Overview

URL38.242.147.152/
IP 38.242.147.152 (Turkey)
ASN#174 COGENT-174
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-02 01:27:09 UTC
StatusLoading report..
IDS alerts0
Blocklist alert51
urlquery alerts No alerts detected
Tags None

Domain Summary (19)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-12-01 21:18:15 UTC 142.250.74.110
s10.histats.com (1) 15211 2012-05-21 17:14:14 UTC 2020-03-16 19:44:20 UTC 46.105.201.240
r3.o.lencr.org (12) 344 No data No data 95.101.11.115
ocsp.digicert.com (6) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
38.242.147.152 (52) 0 No data No data 38.242.147.152 Unknown ranking
wf.gaurecorah.com (1) 0 No data No data 23.109.248.177 Unknown ranking
use.fontawesome.com (2) 942 2018-09-18 10:26:26 UTC 2020-03-18 00:09:30 UTC 172.64.133.15
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-12-01 17:12:49 UTC 34.117.237.239
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 54.187.71.185
ocsp.pki.goog (5) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.131
www.googletagmanager.com (1) 75 2013-05-22 02:07:37 UTC 2022-12-01 18:48:44 UTC 142.250.74.168
fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-12-01 17:28:41 UTC 142.250.74.106
connect.facebook.net (1) 139 2012-05-22 02:51:28 UTC 2020-02-17 13:26:09 UTC 157.240.240.1
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-12-01 17:14:08 UTC 34.102.187.140
img-getpocket.cdn.mozilla.net (7) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
www.facebook.com (1) 99 2012-05-21 00:23:41 UTC 2021-06-08 06:38:51 UTC 157.240.240.35
s4.histats.com (36) 12782 2012-05-21 17:14:14 UTC 2022-12-01 19:06:09 UTC 149.56.240.131
stats.g.doubleclick.net (1) 96 2013-06-10 20:21:11 UTC 2022-12-01 20:40:43 UTC 108.177.14.157

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
 No alerts detected

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-12-02 2 38.242.147.152 Sinkholed
2022-12-02 2 38.242.147.152 Sinkholed
2022-12-02 2 38.242.147.152 Sinkholed
2022-12-02 2 38.242.147.152 Sinkholed
2022-12-02 2 38.242.147.152 Sinkholed
2022-12-02 2 38.242.147.152 Sinkholed
2022-12-02 2 38.242.147.152 Sinkholed
2022-12-02 2 38.242.147.152 Sinkholed
2022-12-02 2 38.242.147.152 Sinkholed
2022-12-02 2 38.242.147.152 Sinkholed
2022-12-02 2 38.242.147.152 Sinkholed
2022-12-02 2 38.242.147.152 Sinkholed
2022-12-02 2 38.242.147.152 Sinkholed
2022-12-02 2 38.242.147.152 Sinkholed
2022-12-02 2 38.242.147.152 Sinkholed
2022-12-02 2 38.242.147.152 Sinkholed
2022-12-02 2 38.242.147.152 Sinkholed
2022-12-02 2 38.242.147.152 Sinkholed
2022-12-02 2 38.242.147.152 Sinkholed
2022-12-02 2 38.242.147.152 Sinkholed
2022-12-02 2 38.242.147.152 Sinkholed
2022-12-02 2 38.242.147.152 Sinkholed
2022-12-02 2 38.242.147.152 Sinkholed
2022-12-02 2 38.242.147.152 Sinkholed
2022-12-02 2 38.242.147.152 Sinkholed
2022-12-02 2 38.242.147.152 Sinkholed
2022-12-02 2 38.242.147.152 Sinkholed
2022-12-02 2 38.242.147.152 Sinkholed
2022-12-02 2 38.242.147.152 Sinkholed
2022-12-02 2 38.242.147.152 Sinkholed
2022-12-02 2 38.242.147.152 Sinkholed
2022-12-02 2 38.242.147.152 Sinkholed
2022-12-02 2 38.242.147.152 Sinkholed
2022-12-02 2 38.242.147.152 Sinkholed
2022-12-02 2 38.242.147.152 Sinkholed
2022-12-02 2 38.242.147.152 Sinkholed
2022-12-02 2 38.242.147.152 Sinkholed
2022-12-02 2 38.242.147.152 Sinkholed
2022-12-02 2 38.242.147.152 Sinkholed
2022-12-02 2 38.242.147.152 Sinkholed
2022-12-02 2 38.242.147.152 Sinkholed
2022-12-02 2 38.242.147.152 Sinkholed
2022-12-02 2 38.242.147.152 Sinkholed
2022-12-02 2 38.242.147.152 Sinkholed
2022-12-02 2 38.242.147.152 Sinkholed
2022-12-02 2 38.242.147.152 Sinkholed
2022-12-02 2 38.242.147.152 Sinkholed
2022-12-02 2 38.242.147.152 Sinkholed
2022-12-02 2 38.242.147.152 Sinkholed
2022-12-02 2 38.242.147.152 Sinkholed
2022-12-02 2 38.242.147.152 Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 38.242.147.152
Date UQ / IDS / BL URL IP
2022-12-02 01:27:09 +0000 0 - 0 - 51 38.242.147.152/ 38.242.147.152


Last 5 reports on ASN: COGENT-174
Date UQ / IDS / BL URL IP
2023-02-07 09:48:50 +0000 3 - 5 - 1 cleanupmetamask.run.place/ 38.79.142.66
2023-02-07 08:52:19 +0000 0 - 4 - 4 promogifting.com/provident-voluptatem/documen (...) 38.63.88.61
2023-02-07 08:23:52 +0000 0 - 13 - 6 weborld.cn/ 38.238.141.72
2023-02-07 03:19:08 +0000 0 - 0 - 23 metamask78.com/app/ 38.45.125.10
2023-02-07 03:07:42 +0000 0 - 2 - 0 www.micromvc.com/index.php 38.48.246.42


Last 1 reports on domain: 38.242.147.152
Date UQ / IDS / BL URL IP
2022-12-02 01:27:09 +0000 0 - 0 - 51 38.242.147.152/ 38.242.147.152


No other reports with similar screenshot

JavaScript

Executed Scripts (17)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (133)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5815
Expires: Fri, 02 Dec 2022 03:03:52 GMT
Date: Fri, 02 Dec 2022 01:26:57 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3902
Cache-Control: max-age=122957
Date: Fri, 02 Dec 2022 01:26:57 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 11:36:14 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 01:18:10 GMT
cache-control: public,max-age=3600
age: 527
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3683
Expires: Fri, 02 Dec 2022 02:28:20 GMT
Date: Fri, 02 Dec 2022 01:26:57 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: PU/q0j41GzbqH02guvkhs2pn+2yflcXAVRuBl26TRhvDlxH8GvzauewNxYSg1f8QOOlide3fh+Q=
x-amz-request-id: WC8RD08FXQQYBZNZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 00:45:52 GMT
age: 2465
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 02 Dec 2022 01:26:57 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 01:08:57 GMT
cache-control: public,max-age=3600
age: 1081
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3897
Cache-Control: max-age=117888
Date: Fri, 02 Dec 2022 01:26:58 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 10:11:46 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7KdzJFgR9v4rPNSDF/rfHg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         54.187.71.185
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: fhW3czdjRpYFX2mOU3bbaC+Tqbw=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8186
Expires: Fri, 02 Dec 2022 03:43:25 GMT
Date: Fri, 02 Dec 2022 01:26:59 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8186
Expires: Fri, 02 Dec 2022 03:43:25 GMT
Date: Fri, 02 Dec 2022 01:26:59 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8186
Expires: Fri, 02 Dec 2022 03:43:25 GMT
Date: Fri, 02 Dec 2022 01:26:59 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8186
Expires: Fri, 02 Dec 2022 03:43:25 GMT
Date: Fri, 02 Dec 2022 01:26:59 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 07:20:09 GMT
age: 65210
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6174
Md5:    b986f9fcbeca91ed5c8d58fbfaf47d19
Sha1:   6e6c8bd2bce144cc4da1cd7be375b046b60dca79
Sha256: 07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7591
x-amzn-requestid: e179862e-f840-4e50-a9dc-09f325479b9a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGgMFRZIAMFl7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e01-676a1571459f2d83488f2765;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: oB5K_ZCWWwCltMx8FQSjDdXRMzSTSyRLSYSLAooQXuCrUxadLUiWkA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:48:51 GMT
age: 13088
etag: "ffd0763f997e71a8c1458523fc17cafe8849dfdf"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7591
Md5:    d147ccb10bda82b153a596c3c967cd6a
Sha1:   ffd0763f997e71a8c1458523fc17cafe8849dfdf
Sha256: 1cfeb90a4ba027195f903d938d4a0aac418a1c2f0b52215ec023263f15905971
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fw6nrporwF27NW0-vXpaolW79nDXLF2RyS-lqhhp1osHt7q98VpI3g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:49:56 GMT
age: 13023
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   2942
Md5:    b47431190f34eccf0a6efb98e2a32b7d
Sha1:   9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
Sha256: 08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11402
x-amzn-requestid: 20c2c359-1e43-40c0-885d-1c90e76ea12b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGzJHu-IAMFbYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e7a-1d89722e767daa014b174a39;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: OJBnbjJB_kvPuJcePGnno3zI0CTWAzV-Osb2L1hPZZhlNYhFHWmLsA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:51:33 GMT
age: 12926
etag: "aa944d10fe4a44b790b01ef62edc0f85a6d558e3"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11402
Md5:    1c80b8025242ddfcc816ec612456b99e
Sha1:   aa944d10fe4a44b790b01ef62edc0f85a6d558e3
Sha256: a9f060bc15738a3fe257e0c81a29e4611a89c273bcbb2765ce856d4e854a5f1f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07af64d-c287-4b0a-9677-9a1000422afc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7334
x-amzn-requestid: a6b8b420-8394-496b-8be8-26dee52e3887
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoHJOoAMF75g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-0b38d07f518c8b3134457df2;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: tuKmV_nb4HVbqkhtCnZY3b33VB-bB6UxaBl6HsY_JgWesbUB8SPt-g==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:09:38 GMT
age: 11841
etag: "23753fe8af09ec8ffa10eed4d201a71833885c99"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7334
Md5:    498ab4412ed5cf977bc23e4e870894b0
Sha1:   23753fe8af09ec8ffa10eed4d201a71833885c99
Sha256: 036042656f15e42b4d1537c45f5b8e7190c70305fa9a69c1287c6739ad0b7122
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a5598e9-4752-4e3f-9938-977b517ce347.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5967
x-amzn-requestid: 889cb78c-7f00-4bd5-8f58-16aeae59f384
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGgfFo2IAMF7ig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e02-636955ff357675180ee298ff;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7R1Dono_VzhL0RPOfUBX2GC13dxG0n0buPmhAPencEFJ7WupYOUK8w==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:50:08 GMT
age: 13011
etag: "795fd611123ebde700aaff1f0dac862f9cad00dc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5967
Md5:    4e1372b65928f2addd9d8e44ce63ea0c
Sha1:   795fd611123ebde700aaff1f0dac862f9cad00dc
Sha256: de9011e1f05fb2f7a202f5a6e6ed7b77a339c0af8d3409e4fc898f2b8c6963ad
                                        
                                            GET / HTTP/1.1 
Host: 38.242.147.152
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         38.242.147.152
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Fri, 02 Dec 2022 01:27:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: shield-notbot-nonce=39857c21e7; expires=Fri, 02-Dec-2022 01:27:13 GMT; Max-Age=15; path=/
Referrer-Policy: unsafe-url
x-frame-options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Link: <http://38.242.147.152/wp-json/>; rel="https://api.w.org/"
X-LiteSpeed-Tag: 24b_HTTP.200,24b_home,24b_URL.6666cd76f96956469e7be39d750cc7d9,24b_F,24b_,24b_MIN.e375317437196eb0ca91f5ddc2764476.css,24b_MIN.95262e9a7c639d50426ec20bbf0b80b3.js
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (6039), with CRLF, LF line terminators
Size:   32903
Md5:    37419aca1585b52982445ff685fc532e
Sha1:   fc30c4f78b5bd5041dada7b7cd536f1a20b40a6c
Sha256: 078ee3232393d14e31fd1f5aa06ce7eaa2d0c1bc72b49e568cdb333dcdbb9ca1

