK9O0Wnet6seAEBOObjzSJR0ToMJOu-FCllqmxL59z4v0yqr1OooI7mZ8i0EXfSguISu7ojUcihXjGHcVDZyxzfQT5B9mS10luTdYyWl3tPazoNStae5X7DQjsSLE8G-znsNfITQ65MiP_tZ4RHzhiP-3O8QfeLl0wqZIMmTM7WSu8OC-u3g8mkqVAQIf7uik0pLP56q73LdHw4i58VkFIA3t4LfJCRUwvGL25TDhoCB-mCe_lqlj7-4sJZs0MwlI9mGya1lnkBFPDiNcjnNZuUaXFhfBqlBDqVbGhBcPYqyZeLKWWtmWQ8FBU8QsnyzNJzKsJfanOodzzSzxsvfahiDUk4QjPT3Pkccyx8KlFEnkFw==?_z=5292343&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fckk.ai%2FDDqyXJdt&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: belickitungchan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: OAID=269f7bf030b74658a67bff176b2ef6a3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Sun, 11 Sep 2022 05:26:02 GMT
content-length: 43
x-trace-id: f5895045d1cb7bc9c413c6f226251e19
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    b4491705564909da7f9eaf749dbbfbb1
Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8
Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /400/3487732 HTTP/1.1 
Host: forfrogadiertor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.239
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 11 Sep 2022 05:25:57 GMT
x-trace-id: 91601a1f0704e3fd0538c3018b183159
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=60e74caf956a45b89ad2b32abd92d99d; expires=Mon, 11 Sep 2023 05:25:57 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /400/5292343 HTTP/1.1 
Host: belickitungchan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.239
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 11 Sep 2022 05:25:58 GMT
x-trace-id: 83ef19f2b7ff388b3e8e133c1ae3ee39
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=5aade69874ba43c2957e09b92340edbd; expires=Mon, 11 Sep 2023 05:25:58 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /9?z=5324394&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fckk.ai%2FDDqyXJdt&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=269f7bf030b74658a67bff176b2ef6a3 HTTP/1.1 
Host: upgulpinon.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 52
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: scm=1; OAID=f3fc1d952e0d4a548c306c87804c84fb; oaidts=1662873957
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.242
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 11 Sep 2022 05:25:58 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://ckk.ai
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: eb3e082cfc33d642e0fb13823bf87263
access-control-expose-headers: X-Sc
set-cookie: OAID=269f7bf030b74658a67bff176b2ef6a3; expires=Mon, 11 Sep 2023 05:25:58 GMT; secure; SameSite=None oaidts=1662873957; expires=Mon, 11 Sep 2023 05:25:58 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /?rb=ccX6IA78ab2UIeqjbFH1SxYSETJKMdewuVUMiOh0XNwTQn9ZXLZ_7nEg6bpGyIxVaWH8-Pezpzs6OJJuSX2aj7CUw3HPWBI4HZAivdwRhT7NCSaO6sZigQp36MBdK7abX6lYHZxfo7d2-oBAvdCAl7PTPp-Vxdfg_qOfBnpRPkSAenfQ7wdxLRWrD33K3bOqlUfc2luKGyBrUudL&request_ab2=0&zoneid=3491150&js_build=iclick-v1.425.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FDDqyXJdt&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.425.0&bs=679ab493-2852-48d5-baf3-9597fd7e2ddd&userId=269f7bf030b74658a67bff176b2ef6a3&m=link HTTP/1.1 
Host: onmarshtompor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ckk.ai/
Origin: https://ckk.ai
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.243
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 11 Sep 2022 05:25:58 GMT
x-trace-id: 5e2b64153472f99fe94253cb4c324625
access-control-allow-origin: https://ckk.ai
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=269f7bf030b74658a67bff176b2ef6a3; expires=Mon, 11 Sep 2023 05:25:58 GMT; path=/; secure; SameSite=None oaidts=1662873958; expires=Mon, 11 Sep 2023 05:25:58 GMT; path=/; secure; SameSite=None syncedCookie=true; expires=Sun, 18 Sep 2022 05:25:58 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /500/3487732?excludes=&oaid=269f7bf030b74658a67bff176b2ef6a3&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fckk.ai%2FDDqyXJdt&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: forfrogadiertor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: OAID=269f7bf030b74658a67bff176b2ef6a3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 11 Sep 2022 05:25:58 GMT
x-trace-id: efdb03e5b547b3b997bd1271460c1e53
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://ckk.ai
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=269f7bf030b74658a67bff176b2ef6a3; expires=Mon, 11 Sep 2023 05:25:58 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /stattag.js HTTP/1.1 
Host: tzegilo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.22.169
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 11 Sep 2022 05:25:58 GMT
last-modified: Thu, 04 Aug 2022 15:18:11 GMT
etag: W/"62ebe333-8007"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 2245
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BX2YWDgLJDk071bYKMZmzboDJ%2B3faR6lUVvHMyoOg6sViQpuWIv%2FHHYkgTS0tw5aDV%2Fs8sWyg6SJtGUWS%2BfeMRFLWtz2EID%2F9vdbQp1RwCCgvuVatWAL6bmIkYKsQg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748dfc5d8920b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /401/5292343 HTTP/1.1 
Host: punoocke.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.236
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 11 Sep 2022 05:25:58 GMT
x-trace-id: dd697ca28f1859fd7704a182c7bccdee
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=046b5b18d106484ca9a26f0ec2876905; expires=Mon, 11 Sep 2023 05:25:58 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /1?z=5324394 HTTP/1.1 
Host: upgulpinon.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ckk.ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.242
HTTP/2 200 OK
content-type: text/javascript
                                        
server: nginx
date: Sun, 11 Sep 2022 05:25:57 GMT
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: ea30c73a2ff4d49acd7ba732449babcf
access-control-expose-headers: X-Sc
x-sc: NpjWc_Zlp4vwN79polhL7HksvRzYPFk0y2qhfJnJon9x6EMwoMMgBz7PLbJ7tp-ENgIMY_OZ2-9ZlrLk4rMJJTjlTNw=
set-cookie: scm=1; expires=Mon, 11 Sep 2023 05:25:57 GMT; secure; SameSite=None OAID=f3fc1d952e0d4a548c306c87804c84fb; expires=Mon, 11 Sep 2023 05:25:57 GMT; secure; SameSite=None oaidts=1662873957; expires=Mon, 11 Sep 2023 05:25:57 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /401/5292343?oo=1&oaid=269f7bf030b74658a67bff176b2ef6a3 HTTP/1.1 
Host: punoocke.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: OAID=046b5b18d106484ca9a26f0ec2876905
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.236
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 11 Sep 2022 05:25:58 GMT
x-trace-id: 07559b65bd99b46868a7270392594d83
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://ckk.ai
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=269f7bf030b74658a67bff176b2ef6a3; expires=Mon, 11 Sep 2023 05:25:58 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /css2?family=Luckiest+Guy&family=Roboto:wght@400;700&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 11 Sep 2022 05:25:58 GMT
date: Sun, 11 Sep 2022 05:25:58 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /400/3487732?oo=1&oaid=269f7bf030b74658a67bff176b2ef6a3 HTTP/1.1 
Host: forfrogadiertor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ckk.ai
Connection: keep-alive
Referer: https://ckk.ai/
Cookie: OAID=60e74caf956a45b89ad2b32abd92d99d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 11 Sep 2022 05:25:57 GMT
x-trace-id: db9d52433b1448c362a0c7ece439ac6b
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: https://ckk.ai
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=269f7bf030b74658a67bff176b2ef6a3; expires=Mon, 11 Sep 2023 05:25:57 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---