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js HTTP/1.1 
Host: 38.242.147.152
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://38.242.147.152/
Connection: keep-alive
Cookie: shield-notbot-nonce=39857c21e7

search
                                         38.242.147.152
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 02 Dec 2022 01:27:00 GMT
Last-Modified: Sun, 20 Nov 2022 06:40:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6379cbde-2f42"
Expires: Fri, 02 Dec 2022 13:27:00 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (12075), with no line terminators
Size:   5230
Md5:    36065f1d21d70c58cd489400bb39dddd
Sha1:   3accc29dc033fd51d6c838995d91e229b4d79fdf
Sha256: df319e004058f55173509b9faf68b318de8b09ca39382bb0b13c2046d82a4e9a

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3931
Cache-Control: max-age=128722
Date: Fri, 02 Dec 2022 01:27:00 GMT
Etag: "638898db-117"
Expires: Sat, 03 Dec 2022 13:12:22 GMT
Last-Modified: Thu, 01 Dec 2022 12:06:51 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /wp-content/litespeed/css/e375317437196eb0ca91f5ddc2764476.css?ver=2813f HTTP/1.1 
Host: 38.242.147.152
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://38.242.147.152/
Connection: keep-alive
Cookie: shield-notbot-nonce=39857c21e7

search
                                         38.242.147.152
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 02 Dec 2022 01:27:00 GMT
Last-Modified: Sun, 20 Nov 2022 07:26:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6379d6a4-11336"
Expires: Fri, 02 Dec 2022 13:27:00 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (51082)
Size:   19504
Md5:    36ddfb3bc00d5c0781abf7b6ac856758
Sha1:   15a0cff73e84ba583438d9e831962394c942621c
Sha256: 5e2882a181bd1a012ed30c2bb030aa9910306532e1d2380b8045fbe4bfcd2de1

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Dec 2022 01:27:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/litespeed/js/95262e9a7c639d50426ec20bbf0b80b3.js?ver=2813f HTTP/1.1 
Host: 38.242.147.152
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://38.242.147.152/
Connection: keep-alive
Cookie: shield-notbot-nonce=39857c21e7

search
                                         38.242.147.152
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 02 Dec 2022 01:27:00 GMT
Last-Modified: Sun, 20 Nov 2022 07:26:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6379d6a4-e2b3"
Expires: Fri, 02 Dec 2022 13:27:00 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (35279)
Size:   23165
Md5:    c15c819437355120b37be5a4cb0f0800
Sha1:   08bce22826b25f5d546b14312eea7ca88236619e
Sha256: c41663fa232f4120d1bd33a8b18e397c37d33ffe1f36b54426e244d6f919e3d1

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /gtag/js?id=UA-173369819-1&ver=2.1.5 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.242.147.152/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 02 Dec 2022 01:27:00 GMT
expires: Fri, 02 Dec 2022 01:27:00 GMT
cache-control: private, max-age=900
last-modified: Fri, 02 Dec 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43568
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1921)
Size:   43568
Md5:    33f5d4ad6676fb6f2167902ad2cb078e
Sha1:   705010b2bdf3a0cd7b23dc3a8dc70662f634120a
Sha256: 4ac8947113acc368cab81cb68d490f5aaf36d7e1d6b4543f2a1ec5e605bde449
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Dec 2022 01:27:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E7E51266F3A45E88A463347A90FB355419FDAD83CD2C1B970EC06EE2286F3FDB"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17135
Expires: Fri, 02 Dec 2022 06:12:35 GMT
Date: Fri, 02 Dec 2022 01:27:00 GMT
Connection: keep-alive

                                        
                                            GET /wp-content/uploads/2022/07/9Zfv4Ap1e8eKOYnZPtYaWhLkk0d-152x228.jpg HTTP/1.1 
Host: 38.242.147.152
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://38.242.147.152/
Connection: keep-alive
Cookie: shield-notbot-nonce=39857c21e7

search
                                         38.242.147.152
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Dec 2022 01:27:00 GMT
Content-Length: 8522
Last-Modified: Wed, 13 Jul 2022 15:30:17 GMT
Connection: keep-alive
ETag: "62cee509-214a"
Expires: Sun, 01 Jan 2023 01:27:00 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 152x228, components 3\012- data
Size:   8522
Md5:    9c6e9a51d3afa3105d9a984e27137371
Sha1:   b2afc4302f21ec80f0c77bfeafdf422e13a10cde
Sha256: 0f4536813f3765b76f38c45c3f6176cc6f7b023c6662c552a83b9fbde0395945

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2022/07/ijPQkXHoAUTDl60NXYLG2DypAgS-152x228.jpg HTTP/1.1 
Host: 38.242.147.152
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://38.242.147.152/
Connection: keep-alive
Cookie: shield-notbot-nonce=39857c21e7

search
                                         38.242.147.152
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Dec 2022 01:27:00 GMT
Content-Length: 8378
Last-Modified: Wed, 13 Jul 2022 15:39:32 GMT
Connection: keep-alive
ETag: "62cee734-20ba"
Expires: Sun, 01 Jan 2023 01:27:00 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 152x228, components 3\012- data
Size:   8378
Md5:    dc85e040ead840f21cdb1e80f31f5a4d
Sha1:   22a881fe02531eb353a962daee194fae5c2416be
Sha256: 38a0f89e64f39e13529626c49b2a93dd93940b63428877606918287a8b1eb652

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2022/07/pIkRyD18kl4FhoCNQuWxWu5cBLM-152x228.jpg HTTP/1.1 
Host: 38.242.147.152
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://38.242.147.152/
Connection: keep-alive
Cookie: shield-notbot-nonce=39857c21e7

search
                                         38.242.147.152
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Dec 2022 01:27:00 GMT
Content-Length: 12975
Last-Modified: Wed, 13 Jul 2022 15:27:58 GMT
Connection: keep-alive
ETag: "62cee47e-32af"
Expires: Sun, 01 Jan 2023 01:27:00 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 152x228, components 3\012- data
Size:   12975
Md5:    79f011ed730d9e9e587d5eb117d2eda3
Sha1:   ea1b876260860be2a71466563f7723af474a7573
Sha256: 2308f72196d0c3f1de7487527e2862f0b9c991b10747e769a2172550ff2efea3

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2022/07/wKiOkZTN9lUUUNZLmtnwubZYONg-152x228.jpg HTTP/1.1 
Host: 38.242.147.152
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://38.242.147.152/
Connection: keep-alive
Cookie: shield-notbot-nonce=39857c21e7

search
                                         38.242.147.152
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Dec 2022 01:27:00 GMT
Content-Length: 15131
Last-Modified: Wed, 13 Jul 2022 15:23:43 GMT
Connection: keep-alive
ETag: "62cee37f-3b1b"
Expires: Sun, 01 Jan 2023 01:27:00 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 152x228, components 3\012- data
Size:   15131
Md5:    4034e338c8936b396985eabeef37aee1
Sha1:   051a8b7b4dd419230d90abba3f65c209a23c6d2a
Sha256: de30abdbfb357c0a5b3189b22384051a0100493f42867032418563845b78b3f9

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2022/07/pIkRyD18kl4FhoCNQuWxWu5cBLM-170x255.jpg HTTP/1.1 
Host: 38.242.147.152
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://38.242.147.152/
Connection: keep-alive
Cookie: shield-notbot-nonce=39857c21e7

search
                                         38.242.147.152
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Dec 2022 01:27:00 GMT
Content-Length: 15568
Last-Modified: Wed, 13 Jul 2022 15:27:58 GMT
Connection: keep-alive
ETag: "62cee47e-3cd0"
Expires: Sun, 01 Jan 2023 01:27:00 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 170x255, components 3\012- data
Size:   15568
Md5:    38fc03c64701226d0b49d0b89e74d44f
Sha1:   41669b2c66f428158b6ea556017d7338b49c589d
Sha256: 2e618708392ca7b106a53e25a19c554e9026e7cfec30d73776601f754442d4e2

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /r630e1bb2e95fe630e1bb2e9602/12718 HTTP/1.1 
Host: wf.gaurecorah.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.242.147.152/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.109.248.177
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Server: nginx
Date: Fri, 02 Dec 2022 01:27:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://38.242.147.152
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Sat, 03-Dec-2022 01:27:00 GMT; Max-Age=86400; path=/; secure; SameSite=None GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D; expires=Sat, 03-Dec-2022 01:27:00 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   25
Md5:    d488addc5df5fc9b9ff4135bb4e3a823
Sha1:   6ce56f48e851df4d562b43d3bc1269a504ae83fc
Sha256: d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
                                        
                                            GET /wp-content/uploads/2022/07/A2kEF7p4pHk732UZ07JSHG5FlYF-152x228.jpg HTTP/1.1 
Host: 38.242.147.152
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://38.242.147.152/
Connection: keep-alive
Cookie: shield-notbot-nonce=39857c21e7

search
                                         38.242.147.152
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Dec 2022 01:27:00 GMT
Content-Length: 8157
Last-Modified: Sun, 10 Jul 2022 12:14:23 GMT
Connection: keep-alive
ETag: "62cac29f-1fdd"
Expires: Sun, 01 Jan 2023 01:27:00 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 152x228, components 3\012- data
Size:   8157
Md5:    9aecd9da7a0c6d554b7eaf0310c87831
Sha1:   d5f9a9f1dfb959a62ec0e6fca70ed46c2231b4ba
Sha256: 5fe68d20a4674c19effe137609ec02b7ac5483b6f97d1dafc69347e314793268

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3931
Cache-Control: max-age=128722
Date: Fri, 02 Dec 2022 01:27:00 GMT
Etag: "638898db-117"
Expires: Sat, 03 Dec 2022 13:12:22 GMT
Last-Modified: Thu, 01 Dec 2022 12:06:51 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Dec 2022 01:27:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/uploads/2022/07/5KmscR49WkmuPJKjmK4OUmsRn5C-152x228.jpg HTTP/1.1 
Host: 38.242.147.152
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://38.242.147.152/
Connection: keep-alive
Cookie: shield-notbot-nonce=39857c21e7

search
                                         38.242.147.152
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Dec 2022 01:27:00 GMT
Content-Length: 9181
Last-Modified: Thu, 07 Jul 2022 05:39:41 GMT
Connection: keep-alive
ETag: "62c6719d-23dd"
Expires: Sun, 01 Jan 2023 01:27:00 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 152x228, components 3\012- data
Size:   9181
Md5:    b52c230a3be40ad03e7ba96ca06f2275
Sha1:   558b692f35c7c2f1bc7aceca55f02b8266a86e56
Sha256: cb0d010bdb6c5a1dd72dabaf8f0b2d82cf090ff3f238fbd28fb94bac34185497

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2022/07/n05spbekRTfx0OG4FI7bFssYlfo-152x228.jpg HTTP/1.1 
Host: 38.242.147.152
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://38.242.147.152/
Connection: keep-alive
Cookie: shield-notbot-nonce=39857c21e7

search
                                         38.242.147.152
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Dec 2022 01:27:00 GMT
Content-Length: 9837
Last-Modified: Sun, 10 Jul 2022 11:54:44 GMT
Connection: keep-alive
ETag: "62cabe04-266d"
Expires: Sun, 01 Jan 2023 01:27:00 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 152x228, components 3\012- data
Size:   9837
Md5:    05a6175ec6d4473fff6486a5845c68d3
Sha1:   b37191be9fd22a4b5ee8644df704d05d2dce31bd
Sha256: 16f724a04fefa49e8c8094ec1cdaed19a1ff6af95cb437549e055aaba3851b23

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2022/07/dt53jhcegkYu2hKcE4tAdnbpBzt-152x228.jpg HTTP/1.1 
Host: 38.242.147.152
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://38.242.147.152/
Connection: keep-alive
Cookie: shield-notbot-nonce=39857c21e7

search
                                         38.242.147.152
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Dec 2022 01:27:00 GMT
Content-Length: 9658
Last-Modified: Wed, 06 Jul 2022 05:47:57 GMT
Connection: keep-alive
ETag: "62c5220d-25ba"
Expires: Sun, 01 Jan 2023 01:27:00 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 152x228, components 3\012- data
Size:   9658
Md5:    2bb59e943d130c985224375520726b3e
Sha1:   3f83972ebefa9b838344306b77da10d7e2d9f645
Sha256: 361857105a66eec7a2e7039f92b198f69b95aabf372c81704fc74550e5128438

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2022/07/yjAXHyMz0JZzYiQP7q1fT5kXLif-152x228.jpg HTTP/1.1 
Host: 38.242.147.152
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://38.242.147.152/
Connection: keep-alive
Cookie: shield-notbot-nonce=39857c21e7

search
                                         38.242.147.152
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Dec 2022 01:27:00 GMT
Content-Length: 5706
Last-Modified: Wed, 06 Jul 2022 05:35:21 GMT
Connection: keep-alive
ETag: "62c51f19-164a"
Expires: Sun, 01 Jan 2023 01:27:00 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 152x228, components 3\012- data
Size:   5706
Md5:    a63878f312a1c0672286402f57672217
Sha1:   9e241f57ef84e30b6c09ff28cf365d28e3f5802e
Sha256: 655d2d20e4301c7db2f41a8f0932da797bcf92d0cdde4b42f125b08e3f08f27d

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2021/09/en6lrlJ1DhyvkeZEqrk3R6EJz1p-152x228.jpg HTTP/1.1 
Host: 38.242.147.152
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://38.242.147.152/
Connection: keep-alive
Cookie: shield-notbot-nonce=39857c21e7

search
                                         38.242.147.152
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Dec 2022 01:27:00 GMT
Content-Length: 8257
Last-Modified: Fri, 14 Jan 2022 15:12:20 GMT
Connection: keep-alive
ETag: "61e192d4-2041"
Expires: Sun, 01 Jan 2023 01:27:00 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 152x228, components 3\012- data
Size:   8257
Md5:    021725d7fd7fb495d3a502346d08bba9
Sha1:   09f4902014c14f118cdab04f32436e035fa287e4
Sha256: 32a1f7309810722cf85adb889b40695ec27ac0786d31a3d2c98503dd9ed2d771

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /css?family=ABeeZee:regular,italic&subset=latin, HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.242.147.152/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.106
HTTP/2 400 Bad Request
content-type: text/html; charset=utf-8
                                        
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 02 Dec 2022 01:27:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1266
Md5:    9eea29d2fcf7bc64de4995a9e4181e0a
Sha1:   eff963c6fef576d7ce135a4cac10fe64f4550df1
Sha256: 6a80c1ba7ccc6c8e18d13b3d7b07a9a1b80da01b374df946a253ad1ac8f839c0
                                        
                                            GET /wp-content/uploads/2022/07/1DRaBfaVuQyEK9DAurUXZuQqlEp-152x228.jpg HTTP/1.1 
Host: 38.242.147.152
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://38.242.147.152/
Connection: keep-alive
Cookie: shield-notbot-nonce=39857c21e7

search
                                         38.242.147.152
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Dec 2022 01:27:00 GMT
Content-Length: 6426
Last-Modified: Wed, 06 Jul 2022 05:30:33 GMT
Connection: keep-alive
ETag: "62c51df9-191a"
Expires: Sun, 01 Jan 2023 01:27:00 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 152x228, components 3\012- data
Size:   6426
Md5:    7dece094c5957514a38f091c01649507
Sha1:   ab8eeacbb04a1369fc248b7344c4b96b308158b7
Sha256: 101b1f2886aa8d59ec1e8403d5245bb0a7d49aa336617aba86d88ec3d3b584c4

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2022/07/rPWaktPt50BwkYHmYM62sDrdnjR-152x228.jpg HTTP/1.1 
Host: 38.242.147.152
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://38.242.147.152/
Connection: keep-alive
Cookie: shield-notbot-nonce=39857c21e7

search
                                         38.242.147.152
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Dec 2022 01:27:00 GMT
Content-Length: 12374
Last-Modified: Wed, 06 Jul 2022 05:41:21 GMT
Connection: keep-alive
ETag: "62c52081-3056"
Expires: Sun, 01 Jan 2023 01:27:00 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 152x228, components 3\012- data
Size:   12374
Md5:    b971be69f62c85fd21a718c44c36290e
Sha1:   a8ac916adbc83e86d104eb3a4ac2799ed585aeb3
Sha256: b9822b133bcbb874484d02c080dda7ede8db008908246827472889959f61827c

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2021/09/l3gKUz8TuDuiwW2BBfNlE7uaNny-152x228.jpg HTTP/1.1 
Host: 38.242.147.152
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://38.242.147.152/
Connection: keep-alive
Cookie: shield-notbot-nonce=39857c21e7

search
                                         38.242.147.152
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Dec 2022 01:27:00 GMT
Content-Length: 5571
Last-Modified: Fri, 14 Jan 2022 15:12:11 GMT
Connection: keep-alive
ETag: "61e192cb-15c3"
Expires: Sun, 01 Jan 2023 01:27:00 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 152x228, components 3\012- data
Size:   5571
Md5:    0521177256756af2db61a929a9fd4586
Sha1:   0aa3576435bfc52b8ad03cccfb4f5247187c49d5
Sha256: 204bcc4e11a82f430d97853568c5128a379f7df08d1ed6a8c73b428d08694c63

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2021/10/vyahc0o4Xfbw0pZdz5QiqXxDRNH-152x228.jpg HTTP/1.1 
Host: 38.242.147.152
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://38.242.147.152/
Connection: keep-alive
Cookie: shield-notbot-nonce=39857c21e7

search
                                         38.242.147.152
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Dec 2022 01:27:00 GMT
Content-Length: 11098
Last-Modified: Fri, 14 Jan 2022 15:12:09 GMT
Connection: keep-alive
ETag: "61e192c9-2b5a"
Expires: Sun, 01 Jan 2023 01:27:00 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 152x228, components 3\012- data
Size:   11098
Md5:    40969ed148b65e15e45901f9b5b26fe6
Sha1:   da85f2b2826a166938bad0a6b1ad400c9fe66a7b
Sha256: 16b3dd89f6228e27b9b4a1a2aab07050b7d20db10fbb552ba24cacdf37843dd8

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2021/09/9GochFV6TQ6UnXmoAoFjunGRWez-152x228.jpg HTTP/1.1 
Host: 38.242.147.152
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://38.242.147.152/
Connection: keep-alive
Cookie: shield-notbot-nonce=39857c21e7

search
                                         38.242.147.152
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Dec 2022 01:27:00 GMT
Content-Length: 11061
Last-Modified: Fri, 14 Jan 2022 15:12:20 GMT
Connection: keep-alive
ETag: "61e192d4-2b35"
Expires: Sun, 01 Jan 2023 01:27:00 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 152x228, components 3\012- data
Size:   11061
Md5:    c06bf386b9528f611fae1faaea075668
Sha1:   8eca41fe9c20d7d3e653a5266a240fdfd9734a1a
Sha256: 6a909dd316cf2d0b2b50d275998b2d831b2b48e67a1ad14f4eef0fd4c9e199ea

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2021/09/MV5BYjFmNTUyMmQtMGQ0Yy00YWY3LTkxOTEtMDQxZjIzNDE4NGVmXkEyXkFqcGdeQXVyNDY5MjMyNTg@._V1_-152x228.jpg HTTP/1.1 
Host: 38.242.147.152
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://38.242.147.152/
Connection: keep-alive
Cookie: shield-notbot-nonce=39857c21e7

search
                                         38.242.147.152
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Dec 2022 01:27:00 GMT
Content-Length: 9871
Last-Modified: Fri, 14 Jan 2022 15:12:20 GMT
Connection: keep-alive
ETag: "61e192d4-268f"
Expires: Sun, 01 Jan 2023 01:27:00 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 152x228, components 3\012- data
Size:   9871
Md5:    d07b11cf4137e3b040725bdf495c93d9
Sha1:   3ffb77190e5479e26f985c5aeca226019a501341
Sha256: 8dd75ab5c480c8f31f5f91d78285154bfe80bbadbba87545aef35176d5653f5d
                                        
                                            GET /wp-content/uploads/2021/09/One_the_Woman-152x228.jpg HTTP/1.1 
Host: 38.242.147.152
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://38.242.147.152/
Connection: keep-alive
Cookie: shield-notbot-nonce=39857c21e7

search
                                         38.242.147.152
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Dec 2022 01:27:00 GMT
Content-Length: 11349
Last-Modified: Fri, 14 Jan 2022 15:12:11 GMT
Connection: keep-alive
ETag: "61e192cb-2c55"
Expires: Sun, 01 Jan 2023 01:27:00 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 152x228, components 3\012- data
Size:   11349
Md5:    37b2eb6acb4373efcc8f6502aa7e1a09
Sha1:   7579110d161c762ec9ad78ab13d7f91857fc986c
Sha256: 56e368040e07d51f7c177c1fee9278111533579f188dfb2bbbfa824cf4b8e902

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2021/09/on01rDIOO7uV4wyaOEf8nktma40-152x228.jpg HTTP/1.1 
Host: 38.242.147.152
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://38.242.147.152/
Connection: keep-alive
Cookie: shield-notbot-nonce=39857c21e7

search
                                         38.242.147.152
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Dec 2022 01:27:00 GMT
Content-Length: 5856
Last-Modified: Fri, 14 Jan 2022 15:12:11 GMT
Connection: keep-alive
ETag: "61e192cb-16e0"
Expires: Sun, 01 Jan 2023 01:27:00 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 152x228, components 3\012- data
Size:   5856
Md5:    f338b8b03da3f168e7483877e7604f90
Sha1:   20adb14976803c6dc539f7961875246eeedae66b
Sha256: bfab219226fa4a4a854e398fce556913f6a5ae4c9b1d6b45440d62481495ae58

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2021/10/lzKiEoVUTdhGDOuqNoYoL0Q1FYA-152x228.jpg HTTP/1.1 
Host: 38.242.147.152
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://38.242.147.152/
Connection: keep-alive
Cookie: shield-notbot-nonce=39857c21e7

search
                                         38.242.147.152
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Dec 2022 01:27:00 GMT
Content-Length: 10756
Last-Modified: Fri, 14 Jan 2022 15:12:09 GMT
Connection: keep-alive
ETag: "61e192c9-2a04"
Expires: Sun, 01 Jan 2023 01:27:00 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 152x228, components 3\012- data
Size:   10756
Md5:    44bf5e1407805f6c59db1d426331695c
Sha1:   22d63ddf3a360a56deda9eef998dffafbfc9fbbf
Sha256: 557fea2002807981ab1a953793218f665d7721ebb9aab41aeee82ba5dc92a91b

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2021/09/A6dnHWe8YYcoFBHzP7T6WPP4b6F-152x228.jpg HTTP/1.1 
Host: 38.242.147.152
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://38.242.147.152/
Connection: keep-alive
Cookie: shield-notbot-nonce=39857c21e7

search
                                         38.242.147.152
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Dec 2022 01:27:00 GMT
Content-Length: 10742
Last-Modified: Fri, 14 Jan 2022 15:12:20 GMT
Connection: keep-alive
ETag: "61e192d4-29f6"
Expires: Sun, 01 Jan 2023 01:27:00 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 152x228, components 3\012- data
Size:   10742
Md5:    8f0a3bb214c3f5fdae1d871bf006633e
Sha1:   1c5296e528b74ce9483977f11e3fb429122fc2f6
Sha256: 839fec9c6573271126250f3f1fe14215f44f0ece981ec459b062d2b1e1ddd4d3

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2021/09/lxCmHIN7TTO0sxeAmgDYxqzq8Ob-152x228.jpg HTTP/1.1 
Host: 38.242.147.152
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://38.242.147.152/
Connection: keep-alive
Cookie: shield-notbot-nonce=39857c21e7

search
                                         38.242.147.152
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Dec 2022 01:27:00 GMT
Content-Length: 8431
Last-Modified: Fri, 14 Jan 2022 15:12:20 GMT
Connection: keep-alive
ETag: "61e192d4-20ef"
Expires: Sun, 01 Jan 2023 01:27:00 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 152x228, components 3\012- data
Size:   8431
Md5:    2bc35808727b41464b828b412ea53952
Sha1:   33066f1074f86ca9b41a5a40e3c423a28ef24d60
Sha256: b9055e2fb340e723b1bdf41a9ede496e55de5ab446a95e46b96497aa91aa1516

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2021/09/dzNHbmjueaGGwS3Rwpb8AAWkHxc-152x228.jpg HTTP/1.1 
Host: 38.242.147.152
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://38.242.147.152/
Connection: keep-alive
Cookie: shield-notbot-nonce=39857c21e7

search
                                         38.242.147.152
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Dec 2022 01:27:00 GMT
Content-Length: 12151
Last-Modified: Fri, 14 Jan 2022 15:12:11 GMT
Connection: keep-alive
ETag: "61e192cb-2f77"
Expires: Sun, 01 Jan 2023 01:27:00 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 152x228, components 3\012- data
Size:   12151
Md5:    baedb26f811da66080e0f01f6ca7b8c6
Sha1:   cfd8ae0b3d74365fa7b6282c62180888f88c778b
Sha256: bf64c06c4fde3f165a6a92fa1c6e3763fc6eaae4a26b4af15b3d7168b6352375

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2021/10/qnyEik4vlhWH8jX1EAGoZRa5NJi-152x228.jpg HTTP/1.1 
Host: 38.242.147.152
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://38.242.147.152/
Connection: keep-alive
Cookie: shield-notbot-nonce=39857c21e7

search
                                         38.242.147.152
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Dec 2022 01:27:00 GMT
Content-Length: 8561
Last-Modified: Fri, 14 Jan 2022 15:12:09 GMT
Connection: keep-alive
ETag: "61e192c9-2171"
Expires: Sun, 01 Jan 2023 01:27:00 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 152x228, components 3\012- data
Size:   8561
Md5:    dd7c4e2ff924c16d14b08e32f5bd3b4b
Sha1:   647d02e51b26c69fe054e230e52cab3751f9d14d
Sha256: 0b7059118b13586cfc36211b8690496282c4d069e506f1da016832159c0c53cf

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2022/05/M2diAjJukAKvoyDL2dCejFOhuQ-170x255.jpg HTTP/1.1 
Host: 38.242.147.152
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://38.242.147.152/
Connection: keep-alive
Cookie: shield-notbot-nonce=39857c21e7

search
                                         38.242.147.152
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Dec 2022 01:27:00 GMT
Content-Length: 9174
Last-Modified: Wed, 25 May 2022 00:49:31 GMT
Connection: keep-alive
ETag: "628d7d1b-23d6"
Expires: Sun, 01 Jan 2023 01:27:00 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 170x255, components 3\012- data
Size:   9174
Md5:    87a9f23e6cbd7243c0e8091192fc71dc
Sha1:   adfd40c4f00a644067d87aeae58b686909e901ad
Sha256: 6a421d22bd41ca932c1e5377d2fae85ddca2ae94c8ca297d90e989306ff2a831

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2021/09/nAru8tj4RXbLzDL3r89QoVyP6FY-152x228.jpg HTTP/1.1 
Host: 38.242.147.152
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://38.242.147.152/
Connection: keep-alive
Cookie: shield-notbot-nonce=39857c21e7

search
                                         38.242.147.152
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Dec 2022 01:27:00 GMT
Content-Length: 10005
Last-Modified: Fri, 14 Jan 2022 15:12:10 GMT
Connection: keep-alive
ETag: "61e192ca-2715"
Expires: Sun, 01 Jan 2023 01:27:00 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 152x228, components 3\012- data
Size:   10005
Md5:    b9ab299a73ba211beb33087ce67aa0f9
Sha1:   b04f8d5353cc8a61f8fcb0b06b48cc6d9a3a1ca9
Sha256: 81849a54c9bf5b79c8743765d37862b398c8e8835749e6bb54ee32a49c42024d

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2021/09/live-with-my-ketos-4247f9-152x228.jpg HTTP/1.1 
Host: 38.242.147.152
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://38.242.147.152/
Connection: keep-alive
Cookie: shield-notbot-nonce=39857c21e7

search
                                         38.242.147.152
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Dec 2022 01:27:01 GMT
Content-Length: 13736
Last-Modified: Fri, 14 Jan 2022 15:12:20 GMT
Connection: keep-alive
ETag: "61e192d4-35a8"
Expires: Sun, 01 Jan 2023 01:27:01 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 152x228, components 3\012- data
Size:   13736
Md5:    fbc08ccbc51ea319b45c1d78182347e5
Sha1:   5f185105f12bde2d384a7957c232daae0b5c4a61
Sha256: 82256c3c236f08b136252f74c17a692d5e24ff07000007a5c42ade1b650d05d0

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2021/09/h2KVyiF5qYjOSQKbEw8ev0dUM5n-152x228.jpg HTTP/1.1 
Host: 38.242.147.152
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://38.242.147.152/
Connection: keep-alive
Cookie: shield-notbot-nonce=39857c21e7

search
                                         38.242.147.152
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Dec 2022 01:27:01 GMT
Content-Length: 7809
Last-Modified: Fri, 14 Jan 2022 15:12:11 GMT
Connection: keep-alive
ETag: "61e192cb-1e81"
Expires: Sun, 01 Jan 2023 01:27:01 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 152x228, components 3\012- data
Size:   7809
Md5:    2fafb74c251643ce98ab2bfe69950515
Sha1:   8cef2905d1c35dbbe2a9903b0694a3cabc09481d
Sha256: 60d2e553309d2a505f16a95a55dc7c0995d10317bbdd85fb593d69dacbe1d0fe

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2021/09/8yECMpsZ8wAvra4Sow6Bz9WOO5f-152x228.jpg HTTP/1.1 
Host: 38.242.147.152
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://38.242.147.152/
Connection: keep-alive
Cookie: shield-notbot-nonce=39857c21e7

search
                                         38.242.147.152
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Dec 2022 01:27:01 GMT
Content-Length: 9419
Last-Modified: Fri, 14 Jan 2022 15:12:10 GMT
Connection: keep-alive
ETag: "61e192ca-24cb"
Expires: Sun, 01 Jan 2023 01:27:01 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 152x228, components 3\012- data
Size:   9419
Md5:    2373ce77dbfffb8895b91b626da1148f
Sha1:   d26d938ccdd9efce3a13b86bd2d1abdae7c47369
Sha256: cc48bc07a5cfc9d8a91c8a886d68fccf05bff0408e248642f8ddbb52ad0eb464

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2022/07/6zltP23zLGPogsHZUazSrrwNuKs-170x255.jpg HTTP/1.1 
Host: 38.242.147.152
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://38.242.147.152/
Connection: keep-alive
Cookie: shield-notbot-nonce=39857c21e7

search
                                         38.242.147.152
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Dec 2022 01:27:01 GMT
Content-Length: 12635
Last-Modified: Wed, 13 Jul 2022 15:35:54 GMT
Connection: keep-alive
ETag: "62cee65a-315b"
Expires: Sun, 01 Jan 2023 01:27:01 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 170x255, components 3\012- data
Size:   12635
Md5:    f626c3ec555899a62505b8a8791baae7
Sha1:   8e3001c2412389485c6846b24fbae714d83f14cc
Sha256: e78371eba940a884512b1826747c21f5642df4f69f0f24865df6664a9fa2a64e

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2022/07/opTwqTgREzvP67ERVrqt0ApXbeV-170x255.jpg HTTP/1.1 
Host: 38.242.147.152
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://38.242.147.152/
Connection: keep-alive
Cookie: shield-notbot-nonce=39857c21e7

search
                                         38.242.147.152
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Dec 2022 01:27:01 GMT
Content-Length: 11190
Last-Modified: Wed, 13 Jul 2022 15:33:11 GMT
Connection: keep-alive
ETag: "62cee5b7-2bb6"
Expires: Sun, 01 Jan 2023 01:27:01 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 170x255, components 3\012- data
Size:   11190
Md5:    5d9a66f40fd75e0c7380f163662d2027
Sha1:   acd5e66a1535c0327292684f5864fff1d3c081d3
Sha256: 26ede6e66bf68fc36c7eac19c9644ae1918ab8b791fcff0c44e202fce21790f0

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2022/07/wKiOkZTN9lUUUNZLmtnwubZYONg-170x255.jpg HTTP/1.1 
Host: 38.242.147.152
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://38.242.147.152/
Connection: keep-alive
Cookie: shield-notbot-nonce=39857c21e7

search
                                         38.242.147.152
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Dec 2022 01:27:01 GMT
Content-Length: 17824
Last-Modified: Wed, 13 Jul 2022 15:23:43 GMT
Connection: keep-alive
ETag: "62cee37f-45a0"
Expires: Sun, 01 Jan 2023 01:27:01 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 170x255, components 3\012- data
Size:   17824
Md5:    bbfe169f54539b2ed34e74d0cbb7d863
Sha1:   edf66f206a6ab2afeda831bd4b68036e41531fb9
Sha256: e119d89a31d7be5021bd18d1efb1485deafb8f45360fee2ea5d951a75511a49a

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2022/05/6N6Rr1Y5wsi2KbTP4hFAP3hnWQE-170x255.jpg HTTP/1.1 
Host: 38.242.147.152
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://38.242.147.152/
Connection: keep-alive
Cookie: shield-notbot-nonce=39857c21e7

search
                                         38.242.147.152
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Dec 2022 01:27:01 GMT
Content-Length: 5243
Last-Modified: Wed, 25 May 2022 00:50:45 GMT
Connection: keep-alive
ETag: "628d7d65-147b"
Expires: Sun, 01 Jan 2023 01:27:01 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 170x255, components 3\012- data
Size:   5243
Md5:    ada46096a76d4db1ef517c1efb55c982
Sha1:   e0a1c8d295a383b7c9a6283fb46e6d6bc940a0dd
Sha256: 103b26c5f1550f89371e9ba2bb2e98c3dc0847f405b20d8dcfe8256bc4dcbb2a

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2022/05/kPsRQfoyYgcpbI6hvDQvUSCo0q3-170x255.jpg HTTP/1.1 
Host: 38.242.147.152
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://38.242.147.152/
Connection: keep-alive
Cookie: shield-notbot-nonce=39857c21e7

search
                                         38.242.147.152
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Dec 2022 01:27:01 GMT
Content-Length: 12550
Last-Modified: Wed, 25 May 2022 00:49:48 GMT
Connection: keep-alive
ETag: "628d7d2c-3106"
Expires: Sun, 01 Jan 2023 01:27:01 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 170x255, components 3\012- data
Size:   12550
Md5:    9d08f61ccab48e517aa4f07efc521efc
Sha1:   393f9e7b9dc7eb9b68dfef00b0c514765f95cfc3
Sha256: 855eb9b219664ad89306bfd3a010bfdf860d84bcaf71a90468a318f6ba1f987b

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2022/07/e3i8sjACOzE7wojqZhqIjBfnsk0-170x255.jpg HTTP/1.1 
Host: 38.242.147.152
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://38.242.147.152/
Connection: keep-alive
Cookie: shield-notbot-nonce=39857c21e7

search
                                         38.242.147.152
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Dec 2022 01:27:01 GMT
Content-Length: 8802
Last-Modified: Wed, 13 Jul 2022 15:43:44 GMT
Connection: keep-alive
ETag: "62cee830-2262"
Expires: Sun, 01 Jan 2023 01:27:01 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 170x255, components 3\012- data
Size:   8802
Md5:    707d671b9e0827948a7745a0bc334874
Sha1:   c23b23d0b3cffe3b0b0155a8106d0e800cd48dd3
Sha256: acaf2f40d2799ae7dedc765ef9de68b1d46e4b400b4904a0b30ace1179c5fedb

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2022/07/t0ASiM59ppdyUnloPhqn5OKgrko-152x228.jpg HTTP/1.1 
Host: 38.242.147.152
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://38.242.147.152/
Connection: keep-alive
Cookie: shield-notbot-nonce=39857c21e7

search
                                         38.242.147.152
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Dec 2022 01:27:01 GMT
Content-Length: 3208
Last-Modified: Sun, 10 Jul 2022 12:12:51 GMT
Connection: keep-alive
ETag: "62cac243-c88"
Expires: Sun, 01 Jan 2023 01:27:01 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 152x228, components 3\012- data
Size:   3208
Md5:    dd1b52ca16f5f7ca696570ca31432e3b
Sha1:   a52adfbb5f8f1a85b55c4a9916f13706f6440794
Sha256: e1f24dbf8104ed79da977dd601c012fd84d92250979b4c5bb68f52c09c18c7e9

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2022/07/djd9u7RSrbWAUxbepa0z8oHVmvi-152x228.jpg HTTP/1.1 
Host: 38.242.147.152
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://38.242.147.152/
Connection: keep-alive
Cookie: shield-notbot-nonce=39857c21e7

search
                                         38.242.147.152
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Dec 2022 01:27:01 GMT
Content-Length: 8171
Last-Modified: Sun, 10 Jul 2022 12:10:42 GMT
Connection: keep-alive
ETag: "62cac1c2-1feb"
Expires: Sun, 01 Jan 2023 01:27:01 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 152x228, components 3\012- data
Size:   8171
Md5:    4afda1ffab4048166debc1d4bf4a0c82
Sha1:   90f6f8135c34e8e3a60c9e36741bdd0e20266d38
Sha256: c0b1d9c527e8ceac117b9dc8601d63bafe52e512db0418a4f6ae35c7437c5c90

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2022/05/nc6RCGaavLeYpRgJ6N9puiyWZDW-170x255.jpg HTTP/1.1 
Host: 38.242.147.152
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://38.242.147.152/
Connection: keep-alive
Cookie: shield-notbot-nonce=39857c21e7

search
                                         38.242.147.152
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Dec 2022 01:27:01 GMT
Content-Length: 3427
Last-Modified: Wed, 25 May 2022 00:48:57 GMT
Connection: keep-alive
ETag: "628d7cf9-d63"
Expires: Sun, 01 Jan 2023 01:27:01 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 170x255, components 3\012- data
Size:   3427
Md5:    01ea13397082503ce8cd4dc15c3ef2ea
Sha1:   a630be0e85674b4dd16485b5494ced74697e1740
Sha256: 1d2c3c4c4e6366a54a533042e8e700a0e782adc618bf4cd8cf022475a5af5c6e

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2022/07/sJOfJuyQVZPwNQ8g21Qv0lojQhC-170x255.jpg HTTP/1.1 
Host: 38.242.147.152
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://38.242.147.152/
Connection: keep-alive
Cookie: shield-notbot-nonce=39857c21e7

search
                                         38.242.147.152
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Dec 2022 01:27:01 GMT
Content-Length: 11653
Last-Modified: Wed, 13 Jul 2022 15:37:13 GMT
Connection: keep-alive
ETag: "62cee6a9-2d85"
Expires: Sun, 01 Jan 2023 01:27:01 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 170x255, components 3\012- data
Size:   11653
Md5:    b0e0bf2407cab7de22c2acfec7c0f6f0
Sha1:   0a2ee246d30385a6c6545d2cbee3545a9294ad68
Sha256: 6dfe152355ea5cce54c2c70cb3d00cf05db3afa5c750b5c0f288a84230352f09

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2022/07/46Ab9aS5x9ZVhsbcQ3d5QjzfuBb-170x255.jpg HTTP/1.1 
Host: 38.242.147.152
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://38.242.147.152/
Connection: keep-alive
Cookie: shield-notbot-nonce=39857c21e7

search
                                         38.242.147.152
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Dec 2022 01:27:01 GMT
Content-Length: 10170
Last-Modified: Wed, 13 Jul 2022 15:31:48 GMT
Connection: keep-alive
ETag: "62cee564-27ba"
Expires: Sun, 01 Jan 2023 01:27:01 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 170x255, components 3\012- data
Size:   10170
Md5:    33d15daedc9991fa81b21ae95ae940fb
Sha1:   4b2a6dd67efa32e492b4994a16805f62d5c499fb
Sha256: c098b6fbafded302fd8cd4bfcdaf4cc5ec6f18aeae3428f3efe4e0f40b40302a

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2022/07/TUmSO5EPIZAfRSOEjmbrgbTw8i-152x228.jpg HTTP/1.1 
Host: 38.242.147.152
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://38.242.147.152/
Connection: keep-alive
Cookie: shield-notbot-nonce=39857c21e7

search
                                         38.242.147.152
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Dec 2022 01:27:01 GMT
Content-Length: 8988
Last-Modified: Thu, 07 Jul 2022 05:48:20 GMT
Connection: keep-alive
ETag: "62c673a4-231c"
Expires: Sun, 01 Jan 2023 01:27:01 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 152x228, components 3\012- data
Size:   8988
Md5:    60226ca9f82ccd24040cb8aa2220bbd9
Sha1:   ad386a7f0beaf20e9f2f9bcf0623f0a34bfa62a1
Sha256: 62d74c61edde558860ed86f560e28b84c34246e3c715f67134e2887924c3a4c9

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2022/07/9pCoqX24a6rE981fY1O3PmhiwrB-152x228.jpg HTTP/1.1 
Host: 38.242.147.152
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://38.242.147.152/
Connection: keep-alive
Cookie: shield-notbot-nonce=39857c21e7

search
                                         38.242.147.152
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Dec 2022 01:27:01 GMT
Content-Length: 8774
Last-Modified: Wed, 06 Jul 2022 05:39:13 GMT
Connection: keep-alive
ETag: "62c52001-2246"
Expires: Sun, 01 Jan 2023 01:27:01 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 152x228, components 3\012- data
Size:   8774
Md5:    44a2ba810aa8aa5c24bf1af66c3a0b45
Sha1:   23f0dbbca9a587088118147d89368de712fb1d7c
Sha256: f6e2e6d17719e0d07542e6c5e1919583453ebe42772baa193bb3d04abd16ef22

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2022/07/9Zfv4Ap1e8eKOYnZPtYaWhLkk0d-170x255.jpg HTTP/1.1 
Host: 38.242.147.152
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://38.242.147.152/
Connection: keep-alive
Cookie: shield-notbot-nonce=39857c21e7

search
                                         38.242.147.152
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Dec 2022 01:27:01 GMT
Content-Length: 10150
Last-Modified: Wed, 13 Jul 2022 15:30:17 GMT
Connection: keep-alive
ETag: "62cee509-27a6"
Expires: Sun, 01 Jan 2023 01:27:01 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 170x255, components 3\012- data
Size:   10150
Md5:    05d1fd8ce141742f4711ffe8e9bc1f12
Sha1:   095bd3a17c07feda1cf43a98b0065c9716e544ad
Sha256: 310b7fcc1d4efb84636047c42a17d5014c94a45bdde773cee933e25c690e46c5

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2022/07/01nonton-logo-3-2.png HTTP/1.1 
Host: 38.242.147.152
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://38.242.147.152/
Connection: keep-alive
Cookie: shield-notbot-nonce=39857c21e7

search
                                         38.242.147.152
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 02 Dec 2022 01:27:01 GMT
Content-Length: 14137
Last-Modified: Sun, 17 Jul 2022 04:16:14 GMT
Connection: keep-alive
ETag: "62d38d0e-3739"
Expires: Sun, 01 Jan 2023 01:27:01 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 467 x 101, 8-bit colormap, non-interlaced\012- data
Size:   14137
Md5:    c9c3e0dec3ec2be18dad4633b6939ae4
Sha1:   f8e91a2fa5da7cccce2c919961726379e03f8924
Sha256: 32daa0d0d9e8d32a39f20b87e5a9ea0902fd42ef15eff03f3feb06a19076c629

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /releases/v5.0.8/webfonts/fa-solid-900.woff2 HTTP/1.1 
Host: use.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://38.242.147.152
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         172.64.133.15
HTTP/2 200 OK
content-type: font/woff2
                                        
date: Fri, 02 Dec 2022 01:27:01 GMT
content-length: 40148
x-amz-id-2: x5nJsTjiskkLANej7WxokVVj6wMCTyUA5+jIIFo3dXvxXQRRGFA7HWchH+7ctfRuMcpJzZBFVwA=
x-amz-request-id: JRKYHB10EBWP0D6P
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:28:16 GMT
etag: "0ab54153eeeca0ce03978cc463b257f7"
cache-control: max-age=31556926
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=77TZyqK3DjWNeE7YiVvifG%2BUvdZU9Pq1DXfvXA4m4%2BRNGKbjJ1T3jioqOZfGdA%2Fg%2BK5mEo1bLSZkH9uNq%2FrCtT5YZlcAzcZApJIY0fgnLHOuFYz5QxzhsRgA6v3%2Fa4UtXL9e%2BbRV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773047166822d170-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 40148, version 1.0\012- data
Size:   40148
Md5:    0ab54153eeeca0ce03978cc463b257f7
Sha1:   6ec6d36cb2464b4e821cfabb532f310bd342601c
Sha256: 434466b59545a8a1cac6ddb38197cdc6b35995a98c3f3812fb88d61b1c300dd3
                                        
                                            GET /wp-content/uploads/2022/08/1080x90-new.gif HTTP/1.1 
Host: 38.242.147.152
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://38.242.147.152/
Connection: keep-alive
Cookie: shield-notbot-nonce=39857c21e7

search
                                         38.242.147.152
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Fri, 02 Dec 2022 01:27:01 GMT
Content-Length: 613218
Last-Modified: Wed, 03 Aug 2022 12:57:17 GMT
Connection: keep-alive
ETag: "62ea70ad-95b62"
Expires: Sun, 01 Jan 2023 01:27:01 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 1080 x 90\012- data
Size:   613218
Md5:    65f04122320a99a6d70fcfe7e94549c7
Sha1:   5c2125fefcc349d468a98ff2276437207c2550e7
Sha256: 3fd688306986549d8e304d29772f1d55fcc82bb8f3e9ca7aa3ddb137ff5b354e

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2022/07/cropped-cropped-favicon-5.png HTTP/1.1 
Host: 38.242.147.152
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://38.242.147.152/
Connection: keep-alive
Cookie: shield-notbot-nonce=39857c21e7

search
                                         38.242.147.152
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 02 Dec 2022 01:27:01 GMT
Content-Length: 31871
Last-Modified: Sun, 17 Jul 2022 04:16:37 GMT
Connection: keep-alive
ETag: "62d38d25-7c7f"
Expires: Sun, 01 Jan 2023 01:27:01 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Size:   31871
Md5:    0bb73fa8aa493a6e98f84c791df93b06
Sha1:   4eb3fe85310198205730e6612f807e075474b9ec
Sha256: 652bd1299a4c291745086509dd15d392fe654867353064cbd027c14514e75f84

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2022/07/cropped-cropped-favicon-5-60x60.png HTTP/1.1 
Host: 38.242.147.152
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://38.242.147.152/
Connection: keep-alive
Cookie: shield-notbot-nonce=39857c21e7

search
                                         38.242.147.152
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 02 Dec 2022 01:27:01 GMT
Content-Length: 3596
Last-Modified: Sun, 17 Jul 2022 04:16:37 GMT
Connection: keep-alive
ETag: "62d38d25-e0c"
Expires: Sun, 01 Jan 2023 01:27:01 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Size:   3596
Md5:    faed8f9b42264e7e8052b4d4723080d1
Sha1:   e359e06c72a86169823e918de360ac003218b6cb
Sha256: 5e24e76119cd071cd4e9b75299ece63f3db8b49934b6d86d311ba18da50fb8e5

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.242.147.152/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.110
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 02 Dec 2022 00:41:08 GMT
expires: Fri, 02 Dec 2022 02:41:08 GMT
cache-control: public, max-age=7200
age: 2753
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20039
Md5:    47e6f374ca946fddd5b59871b325736c
Sha1:   baa9282efc8785e84d247c3bff518eaa45f101c4
Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
                                        
                                            GET /js15_as.js HTTP/1.1 
Host: s10.histats.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://38.242.147.152/

search
                                         46.105.201.240
HTTP/1.1 200 OK
content-type: application/javascript; charset=UTF-8
                                        
date: Fri, 02 Dec 2022 01:17:51 GMT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 663028038
etag: W/"-375139978"
content-encoding: gzip
vary: Accept-Encoding
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4547
x-iplb-request-id: 5B5A2A9A:1084_2E69C9F0:0050_63895465_118F:15B94
x-iplb-instance: 42476


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (11440), with no line terminators
Size:   4547
Md5:    2b153cb2287eac49566b32fce9c385f8
Sha1:   206074b038daff8bc66d86bca0c5ff35f9f72655
Sha256: 7398435bd3f0dae8206173dd66954ae029dc8787962d5f089bcb548f53409869
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4053
Cache-Control: max-age=170626
Date: Fri, 02 Dec 2022 01:27:01 GMT
Etag: "63893c12-1d7"
Expires: Sun, 04 Dec 2022 00:50:47 GMT
Last-Modified: Thu, 01 Dec 2022 23:43:14 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /en_US/fbevents.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.242.147.152/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         157.240.240.1
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: gzip
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: Mwl6XNtDBdPLaC7nA8avXiKrQeOIU7Wyfk1UqFJO8tsZ7qQ97Mq+0rQhNgErN4TUeVsxXeAWKfHuGOyovQEgRQ==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 1679558926
date: Fri, 02 Dec 2022 01:27:01 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (64348)
Size:   27340
Md5:    44ecaa3c2a4929a40141edc4540aaf84
Sha1:   f29a573182333b2500d41bfc389d6c5232dfb348
Sha256: 6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4053
Cache-Control: max-age=170626
Date: Fri, 02 Dec 2022 01:27:01 GMT
Etag: "63893c12-1d7"
Expires: Sun, 04 Dec 2022 00:50:47 GMT
Last-Modified: Thu, 01 Dec 2022 23:43:14 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /wp-admin/admin-ajax.php HTTP/1.1 
Host: 38.242.147.152
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://38.242.147.152/
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Origin: http://38.242.147.152
Content-Length: 74
Connection: keep-alive
Cookie: shield-notbot-nonce=39857c21e7

search
                                         38.242.147.152
HTTP/1.1 200 OK
Content-Type: application/json; charset=UTF-8
                                        
Server: nginx
Date: Fri, 02 Dec 2022 01:27:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: http://38.242.147.152
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
X-Frame-Options: SAMEORIGIN
Set-Cookie: shield-notbot-nonce=39857c21e7; expires=Fri, 02-Dec-2022 01:27:16 GMT; Max-Age=15; path=/ icwp-wpsf-notbot=1669944721zbe806de788e7b0cba06fcd84bc7c1a360c97a1c1; expires=Fri, 02-Dec-2022 01:32:01 GMT; Max-Age=299; path=/
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   118
Md5:    fc6dc47986c0626ea2b3765c10a7a2cd
Sha1:   0237ce3b5740015f6fe931a16c1b717ff162505a
Sha256: 0be695c6592e29b8021f9dcdb54373d41d4686a5c85cd9df78570caea5e92657

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /tr/?id=478941129677174&ev=PageView&dl=http%3A%2F%2F38.242.147.152%2F&rl=&if=false&ts=1669944422251&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=28&it=1669944420651&coo=false&rqm=GET HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.242.147.152/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         157.240.240.35
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 02 Dec 2022 01:27:04 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /stats/0.php?4617300&@f16&@g1&@h1&@i1&@j1669944419817&@k0&@l1&@m01Nonton%20-%20Nonton%20Movie21%20IndoXXI%20Rebahin%20Dunia21%20Layarkaca21&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-156108499&@b3:1669944420&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2F38.242.147.152%2F&@w HTTP/1.1 
Host: s4.histats.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.242.147.152/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         149.56.240.131
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Date: Fri, 02 Dec 2022 01:27:05 GMT
Content-Length: 51
Connection: close


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   51
Md5:    17e4b248b7d94c79ef9c1b846a2f8da0
Sha1:   f81cd0f72d775b63fc48d41cfc507f30815a5d35
Sha256: b2a764e45b7d776a0b91ac82b9dadb3c8fa8ca3a270536525ca833be4cb27c06
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "03868B05980B9226076348AAF022333113570BEAEB7A2C136DC1D28D107E4EE4"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8661
Expires: Fri, 02 Dec 2022 03:51:26 GMT
Date: Fri, 02 Dec 2022 01:27:05 GMT
Connection: keep-alive

                                        
                                            GET /stats/0.php?4617300&@f16&@g1&@h1&@i1&@j1669944419817&@k0&@l1&@m01Nonton%20-%20Nonton%20Movie21%20IndoXXI%20Rebahin%20Dunia21%20Layarkaca21&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-110852940&@b3:1669944420&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2F38.242.147.152%2F&@w HTTP/1.1 
Host: s4.histats.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.242.147.152/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         149.56.240.131
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Date: Fri, 02 Dec 2022 01:27:05 GMT
Content-Length: 51
Connection: close


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   51
Md5:    17e4b248b7d94c79ef9c1b846a2f8da0
Sha1:   f81cd0f72d775b63fc48d41cfc507f30815a5d35
Sha256: b2a764e45b7d776a0b91ac82b9dadb3c8fa8ca3a270536525ca833be4cb27c06
                                        
                                            GET /stats/0.php?4617300&@f16&@g1&@h1&@i1&@j1669944419817&@k0&@l1&@m01Nonton%20-%20Nonton%20Movie21%20IndoXXI%20Rebahin%20Dunia21%20Layarkaca21&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-63171581&@b3:1669944420&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2F38.242.147.152%2F&@w HTTP/1.1 
Host: s4.histats.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.242.147.152/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         149.56.240.131
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Date: Fri, 02 Dec 2022 01:27:05 GMT
Content-Length: 51
Connection: close


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   51
Md5:    17e4b248b7d94c79ef9c1b846a2f8da0
Sha1:   f81cd0f72d775b63fc48d41cfc507f30815a5d35
Sha256: b2a764e45b7d776a0b91ac82b9dadb3c8fa8ca3a270536525ca833be4cb27c06
                                        
                                            GET /stats/0.php?4617300&@f16&@g1&@h1&@i1&@j1669944419817&@k0&@l1&@m01Nonton%20-%20Nonton%20Movie21%20IndoXXI%20Rebahin%20Dunia21%20Layarkaca21&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-114709046&@b3:1669944420&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2F38.242.147.152%2F&@w HTTP/1.1 
Host: s4.histats.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.242.147.152/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         149.56.240.131
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Date: Fri, 02 Dec 2022 01:27:05 GMT
Content-Length: 51
Connection: close


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   51
Md5:    17e4b248b7d94c79ef9c1b846a2f8da0
Sha1:   f81cd0f72d775b63fc48d41cfc507f30815a5d35
Sha256: b2a764e45b7d776a0b91ac82b9dadb3c8fa8ca3a270536525ca833be4cb27c06
                                        
                                            GET /stats/0.php?4617300&@f16&@g1&@h1&@i1&@j1669944419817&@k0&@l1&@m01Nonton%20-%20Nonton%20Movie21%20IndoXXI%20Rebahin%20Dunia21%20Layarkaca21&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:41083445&@b3:1669944420&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2F38.242.147.152%2F&@w HTTP/1.1 
Host: s4.histats.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.242.147.152/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         149.56.240.131
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Date: Fri, 02 Dec 2022 01:27:05 GMT
Content-Length: 51
Connection: close


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   51
Md5:    17e4b248b7d94c79ef9c1b846a2f8da0
Sha1:   f81cd0f72d775b63fc48d41cfc507f30815a5d35
Sha256: b2a764e45b7d776a0b91ac82b9dadb3c8fa8ca3a270536525ca833be4cb27c06
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "03868B05980B9226076348AAF022333113570BEAEB7A2C136DC1D28D107E4EE4"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8661
Expires: Fri, 02 Dec 2022 03:51:26 GMT
Date: Fri, 02 Dec 2022 01:27:05 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "03868B05980B9226076348AAF022333113570BEAEB7A2C136DC1D28D107E4EE4"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8661
Expires: Fri, 02 Dec 2022 03:51:26 GMT
Date: Fri, 02 Dec 2022 01:27:05 GMT
Connection: keep-alive

                                        
                                            GET /stats/0.php?4617300&@f16&@g1&@h1&@i1&@j1669944419817&@k0&@l1&@m01Nonton%20-%20Nonton%20Movie21%20IndoXXI%20Rebahin%20Dunia21%20Layarkaca21&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-43445529&@b3:1669944420&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2F38.242.147.152%2F&@w HTTP/1.1 
Host: s4.histats.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.242.147.152/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         149.56.240.131
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Date: Fri, 02 Dec 2022 01:27:05 GMT
Content-Length: 51
Connection: close


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   51
Md5:    17e4b248b7d94c79ef9c1b846a2f8da0
Sha1:   f81cd0f72d775b63fc48d41cfc507f30815a5d35
Sha256: b2a764e45b7d776a0b91ac82b9dadb3c8fa8ca3a270536525ca833be4cb27c06
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "03868B05980B9226076348AAF022333113570BEAEB7A2C136DC1D28D107E4EE4"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8661
Expires: Fri, 02 Dec 2022 03:51:26 GMT
Date: Fri, 02 Dec 2022 01:27:05 GMT
Connection: keep-alive

                                        
                                            GET /stats/0.php?4617300&@f16&@g1&@h1&@i1&@j1669944419817&@k0&@l1&@m01Nonton%20-%20Nonton%20Movie21%20IndoXXI%20Rebahin%20Dunia21%20Layarkaca21&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:86918376&@b3:1669944420&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2F38.242.147.152%2F&@w HTTP/1.1 
Host: s4.histats.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.242.147.152/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         149.56.240.131
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Date: Fri, 02 Dec 2022 01:27:05 GMT
Content-Length: 51
Connection: close


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   51
Md5:    17e4b248b7d94c79ef9c1b846a2f8da0
Sha1:   f81cd0f72d775b63fc48d41cfc507f30815a5d35
Sha256: b2a764e45b7d776a0b91ac82b9dadb3c8fa8ca3a270536525ca833be4cb27c06
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "03868B05980B9226076348AAF022333113570BEAEB7A2C136DC1D28D107E4EE4"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8661
Expires: Fri, 02 Dec 2022 03:51:26 GMT
Date: Fri, 02 Dec 2022 01:27:05 GMT
Connection: keep-alive

                                        
                                            GET /stats/0.php?4617300&@f16&@g1&@h1&@i1&@j1669944419817&@k0&@l1&@m01Nonton%20-%20Nonton%20Movie21%20IndoXXI%20Rebahin%20Dunia21%20Layarkaca21&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-191096784&@b3:1669944420&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2F38.242.147.152%2F&@w HTTP/1.1 
Host: s4.histats.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.242.147.152/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         149.56.240.131
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Date: Fri, 02 Dec 2022 01:27:05 GMT
Content-Length: 51
Connection: close


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   51
Md5:    17e4b248b7d94c79ef9c1b846a2f8da0
Sha1:   f81cd0f72d775b63fc48d41cfc507f30815a5d35
Sha256: b2a764e45b7d776a0b91ac82b9dadb3c8fa8ca3a270536525ca833be4cb27c06
                                        
                                            GET /stats/0.php?4617300&@f16&@g1&@h1&@i1&@j1669944419817&@k0&@l1&@m01Nonton%20-%20Nonton%20Movie21%20IndoXXI%20Rebahin%20Dunia21%20Layarkaca21&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:147541295&@b3:1669944420&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2F38.242.147.152%2F&@w HTTP/1.1 
Host: s4.histats.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.242.147.152/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         149.56.240.131
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Date: Fri, 02 Dec 2022 01:27:05 GMT
Content-Length: 51
Connection: close


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   51
Md5:    17e4b248b7d94c79ef9c1b846a2f8da0
Sha1:   f81cd0f72d775b63fc48d41cfc507f30815a5d35
Sha256: b2a764e45b7d776a0b91ac82b9dadb3c8fa8ca3a270536525ca833be4cb27c06
                                        
                                            GET /stats/0.php?4617300&@f16&@g1&@h1&@i1&@j1669944419817&@k0&@l1&@m01Nonton%20-%20Nonton%20Movie21%20IndoXXI%20Rebahin%20Dunia21%20Layarkaca21&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-22022410&@b3:1669944420&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2F38.242.147.152%2F&@w HTTP/1.1 
Host: s4.histats.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.242.147.152/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         149.56.240.131
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Date: Fri, 02 Dec 2022 01:27:05 GMT
Content-Length: 51
Connection: close


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   51
Md5:    17e4b248b7d94c79ef9c1b846a2f8da0
Sha1:   f81cd0f72d775b63fc48d41cfc507f30815a5d35
Sha256: b2a764e45b7d776a0b91ac82b9dadb3c8fa8ca3a270536525ca833be4cb27c06
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Dec 2022 01:27:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /stats/0.php?4617300&@f16&@g1&@h1&@i1&@j1669944419817&@k0&@l1&@m01Nonton%20-%20Nonton%20Movie21%20IndoXXI%20Rebahin%20Dunia21%20Layarkaca21&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-179802928&@b3:1669944420&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2F38.242.147.152%2F&@w HTTP/1.1 
Host: s4.histats.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.242.147.152/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         149.56.240.131
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Date: Fri, 02 Dec 2022 01:27:05 GMT
Content-Length: 51
Connection: close


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   51
Md5:    17e4b248b7d94c79ef9c1b846a2f8da0
Sha1:   f81cd0f72d775b63fc48d41cfc507f30815a5d35
Sha256: b2a764e45b7d776a0b91ac82b9dadb3c8fa8ca3a270536525ca833be4cb27c06
                                        
                                            GET /stats/0.php?4617300&@f16&@g1&@h1&@i1&@j1669944419817&@k0&@l1&@m01Nonton%20-%20Nonton%20Movie21%20IndoXXI%20Rebahin%20Dunia21%20Layarkaca21&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:56879299&@b3:1669944420&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2F38.242.147.152%2F&@w HTTP/1.1 
Host: s4.histats.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.242.147.152/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         149.56.240.131
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Date: Fri, 02 Dec 2022 01:27:05 GMT
Content-Length: 51
Connection: close


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   51
Md5:    17e4b248b7d94c79ef9c1b846a2f8da0
Sha1:   f81cd0f72d775b63fc48d41cfc507f30815a5d35
Sha256: b2a764e45b7d776a0b91ac82b9dadb3c8fa8ca3a270536525ca833be4cb27c06
                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-173369819-1&cid=151425580.1669944420&jid=1209753656&gjid=789149694&_gid=1717096631.1669944420&_u=YEBAAUAAAAAAACAAI~&z=156603684 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://38.242.147.152
Connection: keep-alive
Referer: http://38.242.147.152/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         108.177.14.157
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: http://38.242.147.152
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 02 Dec 2022 01:27:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    c4ca4238a0b923820dcc509a6f75849b
Sha1:   356a192b7913b04c54574d18c28d46e6395428ab
Sha256: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
                                        
                                            GET /stats/0.php?4617300&@f16&@g1&@h1&@i1&@j1669944419817&@k0&@l1&@m01Nonton%20-%20Nonton%20Movie21%20IndoXXI%20Rebahin%20Dunia21%20Layarkaca21&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:104136724&@b3:1669944420&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2F38.242.147.152%2F&@w HTTP/1.1 
Host: s4.histats.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.242.147.152/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         149.56.240.131
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Date: Fri, 02 Dec 2022 01:27:05 GMT
Content-Length: 51
Connection: close


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   51
Md5:    17e4b248b7d94c79ef9c1b846a2f8da0
Sha1:   f81cd0f72d775b63fc48d41cfc507f30815a5d35
Sha256: b2a764e45b7d776a0b91ac82b9dadb3c8fa8ca3a270536525ca833be4cb27c06
                                        
                                            GET /stats/0.php?4617300&@f16&@g1&@h1&@i1&@j1669944419817&@k0&@l1&@m01Nonton%20-%20Nonton%20Movie21%20IndoXXI%20Rebahin%20Dunia21%20Layarkaca21&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:41777120&@b3:1669944420&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2F38.242.147.152%2F&@w HTTP/1.1 
Host: s4.histats.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.242.147.152/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         149.56.240.131
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Date: Fri, 02 Dec 2022 01:27:05 GMT
Content-Length: 51
Connection: close


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   51
Md5:    17e4b248b7d94c79ef9c1b846a2f8da0
Sha1:   f81cd0f72d775b63fc48d41cfc507f30815a5d35
Sha256: b2a764e45b7d776a0b91ac82b9dadb3c8fa8ca3a270536525ca833be4cb27c06
                                        
                                            GET /stats/0.php?4617300&@f16&@g1&@h1&@i1&@j1669944419817&@k0&@l1&@m01Nonton%20-%20Nonton%20Movie21%20IndoXXI%20Rebahin%20Dunia21%20Layarkaca21&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-100176159&@b3:1669944420&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2F38.242.147.152%2F&@w HTTP/1.1 
Host: s4.histats.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.242.147.152/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         149.56.240.131
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Date: Fri, 02 Dec 2022 01:27:05 GMT
Content-Length: 51
Connection: close


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   51
Md5:    17e4b248b7d94c79ef9c1b846a2f8da0
Sha1:   f81cd0f72d775b63fc48d41cfc507f30815a5d35
Sha256: b2a764e45b7d776a0b91ac82b9dadb3c8fa8ca3a270536525ca833be4cb27c06
                                        
                                            GET /stats/0.php?4617300&@f16&@g1&@h1&@i1&@j1669944419817&@k0&@l1&@m01Nonton%20-%20Nonton%20Movie21%20IndoXXI%20Rebahin%20Dunia21%20Layarkaca21&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-132743915&@b3:1669944420&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2F38.242.147.152%2F&@w HTTP/1.1 
Host: s4.histats.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.242.147.152/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         149.56.240.131
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Date: Fri, 02 Dec 2022 01:27:05 GMT
Content-Length: 51
Connection: close


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   51
Md5:    17e4b248b7d94c79ef9c1b846a2f8da0
Sha1:   f81cd0f72d775b63fc48d41cfc507f30815a5d35
Sha256: b2a764e45b7d776a0b91ac82b9dadb3c8fa8ca3a270536525ca833be4cb27c06
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Dec 2022 01:27:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /stats/0.php?4617300&@f16&@g1&@h1&@i1&@j1669944419817&@k0&@l1&@m01Nonton%20-%20Nonton%20Movie21%20IndoXXI%20Rebahin%20Dunia21%20Layarkaca21&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-109379755&@b3:1669944420&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2F38.242.147.152%2F&@w HTTP/1.1 
Host: s4.histats.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.242.147.152/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         149.56.240.131
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Date: Fri, 02 Dec 2022 01:27:05 GMT
Content-Length: 51
Connection: close


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   51
Md5:    17e4b248b7d94c79ef9c1b846a2f8da0
Sha1:   f81cd0f72d775b63fc48d41cfc507f30815a5d35
Sha256: b2a764e45b7d776a0b91ac82b9dadb3c8fa8ca3a270536525ca833be4cb27c06
                                        
                                            GET /stats/0.php?4617300&@f16&@g1&@h1&@i1&@j1669944419817&@k0&@l1&@m01Nonton%20-%20Nonton%20Movie21%20IndoXXI%20Rebahin%20Dunia21%20Layarkaca21&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-84636145&@b3:1669944420&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2F38.242.147.152%2F&@w HTTP/1.1 
Host: s4.histats.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.242.147.152/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         149.56.240.131
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Date: Fri, 02 Dec 2022 01:27:05 GMT
Content-Length: 51
Connection: close


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   51
Md5:    17e4b248b7d94c79ef9c1b846a2f8da0
Sha1:   f81cd0f72d775b63fc48d41cfc507f30815a5d35
Sha256: b2a764e45b7d776a0b91ac82b9dadb3c8fa8ca3a270536525ca833be4cb27c06
                                        
                                            GET /stats/0.php?4617300&@f16&@g1&@h1&@i1&@j1669944419817&@k0&@l1&@m01Nonton%20-%20Nonton%20Movie21%20IndoXXI%20Rebahin%20Dunia21%20Layarkaca21&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-7086560&@b3:1669944420&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2F38.242.147.152%2F&@w HTTP/1.1 
Host: s4.histats.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.242.147.152/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         149.56.240.131
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Date: Fri, 02 Dec 2022 01:27:05 GMT
Content-Length: 51
Connection: close


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   51
Md5:    17e4b248b7d94c79ef9c1b846a2f8da0
Sha1:   f81cd0f72d775b63fc48d41cfc507f30815a5d35
Sha256: b2a764e45b7d776a0b91ac82b9dadb3c8fa8ca3a270536525ca833be4cb27c06
                                        
                                            GET /stats/0.php?4617300&@f16&@g1&@h1&@i1&@j1669944419817&@k0&@l1&@m01Nonton%20-%20Nonton%20Movie21%20IndoXXI%20Rebahin%20Dunia21%20Layarkaca21&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:166841658&@b3:1669944420&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2F38.242.147.152%2F&@w HTTP/1.1 
Host: s4.histats.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.242.147.152/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         149.56.240.131
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Date: Fri, 02 Dec 2022 01:27:05 GMT
Content-Length: 51
Connection: close


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   51
Md5:    17e4b248b7d94c79ef9c1b846a2f8da0
Sha1:   f81cd0f72d775b63fc48d41cfc507f30815a5d35
Sha256: b2a764e45b7d776a0b91ac82b9dadb3c8fa8ca3a270536525ca833be4cb27c06
                                        
                                            GET /stats/0.php?4617300&@f16&@g1&@h1&@i1&@j1669944419817&@k0&@l1&@m01Nonton%20-%20Nonton%20Movie21%20IndoXXI%20Rebahin%20Dunia21%20Layarkaca21&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-62560529&@b3:1669944420&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2F38.242.147.152%2F&@w HTTP/1.1 
Host: s4.histats.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.242.147.152/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         149.56.240.131
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Date: Fri, 02 Dec 2022 01:27:05 GMT
Content-Length: 51
Connection: close


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   51
Md5:    17e4b248b7d94c79ef9c1b846a2f8da0
Sha1:   f81cd0f72d775b63fc48d41cfc507f30815a5d35
Sha256: b2a764e45b7d776a0b91ac82b9dadb3c8fa8ca3a270536525ca833be4cb27c06
                                        
                                            GET /stats/0.php?4617300&@f16&@g1&@h1&@i1&@j1669944419817&@k0&@l1&@m01Nonton%20-%20Nonton%20Movie21%20IndoXXI%20Rebahin%20Dunia21%20Layarkaca21&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-195077382&@b3:1669944420&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2F38.242.147.152%2F&@w HTTP/1.1 
Host: s4.histats.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.242.147.152/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         149.56.240.131
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Date: Fri, 02 Dec 2022 01:27:05 GMT
Content-Length: 51
Connection: close


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   51
Md5:    17e4b248b7d94c79ef9c1b846a2f8da0
Sha1:   f81cd0f72d775b63fc48d41cfc507f30815a5d35
Sha256: b2a764e45b7d776a0b91ac82b9dadb3c8fa8ca3a270536525ca833be4cb27c06
                                        
                                            GET /stats/0.php?4617300&@f16&@g1&@h1&@i1&@j1669944419817&@k0&@l1&@m01Nonton%20-%20Nonton%20Movie21%20IndoXXI%20Rebahin%20Dunia21%20Layarkaca21&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-17998880&@b3:1669944420&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2F38.242.147.152%2F&@w HTTP/1.1 
Host: s4.histats.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.242.147.152/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         149.56.240.131
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Date: Fri, 02 Dec 2022 01:27:05 GMT
Content-Length: 51
Connection: close


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   51
Md5:    17e4b248b7d94c79ef9c1b846a2f8da0
Sha1:   f81cd0f72d775b63fc48d41cfc507f30815a5d35
Sha256: b2a764e45b7d776a0b91ac82b9dadb3c8fa8ca3a270536525ca833be4cb27c06
                                        
                                            GET /stats/0.php?4617300&@f16&@g1&@h1&@i1&@j1669944419817&@k0&@l1&@m01Nonton%20-%20Nonton%20Movie21%20IndoXXI%20Rebahin%20Dunia21%20Layarkaca21&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-182803186&@b3:1669944420&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2F38.242.147.152%2F&@w HTTP/1.1 
Host: s4.histats.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.242.147.152/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         149.56.240.131
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Date: Fri, 02 Dec 2022 01:27:05 GMT
Content-Length: 51
Connection: close


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   51
Md5:    17e4b248b7d94c79ef9c1b846a2f8da0
Sha1:   f81cd0f72d775b63fc48d41cfc507f30815a5d35
Sha256: b2a764e45b7d776a0b91ac82b9dadb3c8fa8ca3a270536525ca833be4cb27c06
                                        
                                            GET /stats/0.php?4617300&@f16&@g1&@h1&@i1&@j1669944419817&@k0&@l1&@m01Nonton%20-%20Nonton%20Movie21%20IndoXXI%20Rebahin%20Dunia21%20Layarkaca21&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-122677654&@b3:1669944420&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2F38.242.147.152%2F&@w HTTP/1.1 
Host: s4.histats.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.242.147.152/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         149.56.240.131
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Date: Fri, 02 Dec 2022 01:27:06 GMT
Content-Length: 51
Connection: close


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   51
Md5:    17e4b248b7d94c79ef9c1b846a2f8da0
Sha1:   f81cd0f72d775b63fc48d41cfc507f30815a5d35
Sha256: b2a764e45b7d776a0b91ac82b9dadb3c8fa8ca3a270536525ca833be4cb27c06
                                        
                                            GET /stats/0.php?4617300&@f16&@g1&@h1&@i1&@j1669944419817&@k0&@l1&@m01Nonton%20-%20Nonton%20Movie21%20IndoXXI%20Rebahin%20Dunia21%20Layarkaca21&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-129847586&@b3:1669944420&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2F38.242.147.152%2F&@w HTTP/1.1 
Host: s4.histats.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.242.147.152/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         149.56.240.131
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Date: Fri, 02 Dec 2022 01:27:06 GMT
Content-Length: 51
Connection: close


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   51
Md5:    17e4b248b7d94c79ef9c1b846a2f8da0
Sha1:   f81cd0f72d775b63fc48d41cfc507f30815a5d35
Sha256: b2a764e45b7d776a0b91ac82b9dadb3c8fa8ca3a270536525ca833be4cb27c06
                                        
                                            GET /stats/0.php?4617300&@f16&@g1&@h1&@i1&@j1669944419817&@k0&@l1&@m01Nonton%20-%20Nonton%20Movie21%20IndoXXI%20Rebahin%20Dunia21%20Layarkaca21&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-8574061&@b3:1669944420&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2F38.242.147.152%2F&@w HTTP/1.1 
Host: s4.histats.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.242.147.152/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         149.56.240.131
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Date: Fri, 02 Dec 2022 01:27:06 GMT
Content-Length: 51
Connection: close


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   51
Md5:    17e4b248b7d94c79ef9c1b846a2f8da0
Sha1:   f81cd0f72d775b63fc48d41cfc507f30815a5d35
Sha256: b2a764e45b7d776a0b91ac82b9dadb3c8fa8ca3a270536525ca833be4cb27c06
                                        
                                            GET /stats/0.php?4617300&@f16&@g1&@h1&@i1&@j1669944419817&@k0&@l1&@m01Nonton%20-%20Nonton%20Movie21%20IndoXXI%20Rebahin%20Dunia21%20Layarkaca21&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-52000019&@b3:1669944420&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2F38.242.147.152%2F&@w HTTP/1.1 
Host: s4.histats.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.242.147.152/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         149.56.240.131
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Date: Fri, 02 Dec 2022 01:27:06 GMT
Content-Length: 51
Connection: close


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   51
Md5:    17e4b248b7d94c79ef9c1b846a2f8da0
Sha1:   f81cd0f72d775b63fc48d41cfc507f30815a5d35
Sha256: b2a764e45b7d776a0b91ac82b9dadb3c8fa8ca3a270536525ca833be4cb27c06
                                        
                                            GET /stats/0.php?4617300&@f16&@g1&@h1&@i1&@j1669944419817&@k0&@l1&@m01Nonton%20-%20Nonton%20Movie21%20IndoXXI%20Rebahin%20Dunia21%20Layarkaca21&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-17831806&@b3:1669944420&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2F38.242.147.152%2F&@w HTTP/1.1 
Host: s4.histats.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.242.147.152/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         149.56.240.131
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Date: Fri, 02 Dec 2022 01:27:06 GMT
Content-Length: 51
Connection: close


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   51
Md5:    17e4b248b7d94c79ef9c1b846a2f8da0
Sha1:   f81cd0f72d775b63fc48d41cfc507f30815a5d35
Sha256: b2a764e45b7d776a0b91ac82b9dadb3c8fa8ca3a270536525ca833be4cb27c06
                                        
                                            GET /stats/0.php?4617300&@f16&@g1&@h1&@i1&@j1669944419817&@k0&@l1&@m01Nonton%20-%20Nonton%20Movie21%20IndoXXI%20Rebahin%20Dunia21%20Layarkaca21&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-130258403&@b3:1669944420&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2F38.242.147.152%2F&@w HTTP/1.1 
Host: s4.histats.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.242.147.152/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         149.56.240.131
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Date: Fri, 02 Dec 2022 01:27:06 GMT
Content-Length: 51
Connection: close


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   51
Md5:    17e4b248b7d94c79ef9c1b846a2f8da0
Sha1:   f81cd0f72d775b63fc48d41cfc507f30815a5d35
Sha256: b2a764e45b7d776a0b91ac82b9dadb3c8fa8ca3a270536525ca833be4cb27c06
                                        
                                            GET /stats/0.php?4617300&@f16&@g1&@h1&@i1&@j1669944419817&@k0&@l1&@m01Nonton%20-%20Nonton%20Movie21%20IndoXXI%20Rebahin%20Dunia21%20Layarkaca21&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:117160943&@b3:1669944420&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2F38.242.147.152%2F&@w HTTP/1.1 
Host: s4.histats.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.242.147.152/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         149.56.240.131
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Date: Fri, 02 Dec 2022 01:27:06 GMT
Content-Length: 51
Connection: close


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   51
Md5:    17e4b248b7d94c79ef9c1b846a2f8da0
Sha1:   f81cd0f72d775b63fc48d41cfc507f30815a5d35
Sha256: b2a764e45b7d776a0b91ac82b9dadb3c8fa8ca3a270536525ca833be4cb27c06
                                        
                                            GET /stats/0.php?4617300&@f16&@g1&@h1&@i1&@j1669944419817&@k0&@l1&@m01Nonton%20-%20Nonton%20Movie21%20IndoXXI%20Rebahin%20Dunia21%20Layarkaca21&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:129393413&@b3:1669944420&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2F38.242.147.152%2F&@w HTTP/1.1 
Host: s4.histats.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.242.147.152/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         149.56.240.131
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Date: Fri, 02 Dec 2022 01:27:06 GMT
Content-Length: 51
Connection: close


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   51
Md5:    17e4b248b7d94c79ef9c1b846a2f8da0
Sha1:   f81cd0f72d775b63fc48d41cfc507f30815a5d35
Sha256: b2a764e45b7d776a0b91ac82b9dadb3c8fa8ca3a270536525ca833be4cb27c06
                                        
                                            GET /stats/0.php?4617300&@f16&@g1&@h1&@i1&@j1669944419817&@k0&@l1&@m01Nonton%20-%20Nonton%20Movie21%20IndoXXI%20Rebahin%20Dunia21%20Layarkaca21&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:146903426&@b3:1669944420&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2F38.242.147.152%2F&@w HTTP/1.1 
Host: s4.histats.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.242.147.152/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         149.56.240.131
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Date: Fri, 02 Dec 2022 01:27:06 GMT
Content-Length: 51
Connection: close


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   51
Md5:    17e4b248b7d94c79ef9c1b846a2f8da0
Sha1:   f81cd0f72d775b63fc48d41cfc507f30815a5d35
Sha256: b2a764e45b7d776a0b91ac82b9dadb3c8fa8ca3a270536525ca833be4cb27c06
                                        
                                            GET /stats/0.php?4617300&@f16&@g1&@h1&@i1&@j1669944419817&@k0&@l1&@m01Nonton%20-%20Nonton%20Movie21%20IndoXXI%20Rebahin%20Dunia21%20Layarkaca21&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:103808089&@b3:1669944420&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2F38.242.147.152%2F&@w HTTP/1.1 
Host: s4.histats.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.242.147.152/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         149.56.240.131
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Date: Fri, 02 Dec 2022 01:27:06 GMT
Content-Length: 51
Connection: close


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   51
Md5:    17e4b248b7d94c79ef9c1b846a2f8da0
Sha1:   f81cd0f72d775b63fc48d41cfc507f30815a5d35
Sha256: b2a764e45b7d776a0b91ac82b9dadb3c8fa8ca3a270536525ca833be4cb27c06
                                        
                                            GET /stats/0.php?4617300&@f16&@g1&@h1&@i1&@j1669944419817&@k0&@l1&@m01Nonton%20-%20Nonton%20Movie21%20IndoXXI%20Rebahin%20Dunia21%20Layarkaca21&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:95352130&@b3:1669944420&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2F38.242.147.152%2F&@w HTTP/1.1 
Host: s4.histats.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.242.147.152/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         149.56.240.131
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Date: Fri, 02 Dec 2022 01:27:06 GMT
Content-Length: 51
Connection: close


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   51
Md5:    17e4b248b7d94c79ef9c1b846a2f8da0
Sha1:   f81cd0f72d775b63fc48d41cfc507f30815a5d35
Sha256: b2a764e45b7d776a0b91ac82b9dadb3c8fa8ca3a270536525ca833be4cb27c06
                                        
                                            GET /stats/0.php?4617300&@f16&@g1&@h1&@i1&@j1669944419817&@k0&@l1&@m01Nonton%20-%20Nonton%20Movie21%20IndoXXI%20Rebahin%20Dunia21%20Layarkaca21&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:162466915&@b3:1669944420&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2F38.242.147.152%2F&@w HTTP/1.1 
Host: s4.histats.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://38.242.147.152/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         149.56.240.131
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Date: Fri, 02 Dec 2022 01:27:06 GMT
Content-Length: 51
Connection: close


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   51
Md5:    17e4b248b7d94c79ef9c1b846a2f8da0
Sha1:   f81cd0f72d775b63fc48d41cfc507f30815a5d35
Sha256: b2a764e45b7d776a0b91ac82b9dadb3c8fa8ca3a270536525ca833be4cb27c06
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F356e23df-cb76-452a-b299-da5410086837.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 15495
x-amzn-requestid: 977cdbce-3a9c-4006-a5a1-5c4c82bd4a94
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfHDIFxzIAMFzEw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891ee0-4b2cb3a16ca745537a8caf8c;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:38:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KnOx0PJ8BR9OoAzXfuWk_Je_yawqzY4isC0hYTZRvJ74YiVs8jqyIQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:25:42 GMT
age: 10884
etag: "f799dfd89a4f5a452dc837b8616549f578fb4184"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   15495
Md5:    82ea44d6cb116fb1f5752ce9bb87e345
Sha1:   f799dfd89a4f5a452dc837b8616549f578fb4184
Sha256: e9087e7fce332289d67d4d5646d0233c2f2d871cc88dc1c51d5ea1e9f2fb5abd
                                        
                                            GET /releases/v5.0.8/css/all.css HTTP/1.1 
Host: use.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://38.242.147.152
Connection: keep-alive
Referer: http://38.242.147.152/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         172.64.133.15
HTTP/2 200 OK
content-type: text/css
                                        
date: Fri, 02 Dec 2022 01:27:00 GMT
x-amz-id-2: wPBx8O4kqkU4FV1MIKocAwDkxMI75DYShIrJSP7w4lliph7wdPRiMaO8o3EZeRVloBbcYKSMbTc=
x-amz-request-id: JRKQ0JHGGD86BA0N
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:28:03 GMT
etag: W/"265a36ec650d63e307e611cdf14d9b89"
cache-control: max-age=31556926
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XHJ5zPh1b333bnx%2FL7SPy70wB%2FEfDo3t6Ghknna36zNBK7Gm2WvDMnPKzaWBxXjUyEiD9Y0o85eC%2BMuxkCPNHWG23wjFZiFjsRaOqGK%2Fj%2B0FuhHf0y3x7DaRS80kILQqgqPFjQ6W"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77304713ed30d170-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---